The White House on Thursday backed a host of policy initiatives to better
safeguard privacy in the age of “big data,” including a law
to forge a single national standard for reporting data breaches, as it
unveiled a report commissioned by President Barack Obama.
During a January speech outlining reforms to controversial U.S. surveillance
tactics, Obama revealed that he had tapped a top adviser to review of
the privacy challenges presented by so-called big data, a common name
for the aggregation and analysis of large interconnected databases by
the government and private companies.
John Podesta, the Obama adviser who spearheaded the review, presented the
final report to the president on Thursday, and wrote in a blog post that
the 90-day review highlighted the potential for big data analytics to
result in “discriminatory outcomes,” providing an end-run
around civil rights protections for housing, employment, credit and consumer markets.
“No matter how quickly technology advances, it remains within our
power to ensure that we both encourage innovation and protect our values
through law, policy and the practices we encourage in the public and private
sector,” Podesta wrote, pointing to six specific policy recommendations
to balance privacy with the emergence of big data technology.
The review noted that data breach reporting is currently covered by a “patchwork”
of state laws, and urged Congress to pass a bill creating a single national
standard similar to what was outlined in the Obama Administration’s
2011 cybersecurity legislative proposal.
Podesta also called on Congress to enact the Consumer Privacy Bill of Rights
unveiled by the White House two years ago, which lays out seven principles
meant to promote increased notice, choice and transparency in the collection,
use and storage of consumers' personal information. Before the president
submits draft text of the bill to Congress, the U.S. Department of Commerce
should seek comment from stakeholders and the public on potential changes
to the bill of rights, according to the report.
Another recommendation from the review said that the federal government
should find ways to extend its privacy protections to foreigners, asking
the Office of Management and Budget to work with agencies to apply the
Privacy Act of 1974 to non-U.S. citizens “where practicable.”
The report also noted that detailed data profiles on consumers, combined
with “algorithm-driven decision-making,” can — whether
on purpose or not — lead to discrimination, what some have termed
“digital redlining.”
“The federal government's lead civil rights and consumer protection
agencies should expand their technical expertise to be able to identify
practices and outcomes facilitated by big data analytics that have a discriminatory
impact on protected classes, and develop a plan for investigating and
resolving violations of law,” Podesta wrote.
The final recommendations from the review proposed measures to make sure
data collected on students is used strictly for educational purposes,
and asked Congress to amend the Electronic Communications Privacy Act
to bring its provisions up to date with advances in email, Internet and
cloud storage technology.
Far from painting an entirely negative picture of big data, Podesta also
hailed the benefits of the phenomenon. For example, he pointed to how
a geospatial technology company called Esri is leveraging big data to
create real-time maps that help emergency services respond to tornado
outbreaks.
“The big data revolution presents incredible opportunities in virtually
every sector of the economy and every corner of society,” Podesta wrote.
The push to assess the impact of big data on consumer privacy stems from
the debate spurred by the release of secret documents that cast a harsh
light on the National Security Agency’s surveillance methods, including
its bulk collection of domestic phone records under Section 215 of the
Patriot Act.