The Obama administration in its final week published a report on the White House website recounting its attempts to improve consumer privacy protections, including its work to coax legislators to enshrine the Consumer Privacy Bill of Rights that it put forth in 2012 into law. On Friday, following the inauguration of President Donald Trump, the "Privacy in our Digital Lives: Protecting Individuals and Promoting Innovation" report was replaced with a smiling photo of Mr. Trump and Vice President Mike Pence, along with a request for data in the form of an email sign-up: "Sign up for updates from President Donald J. Trump!"
Although the page was later changed to remove the email sign-up request, the irony seemed particularly fitting. Civil liberties advocates worry about potential privacy infringements that could emerge under an administration that has promised to strengthen law enforcement, enhance surveillance efforts and monitor immigrant groups, steps that could very well involve increased data collection by the U.S. government, some of it derived from the same commercial sources advertisers use.
Indeed, no matter who won the 45th presidency, any administration was to face the data security and privacy challenges that come with transformative technological advancements such as artificial intelligence, machine learning, self-driving vehicles and drones.
The Obama administration itself prompted a massive backlash against overreaching government data use and surveillance when the National Security Administration's PRISM program was exposed in 2013.
The Privacy in our Digital Lives report, which went virtually unnoticed amid a media trained on the incoming administration as well as outgoing President Obama's controversial pardon of classified document leaker Chelsea Manning, identifies "areas where individuals may encounter unique issues of privacy and where the next Administration may wish to begin addressing these policy challenges." Those include financial privacy, drone privacy, children's and student privacy, as well as broadband privacy, which was bolstered by new privacy rules for internet service providers established by the Federal Communications Commission in 2016 by a now-departed Chairman Tom Wheeler.
"[W]ith so much of our daily lives occurring online and through technology -- whether consumers, workers, or among family and friends -- data collection and transmission can seem omnipresent, and to some, omniscient. That is why we put forward groundbreaking policies, brokered new industry consensus, developed new tools of enforcement, and put into place new global privacy norms," wrote President Obama in the introduction to the report, now removed from WhiteHouse.gov. (It can still be found here.)
Missed privacy opportunity
Pam Dixon, executive director of World Privacy Forum, calls this moment a defining one. "The privacy movement has to mature right now," she said. "The concern that I have is we are going to have very aggressive implementations of technology that are not preceded by policy."
The World Privacy Forum was founded by Ms. Dixon in 2003 and is funded by the Rose Foundation Consumer Privacy Rights Fund, the California Consumer Protection Foundation, individual donors, Cy Pres privacy settlements and "general support funding from corporations," it says. The organization researches topics such as biometrics and mobile privacy and has published reports including "The Scoring of America: How Secret Consumer Scores Threaten Your Privacy and Your Future."
Ms. Dixon cited her most immediate concern, national identity cards. The longtime privacy technologist and consultant worked in India recently evaluating that country's own national ID system, which encompasses more than a billion people. "Even to open a bank account you have to have this card," she said. "It's a centralized database and it's a mess. It's a civil liberties mess and a human rights mess."
Under the Trump administration, it's anyone's guess what will become of the Obama administration's Consumer Privacy Bill of Rights, introduced in 2012, and the legislative efforts surrounding it -- such as a moribund 2014 bill intended to limit data broker practices.
The lofty goal of that initiative was for privacy and civil liberties groups to work with industry in a multi-stakeholder process to adopt principles for transparency and consumer control over data collection, data collection limits, data security, and the ability for consumers to correct personal data to avoid potential discrimination such as being denied a job, a loan or insurance coverage.
As far as Ms. Dixon is concerned, the opportunity for what seemed like inevitable privacy legislation just a few years ago, as propelled by the Obama administration's multi-stakeholder process, was squandered. She blames privacy proponents' failure to compromise with other stakeholders including industry representatives on legislation for data privacy protections -- legislation drafted by the National Telecommunications and Information Administration as part of that Consumer Privacy Bill of Rights project.
"In my personal opinion, the Obama administration was ready to play ball with privacy and it wasn't the Obama administration that dropped the ball," she said. "This was a lost opportunity by the privacy and consumer and civil liberties groups." Without an administration supporting the idea of stronger legal consumer privacy protections, she suggested the movement may have wasted its best chance at pushing for passage of a law informed by the administration's work, which could have been in place today to prevent potentially overreaching government and commercial privacy infringements.
"For me the big piece was that it put into formal legislation the idea that people have privacy rights," said Ms. Dixon. "It was not perfect, not by a longshot, but boy, now we have zippo."