Privacy & Cybersecurity Law Blog

On October 10, 2023, the Centre for Information Policy Leadership at Hunton Andrews Kurth (“CIPL”) announced the publication of its White Paper on business-to-government (B2G) data sharing. 

Following the publication of a discussion draft earlier this year, and after hosting two roundtables, CIPL incorporated valuable feedback into the draft and expanded its list of recommended practices.

The white paper addresses the growing trend of localities requesting (and sometimes mandating) that data collected by the private sector be shared with the localities themselves. Such requests are generally not in the context of law enforcement or national security matters, but rather are part of an effort to further the public interest or promote a public good.

To the extent such requests are overly broad or not specifically tailored to the stated public interest, the White Paper states that the public sector’s adoption of accountability measures—which CIPL has repeatedly promoted for the private sector—can advance responsible data sharing practices between the two sectors. It can also strengthen the public’s confidence in data-driven initiatives that seek to improve their communities.

In conjunction with the publication of the White Paper, CIPL has created a one-page resource called “15 Steps to Accountable Data-Sharing Practices,” which businesses can share with local governments seeking access to private sector data. Businesses may use this resource to initiate constructive conversations with government representatives who may be unfamiliar with common expectations and best practices in the privacy and data security sphere.