The White House finished their brief review of Big Data and privacy, presenting a technical report and policy recommendations to President Obama on May 1. The ninety day process included a public consultation with comments submitted by interested parties like MRA, several workshops around the country, and even a poorly-executed attempt to survey public opinion.

In a blog post on WhiteHouse.gov, the President’s advisor, John Podesta, echoed concerns from more than a few corners that the traditional “notice and consent” approach to privacy, “in which a user grants permission for a service to collect and use information about them,” may be waning as a meaningful way for consumers to control their privacy when consumers’ data “is increasingly used and reused in ways that could not have been anticipated when it was collected.” He also hit upon “the potential for Big Data analytics to lead to discriminatory outcomes and to circumvent longstanding civil rights protections in housing, employment, credit, and the consumer marketplace.” MRA had highlighted that in our comments to the White House as one of the only potential tangible harms from Big Data that privacy activists have been able to identify.

President Obama's push for this review of Big Data and privacy was one of the reasons he ranked in the top 10 government players in consumer privacy for 2014.

Of the six policy proposals advanced in the White House policy report, “Big Data: Seizing Opportunities, Preserving Values,” only the first two are of clear interest to the survey, opinion and marketing research profession:

  1. Advance the Consumer Privacy Bill of Rights; and
  2. Pass National Data Breach Legislation.

Both of these recommendations are priorities generally shared by MRA and the research profession, though we differ on some of the details.

We generally agree with Podesta that “Consumers deserve clear, understandable, reasonable standards for how their personal information is used in the Big Data era,” which is why MRA supports the development of a federal baseline data privacy law. We also welcome the recommendation that the Department of Commerce reopen the public consultation on the White House’s Consumer Privacy Bill of Rights initiative and update it and look forward to being a part of that process, as we were the first time. However, we are a tad skeptical at this point that the White House has enough time and political capital to operationalize the Consumer Privacy Bill of Rights by drafting legislation “for consideration by stakeholders and submission by the President to Congress” that will have any chance of moving the privacy debate forward. The DC rumor mill has churned for several years that the White House was preparing such comprehensive data privacy legislation but no one so far has seen evidence of it. Other comprehensive data privacy proposals from the FTC and various Congressmen and Senators have not advanced.

Meanwhile, MRA is cautiously optimistic about the most important outgrowth of the Consumer Privacy Bill of Rights report: the multistakeholder process. While the first such effort focused on mobile apps privacy ended somewhat ambiguously last year, the second effort on facial recognition privacy, is already well underway. MRA has been an active participant, presenting a white paper on how marketing research uses facial recognition technology as part of a panel on February 5.

Of course, on data security, we agree wholeheartedly with Podesta that “Congress should pass legislation that provides for a single national data breach standard.” However, with multiple bills circulating in Congress with conflicting jurisdiction and disagreement over fundamental issues (like what information will be covered and what powers various entities will exercise in enforcement), this goal we share with the White House will not likely advance this year without President Obama making it a serious political priority.

The policy report also included some results from the White House’s “poll.” Possibly in response to criticism raised by MRA, the report authors took pains to note that “this process was a means of gathering public input and should not be considered a statistically representative survey of attitudes about data privacy.”

Concurrent with the policy report, the President’s Council of Advisors on Science and Technology (PCAST) released “Big Data and Privacy: A Technological Perspective,” more focused on the technology and technical aspects of Big Data.

Podesta concluded his blog post on an upbeat note: “While Big Data presents new challenges, it also presents immense opportunities to improve lives; the United States is perhaps better suited to lead this conversation than any other nation on earth. Our innovative spirit, technological know-how, and deep commitment to values of privacy, fairness, non-discrimination, and self-determination will help us harness the benefits of the Big Data revolution and encourage the free flow of information while working with our international partners to protect personal privacy. This review is but one piece of that effort, and we hope it spurs a conversation about Big Data across the country and around the world.”

We will dig deeper into various details of both the technical and the policy reports on Big Data and privacy, to explore what they might mean for the research profession, in short order.