Obama announces data privacy safeguards for consumers, students
Editor’s note: This story has been updated to include breaking news about the hack of U.S. Central Command’s social media accounts.
President Barack Obama announced several measures Monday aimed at protecting Americans’ data in the wake of stolen data and hacked computer systems that have made headlines in the past year.
Speaking at the Federal Trade Commission, Obama proposed two new laws: The Personal Data Notification and Protection Act and the Student Digital Privacy Act, saying that “in this dizzying age of technology and innovation, so much of the prosperity we seek depends on our digital economy.”
“If we are going to be connected, we need to be protected,” Obama said. “As Americans, we shouldn’t have to forfeit our basic privacy when we go online to do our business.”
The cybersecurity focus follows the fallout from a number of high-profile cyber attacks in the past year. While the attack on Sony Entertainment has dominated recent headlines, high-profile retailers Home Depot and Target also suffered large breaches that exposed the data of millions of consumers.
The Personal Data Notification and Protection Act will establish a 30-day notification requirement during which companies must alert consumers if their data has been stolen, establishing a national response standard for companies that normally have to rely on a hodgepodge of state laws.
The Student Digital Privacy Act will prevent companies from selling student data that has been collected through digital education products, such as in-classroom tablets or digital textbooks, to third parties. The act comes on the heels of a similar statute passed in California last year.
“We believe that this won’t just give parents more piece of mind, we’re confident that it will make sure the tools we use in the classroom will actually support the breakthrough research and innovations that we need to keep unlocking new educational technologies,” Obama said.
Additional measures introduced Monday include a “voluntary code of conduct” where companies will further protect Americans’ energy usage data and provide easier access to credit scores as an early warning system of identity theft.
Obama will spend this week focusing on cybersecurity as he continues to preview initiatives he will highlight in his upcoming State of the Union address on Jan. 20. The president will also speak Tuesday at the National Cybersecurity and Communications Integration Center, addressing ways the public and private sectors can better share cybersecurity information.
“This is one of those new challenges in our modern society that crosses those old divides,” Obama said. “It transcends politics, it transcends ideology, liberal, conservative, Democrat, Republican, everybody’s online and everybody understands the risks and vulnerabilities, as well as the opportunities that are presented by this new world.”
Digital rights groups reacted positively to the president’s announcements, saying the bills give “added momentum” to the need for privacy protections.
“For too long, it has been America’s companies taking the lead in protecting the privacy of consumers without clear or consistent guidance from government,” Nuala O’Connor, president and CEO of the Center for Democracy and Technology, said. “It’s time we have comprehensive privacy legislation to help build consumer trust, promote technological innovation, and create a digital framework that respects the right to privacy in our daily lives.”
The Software and Information Industry Association (SIIA), which helped with the Student Data Privacy Pledge, said while student data needs to be protected, it hopes the federal government does not add to the already-confusing patchwork of regulations educational companies face at the state and local level.
“We agree with the need to continually review policies and practices that safeguard student data,” Mark MacCarthy, SIIA vice president of public policy, said in a released statement. “But at a time when our nation has increasingly stiff global competition, we must balance privacy protection with the critical need for local schools and teachers to have access to advanced learning technologies.”
During Obama’s speech, a group claiming to be affiliated with the Islamic State hacked the official Twitter and YouTube accounts of the U.S. Central Command, posting official personnel roster information, pro-ISIS videos and even presentation slides that appear to be related to military contingency plans for China and North Korea.