Retro is a "No Go" When Privacy Rights Are Involved
May 29, 2009
Filed under Open Government
What do disco music, eight-track audio systems and beta videocassette tapes all have in common? They're all examples of technologies and fads that have come and gone since the Privacy Act of 1974 was last updated. Yesterday, the NIST Information Security and Privacy Advisory Board, tasked with identifying emerging managerial, technical, administrative, and physical safeguard issues relative to information security and privacy, released a report on working towards federal privacy policies that reflect the 21st century technological environment. CDT Vice President Ari Schwartz sits on the board, and helped develop the report. It seems clear that federal privacy standards written during a time when "data storage facility" literally referred to file cabinets is due for an update in the digital era. While the basic framework of the Privacy act has held up well over the past 35 years, changes need to be made to insure that the advent of new technologies do not threaten to undermine the protections that have been put in place. Today, the Center for Democracy & Technology unveiled an in-depth set of draft amendments to update the federal Privacy Act and address the challenges of the digital age as part of a panel discussion with government and privacy leaders. You can check it out on our UStream Channel here, or see some of the points that were made on our live Twitter feed. The announcement of our draft E-Privacy Act came as part of a panel discussion featuring government and privacy leaders that coincided with the release of the National Institute of Standards and Technology's federal Information Security and Privacy Advisory Board's report on its findings on government privacy rules. ISPAB has also called for significant changes to the existing federal privacy framework, and we think that our amendments address many of these concerns. With today's information technology and the promise of another 35 years of innovation before we get around to updating the Privacy Act again, it's important to create leadership within the federal government and try to ensure that the definitions of the Privacy Act are capable of protecting privacy in the face of technologies like data mining. In addition, it is important to make sure that the government takes advantage of innovative technologies to ensure that privacy notices are effective and informative to the public. We also want to hear how the public would like the Privacy Act updated and have created an interactive wiki to let the public help us draft amendments. Never before have "Washington insiders" opened the drafting of legislation to the public, for anyone to read, change, and comment on any part of the bill. CDT will edit and moderate this open process and, if appropriate, incorporate suggestions in the final bill it submits to Congress. Come help us re-write the Privacy Act for the next 35 years.