TrustArc Blog

Obama to Introduce New Data Privacy Initiatives at Next Week’s SOTU

January 14, 2015

The word is out that data privacy will be a key issue in President Obama’s State of the Union address next week (Jan. 20). This week, the president met with the Federal Trade Commission to give a preview of the new data privacy initiatives he plans to introduce.  The anticipated legislation includes the Personal Data Notification and Protection Act, and the Student Data Privacy Act.  The overall aim of the president’s proposed legislation is to tackle identity theft as well as protect student and consumer privacy at a federal level.

Everyone wants to know how the president’s proposed initiatives will impact businesses. But we don’t have to wait until next week since numerous commentators have already shared details of the president’s plan to tackle these timely issues.

The Personal Data Notification and Protection Act “would demand a single, national standard requiring companies to inform their customers within 30 days of discovering their data has been hacked,” according to the New York Times. In the president’s meeting with the FTC commissioners, he said that the current patchwork of state laws are a costly burden to companies and fail to protect Americans.

The president also would like to codify the 2012 Consumer Privacy Bill of Rights in 45 days, among other privacy protection measures.

President Obama wants privacy regulated by the federal government as opposed to individual state governments, which can vary significantly in approach. Compliance complications can arise when state governments regulate privacy since it requires companies to comply with a myriad of differing state laws, which can cause confusion.

However, some are concerned that such legislation could be too restrictive and stifle innovation.

The second piece of legislation relates to student data. The Student Data Privacy Act aims to protect students who use technology in classrooms by preventing advertisers from tracking students and serving them ads, in addition to better protecting students’ personal data. The president is adamant that the personal data of students should be used for educational purposes only.

If all of the proposed legislations are passed, it would result in a “sea-change in privacy law in the USA,” according to IAPP contributor and lawyer, Reed Freeman. However, he adds, getting all the legislation passed is unlikely.

Freeman also noted that three of the five FTC commissioners the president met with are from his party. “By giving the speech at the FTC, the president is trying to communicate that the administration and at least a majority of the FTC commissioners are aligned on key privacy and data security initiatives,” Freeman wrote.

A press release from the White House published on Jan.12 details the president’s proposed legislation, some of which builds upon existing legislation, as well as all issues related to data privacy and security that the president wants to address in the next two years.

“The more we do to protect consumer information and privacy, the harder it is for hackers to damage our businesses and hurt our economy,” President Obama said.

On Tuesday, the president addressed the Department of Homeland Security’s National Cybersecurity and Communications Integration Center to share details of the initiatives that would impact cybersecurity.

The president also announced a Summit on Cybersecurity and Consumer Protection taking place on Feb. 13, 2015. The all-day event will be hosted at Stanford where government officials, CEOs, consumer advocates and other stakeholders will convene to discuss consumer protection measures, cybersecurity, and focus on increasing collaboration between the public and private sectors.

Read more about the proposed legislation here, and subscribe to the TRUSTe blog to learn more about privacy legislation and best practices.

What do you think about President Obama’s proposed privacy legislation? Tell us in the comments.