«

»

Jan 22 2015

Obama Addresses Privacy, Security at SOTU Address

By Alexandra Vesalga, Esq., Regulatory Intelligence Analyst, TRUSTe

In this week’s State of the Union Address, the president remarked on several privacy and cybersecurity initiatives in the works, including a proposed federal data breach law, a renewed proposal for a consumer privacy bill of rights and a student data privacy bill.

Privacy was expected to be a central topic in the address based on the president’s comments last week at the Federal Trade Commission, but comments on privacy were fleeting. All things considered, any nod to privacy — a once fringe (still sometimes fringe) topic — is notable. The president’s discussion of privacy reform initiatives during the address indicates that privacy issues are moving into the political and policy foreground, and that Americans care about the privacy of their information more than ever before.

Some interesting insights may be gleaned from examining the way President Obama discussed privacy. Looking specifically to the text of the address, it is noteworthy that privacy issues are presented squarely within a security context. For instance, the president discussed cybersecurity as a national security issue, weaving privacy issues into his call for action:

“No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families, especially our kids. . . . [T]onight, I urge this Congress to finally pass the legislation we need to better meet the evolving threat of cyber-attacks, combat identity theft and protect our children’s information. If we don’t act, we’ll leave our nation and our economy vulnerable. If we do, we can continue to protect the technologies that have unleashed untold opportunities for people around the globe.”

Privacy lawyers and privacy professionals, you know this one: “there is no privacy without security.” Privacy and security may be interdependent, but they are certainly discrete — “Security is about what happens on the back end to keep collected data safe, while privacy focuses on what happens when you start using that data,” says Joanne Furtsch, Director of Product Policy at TRUSTe. Cyber threats are a security issue. Identity theft and data breaches are security issues. But allowable uses of student and children’s data are unquestionably issues of privacy. So, why the mashup?

At his FTC address last week, we saw President Obama tackle privacy head-on:

“We believe that consumers have the right to decide what personal data companies collect from them and how companies use that data, that information; the right to know that your personal information collected for one purpose can’t then be misused by a company for a different purpose; the right to have your information stored securely by companies that are accountable for its use.”

Next month, we can expect more robust privacy updates from President Obama as he introduces his revised consumer privacy bill of rights, which seeks to federally regulate the collection, use and disclosure of individuals’ information.

What do you think about the president’s approach to privacy and security?