Skip to Content

Government Surveillance, Privacy & Data

White House Strikes Right Chord on Privacy and Individual Security

Today, the White House announced a new federal initiative called the Cybersecurity National Action Plan (CNAP) encompassing a substantial new cybersecurity budget request and two new Executive Orders that would establish a Cybersecurity Commission and a cross-government Privacy Council. The goal of CNAP is to “enhance cybersecurity awareness and protections, protect privacy, maintain public safety as well as economic and national security, and empower Americans to take better control of their digital security.” The Center for Democracy & Technology (CDT) welcomes the President’s action, especially its inclusion of privacy provisions and individual empowerment in cybersecurity.

One executive order establishes a new, permanent federal privacy officer council that will consist of high-level officials from 24 government agencies and entities.

“The new privacy council is an important step forward in formalizing privacy oversight throughout the federal government. It has the potential to be a valuable mechanism for agencies with strong privacy practices, such as the Department of Homeland Security, to share their expertise across the government. Privacy should be treated more consistently across agencies and this should help achieve that result,” said Greg Nojeim, CDT Director of the Freedom, Security, and Technology Project.

As part of the President’s proposed budget, a $3.1 billon Information Technology Modernization Fund would be created. Additionally, a new position, Federal Chief Information Security Officer, will be created to drive cybersecurity policy across the federal government.

“These kinds of measures, rather than the generally misguided efforts of Congress around information sharing, are exactly the commitments the nation needs for stronger cybersecurity,” said Joseph Lorenzo Hall, CDT Chief Technologist. “Many of the components of the order fill gaps in the cybersecurity structure of the United States, including the Privacy Council, the Cybersecurity Commission, a Federal Chief Information Security Officer, and the increased funding for cybersecurity readiness.”

“The push for greater user empowerment is also important, especially around advocating for increased use of safety-enhancing technologies such as two-step authentication,” Hall added.