Privacy & Information Security Law Blog

On December 8, 2010, the U.S. House of Representatives approved the Social Security Number Protection Act of 2010 (S. 3789), which is aimed at reducing identity theft by limiting access to Social Security numbers.  The bill prohibits printing Social Security numbers, or any derivative of a Social Security number, on government-issued checks, and bars federal, state and local government entities from employing prisoners in jobs that would allow them to access Social Security numbers.  Although there are numerous state laws on the books to safeguard Social Security numbers, the ...

On November 15, 2010, the Centre for Information Policy Leadership filed comments with the Department of Commerce in response to the Department’s Notice of Inquiry (“NOI”) on the Global Free Flow of Information on the Internet.  The NOI was issued pursuant to an examination by the Department’s Internet Policy Task Force of issues related to restrictions on information flows on the Internet.  The NOI poses wide-ranging questions related to why such restrictions were instituted; the impact restrictions may have on innovation, economic development, global trade and investment; and how best to deal with any negative effects.  In the NOI, the Department acknowledges the benefits that businesses, emerging entrepreneurs and consumers derive from the ability to transmit information quickly and efficiently both domestically and internationally.  It also recognizes the integral role the free flow of information plays in promoting economic growth and democratic values essential to free markets and free societies.  The Department also articulated goals such as helping industry and other stakeholders operate in diverse Internet environments, and identifying policies that will advance economic growth and create job opportunities for Americans.

Earlier today, a Department of Commerce official briefed Hunton & Williams and Centre for Information Policy Leadership representatives on the Department’s forthcoming “Green Paper” on privacy.  On November 12, 2010, Telecommunications Reports Daily published an article based on information obtained from an unofficial, pre-release draft version of the Green Paper.  It remains to be seen which portions of the leaked draft ultimately will survive the interagency approval process currently underway.  The Department of Commerce representative emphasized that the content of the draft Green Paper currently undergoing review is consistent with Assistant Secretary of Commerce Larry Strickling’s October 27, 2010, speech in Jerusalem.  In his speech, Secretary Strickling explained that the Department is calling it a “Green” Paper, “not because of its environmental impact, but because it contains both recommendations and a further set of questions on topics about which [the Department] seek[s] further input.”

The White House recently announced on its official blog that the National Science and Technology Council’s Committee on Technology has launched a new Subcommittee on Privacy and Internet Policy.  The subcommittee will be co-chaired by a representative from the Department of Commerce and the Department of Justice and will include representatives from over a dozen other departments and federal agencies, such as the Department of Health and Human Services and the National Security Council.  The goal of the subcommittee is to “develop principles and strategic directions” that will foster “consensus in legislative, regulatory, and international Internet policy realms.”  Some of these principles include “facilitating transparency, promoting cooperation, empowering individuals to make informed and intelligent choices, strengthening multi-stakeholder governance models, and building trust in online environments.”

“The Department of Commerce is back.”  With those words Cameron Kerry, General Counsel of the U.S. Department of Commerce, made it clear the Department intends to take a leading role in shaping domestic privacy policy and representing U.S. privacy interests in international discussions.  The announcement was made at the May 7, 2010, Department of Commerce symposium, “A Dialogue on Privacy and Innovation,” where the mostly business audience welcomed Mr. Kerry’s declaration with great enthusiasm.

According to BNA’s Privacy Law Watch, on March 8, 2010, Senator Patrick Leahy asked President Obama to nominate members for the dormant Privacy and Civil Liberties Oversight Board.  The Board, which was created in 2004 upon the recommendation of the 9/11 Commission, focuses on ensuring that privacy and civil liberties concerns are incorporated into anti-terrorism laws and regulations.  Although President Obama had pledged in May 2009 to reconstitute the board, which has had no members since January 2008, privacy advocates say that his focus on cybersecurity issues has delayed ...

On June 30, 2009, the Obama Administration sent legislation to Congress that would create a new Consumer Financial Protection Agency ("CFPA").  Working with state regulators, the new agency would assume authority for the privacy provisions of the Gramm-Leach-Bliley Act, and would have the power to write rules and impose penalties pursuant to a variety of existing statutes, including the Fair Credit Reporting Act and the Fair and Accurate Credit Transactions Act.  To date, these powers have been shared among all financial services regulators, including the Federal Trade ...

The Obama Administration today formally announced its sweeping proposal for new regulation of the financial industry.  The plan proposes the formation of a new watchdog agency that would seek to protect consumers' interests.  The proposal raises a number of privacy and data security questions, such as the role of the new financial services consumer protection agency in protecting privacy and data security and the continued role of the Federal Trade Commission as the lead agency in this area.  The announcement is available here.  We will keep you posted as more details regarding the plan ...

The White House today released the report from the 60-day cybersecurity review the President ordered in February. Speaking to a packed audience in the East Room, President Obama outlined the broad range of threats facing the digital infrastructure, focusing not only on national security and organized crime attacks, but also on identity theft and incursions into individual privacy.

He promised a “new comprehensive approach to securing our nation’s infrastructure,” including appointment of a White House cybersecurity coordinator reporting to both the National Security Council and the National Economic Council. The coordinator would have broad responsibilities, but little direct authority, although the President did promise that the coordinator would have access to him.

News last week that Chinese and Russian hackers had infiltrated the U.S. electrical power grid gave practical significance to already high-profile issues in Washington -- how better to secure the nation’s cyber-infrastructure.  Late in 2008, the Center for Strategic and International Studies Commission on Cyber Security for the 44th Presidency (the Commission) released a report citing the U.S.’s failure to protect cyberspace as “one of the most urgent national security problems” facing the Obama administration.  The failure threatens the safety and well-being of the United States and its allies and raises immediate risks for the economy.  In a global economy, where economic strength and technological leadership are as important to national power as military force, failing to secure cyberspace puts the U.S. at a disadvantage.  When Chinese and Russian intruders apparently left software on networks supporting the U.S. power grid that could be used to compromise electric and water systems, the warnings of the Commission proved true in a real-world way.

The Centre for Information Policy Leadership provides the following thoughts on the Obama Administration's views on privacy:
 
The themes of President Obama’s inaugural address not only conveyed a strong message to the nation, but reflected current concerns about data governance shared by privacy professionals and policymakers as well.  His speech captured the importance of individual responsibility in public and personal life as America faces challenging economic times.  In demanding accountability from government, he required that the nation’s work be conducted “in the light of day -- because only then can we restore the vital trust between a people and their government.”  Obama’s remarks about the potent values of responsibility and accountability apply in the information-intensive world of business.