In this week’s State of the Union Address, the president remarked on several privacy and cybersecurity initiatives, including a proposed federal data breach law, a renewed proposal for a consumer privacy bill of rights, and a student data privacy bill.
Privacy was expected to be a central topic in the address based on the president’s comments last week at the Federal Trade Commission, but comments on privacy were fleeting. All things considered, any nod to privacy — a once-fringe (still sometimes fringe) topic — is notable.
Privacy Issues Presented within a Security Context
The president’s discussion of privacy reform initiatives during the address indicates that privacy issues are moving into the political and policy foreground, and Americans care more about the privacy of their information than ever before.
Some interesting insights may be gleaned from examining President Obama’s discussion of privacy. Looking specifically at the text of the address, it is noteworthy that privacy issues are presented squarely within a security context.
For instance, the president discussed cybersecurity as a national security issue, weaving privacy issues into his call for action:
“No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families, especially our kids. . . . [T]onight, I urge this Congress to finally pass the legislation we need to better meet the evolving threat of cyber-attacks, combat identity theft and protect our children’s information. If we don’t act, we’ll leave our nation and our economy vulnerable. If we do, we can continue to protect the technologies that have unleashed untold opportunities for people around the globe.”
Privacy lawyers and privacy professionals know this one: “there is no privacy without security.”
Yet, There are Differences Between Privacy and Security
Privacy and security may be interdependent, but they are certainly discrete — “Security is about what happens on the back end to keep collected data safe, while privacy focuses on what happens when you start using that data,” says Joanne Furtsch, Director of Product Policy at TRUSTe.
Cyber threats are a security issue. Identity theft and data breaches are security issues. But allowable uses of student and children’s data are unquestionably issues of privacy. So, why the mashup?
At his FTC address last week, we saw President Obama tackle privacy head-on:
“We believe that consumers have the right to decide what personal data companies collect from them and how companies use that data, that information; the right to know that your personal information collected for one purpose can’t then be misused by a company for a different purpose; the right to have your information stored securely by companies that are accountable for its use.”
Next month, we can expect more robust privacy updates from President Obama as he introduces his revised consumer privacy bill of rights, which seeks to federally regulate the collection, use, and disclosure of individuals’ information.