President Barack Obama visited the Federal Trade Commission (FTC) today to launch his latest proposals on data security and consumer privacy.
"If we’re going to be connected, then we need to be protected," the President insisted.
The President discussed his proposed legislation, "The Personal Data Notification & Protection Act," which would require businesses suffering a data security breach to notify affected consumers within 30 days of discovery, empower the FTC to handle enforcement, and set a national standard.
He also discussed his proposed "Student Digital Privacy Act," which may preclude some collection and use of data on students for research purposes, and some proposals to protect consumers' energy usage data as part of the smart grid.
Finally, the President committed to releasing legislation that would operationalize the White House's Consumer Privacy Bill of Rights.
Of course, this is not the first time Obama has weighed in on data security, and the White House has been promising a bill to act upon the Consumer Privacy Bill of Rights for a long time. Real details on both fronts have simply not been shared.
MRA shares the President's interest in a pre-emptive federal standard for data security, to replace the patch-work of conflicting state laws. Multiple bills in the House and Senate in the last couple of years (including S. 1927, S. 1897, S. 1976, S. 1995, S. 1193, and H.R. 1468) did not advance. However, MRA will continue to advocate on the hill for consensus legislation that protects consumers and the interests of the survey, opinion and marketing research profession. It remains to be seen if the President's involvement will help or hurt as we start a new year with the GOP in control of both sides of Congress, since it did not seem to matter a lot under Democrat rule.
Even more so, the peak moment for comprehensive data privacy legislation was in 2010-11, when the FTC, then-Senator John Kerry, then-Congressman Cliff Stearns, and Congressman Bobby Rush, all put forth their proposals. The White House might have made an impact by putting forth a draft at that point, when Democrat leaders were in a good position to act upon it. However, the devil is always in the details. While MRA supports a baseline federal data privacy law, our conception of a baseline is rather different from that conceived by the Administration.
Other privacy players are moving ahead regardless. The FTC continues to grapple with the Internet of Things, Big Data and data brokers, and Reps. Marsha Blackburn and Peter Welch are considering data security and privacy legislation resulting from their meetings in the House Privacy Working Group over the last two years. It is unclear if the President's proposals will have much impact as the privacy and security details get thoroughly vetted.
UPDATE: The White House released the full draft of President Obama's Personal Data Notification & Protection Act.