The White House on Thursday suggested updates to laws and other measures to enhance privacy and prevent discrimination based on the data trail left by consumers on their phones and computers that companies and researchers collect and analyse.
Both privacy advocates and tech groups found something to like within the 90-day “Big Data” review, led by John Podesta, a top adviser to President Barack Obama.
The review consulted internet companies such as Google and Facebook, data miners like Acxiom, as well as academics, advertising agencies, legal experts, civil rights groups and intelligence agencies.
The White House threw its support behind a legislative update to a privacy law for e-mail, the Electronic Privacy Communications Act. The bill, which protects e-mail and other data stored in the cloud, has stalled in Congress, but is backed by privacy groups and the tech sector.
The review also recommended legislation to create a national standard for telling consumers when their data has been hacked to improve upon a patchwork of state laws for data breaches, such as the December breach at retailer Target.
The Commerce Department also said it would look at how to codify a “Consumer Privacy Bill of Rights” that calls for consumers to have more say in how their data is used, first drafted by White House in 2012.
The emphasis on data protections pleased Marc Rotenberg, executive director of the Electronic Privacy Information Centre.
“We see ‘Big Data’ as one of the great privacy challenges facing the country,” said Rotenberg, who teaches information privacy law at Georgetown University Law Centre.
“The question now is what steps will be taken to implement the recommendations,” he said in an interview.
Congress is unlikely to advance legislation ahead of mid-term elections in November, and timelines for other ideas in the report were unclear.
Obama’s campaign team made deft use of big data analytics to target supporters during his election campaigns, and his administration has championed using data to advance its health, education and climate agendas.
But he asked for the review of “Big Data” after a backlash at home and abroad following leaks by former National Security Agency (NSA) contractor Edward Snowden about the government’s data collection programmes.
The review gave a nod to concerns raised by European allies shocked by the extent of US surveillance on foreigners revealed by Snowden, saying government agencies should look at how to apply the Privacy Act of 1974 to non-US persons.
But otherwise, the Podesta report sidestepped national security uses of big data, instead seeking to put the debate over privacy in a broader context.
“We were disappointed by the actual scoping of the report to largely avoid the especially hard issues around NSA surveillance and, more generally, intelligence community use of big data techniques,” said Lee Tien, a senior staff attorney with the Electronic Frontier Foundation.
The review highlighted the social good that data collection and analysis can do in areas such as medical research, but also pointed out that the same techniques could be used to discriminate against consumers for housing or jobs.
“Big Data raises serious questions about how we protect our privacy and other important values in a world where data collection is increasingly ubiquitous and where analysis is conducted at speeds approaching real time,” Podesta told reporters.
The review raised the spectre of algorithms crunching data to “digitally redline” people based on race or where they live, and recommended that the government hire more people who know how to use technology to spot and investigate violations.
But some industry groups said that finding may raise unwarranted fears about big data techniques without providing any evidence that they have been used to discriminate against people for housing, jobs or credit. They said the review failed to highlight the privacy protections already in place.
“It’s less finding a smoking gun, and it’s more saying, ‘Let’s go look for one,’” said Mark MacCarthy, head of public policy for the Software and Information Industry Association, a trade group.