CDT Welcomes Strong Privacy Provisions in Obama Cybersec Order
Washington - CDT is pleased that President Obama's cybersecurity order signed today includes strong protections for privacy and civil liberties.
The executive order requires agencies to ensure that privacy and civil liberties protections are incorporated into all cybersecurity activities of the federal government. In addition, privacy officials for DHS and other agencies must assess the privacy risks associated with their cybersecurity activities in a publicly available report, to be updated annually, and the national Cybersecurity Framework, to be completed within one year, must include methodologies to protect indvidual privacy and civil liberties.
"The executive order says that privacy must be built into the government's cybersecurity plans and activities, not as an afterthought but rather as part of the design," said CDT President Leslie Harris. "By explicitly requiring adherence to fair information practice principles, the order adopts a comprehensive formulation of privacy. The annual privacy assessment, properly done, can create accountability to the public for government actions taken in the name of cybersecurity."
Harris also praised portions of the order encouraging government agencies to share cyberthreat insights with private sector companies that own and operate critical infrastructure.
"CDT has long argued that one of the best things government can do to bolster cybersecurity is to share the cyberthreat insights and expertise it has with private industry," Harris explained. "Rather than having the government monitor private networks, it is better for security and privacy to have private entities protect their own systems and networks. Better sharing of what the government knows will enhance that effort."