Welcome!

Government Cloud Authors: Elizabeth White, Pat Romanski, Dana Gardner, Liz McMillan, Gopala Krishna Behara

Related Topics: Cloud Security, Government Cloud

Cloud Security: Blog Feed Post

Privacy, Security, Functionality and Enhanced Benefits of Free Commerce

If you are a technologist in the IT industry I would like to recommend some reading to you

If you are a technologist in the IT industry I would like to recommend some reading to you.

The US Department of Commerce has unveiled a report which includes a policy framework designed to enhance the protection of consumer privacy online while supporting innovation and continued enhancement of functionality for consumers.

The report was developed with a broad range of stakeholders in the innovation and technology community, and is a sound framework that I believe we should all just move out on.  However, the department is soliciting inputs if you have other suggestions on this work.

Below I’m providing their official press release plus a link to the full report.

I would also like to recommend you review the charter and website of the Internet Policy Task Force that shaped this framework.  Their site is at: http://www.ntia.doc.gov/internetpolicytaskforce/

FOR IMMEDIATE RELEASE
December 16, 2010
CONTACT OFFICE OF PUBLIC AFFAIRS
202-482-4883

Calls for consideration a new set of principles – A “Privacy Bill of Rights”

The Department of Commerce today issued a report detailing initial policy recommendations aimed at promoting consumer privacy online while ensuring the Internet remains a platform that spurs innovation, job creation, and economic growth.  The report outlines a dynamic framework to increase protection of consumers’ commercial data and support innovation and evolving technology. The Department is seeking additional public comment on the plan to further the policy discussion and ensure the framework benefits all stakeholders in the Internet economy.

“America needs a robust privacy framework that preserves consumer trust in the evolving Internet economy while ensuring the Web remains a platform for innovation, jobs, and economic growth. Self-regulation without stronger enforcement is not enough. Consumers must trust the Internet in order for businesses to succeed online.” said Commerce Secretary Gary Locke. “Today’s report is a road map for considering a new framework that is good for consumers and businesses.  And while our primary goal is to update the domestic approach to online privacy, we are optimistic that we can take steps to bridge the different privacy approaches among countries, which can help us increase the export of U.S. services and strengthen the American economy.”

Today’s report, based on extensive public input and discussion, recognizes the growing economic and social importance of preserving consumer trust in the Internet.  Global online transactions are currently estimated at $10 trillion annually. Between 1998 and 2008, the number of domestic IT jobs grew by 26 percent – four times faster than U.S. employment as a whole – with IT employment projected to increase another 22 percent by 2018.

The report notes that the nation’s privacy framework must evolve to keep pace with changes in technology, online services and Internet usage. To keep the digital economy growing, consumers need more transparency and control when it comes to the use and protection of their personal information, and innovators need greater certainty in order to meet consumer privacy expectations and the array of regulatory requirements they face around the world.

The following are key recommendations in today’s preliminary report, Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework:

Consider Establishing Fair Information Practice Principles comparable to a “Privacy Bill of Rights” for Online Consumers
The report recommends considering a clear set of principles concerning how online companies collect and use personal information for commercial purposes. These principles would be recognized by the U.S. government and serve as a foundation for online consumer data privacy. They would build on existing Fair Information Practice Principles (FIPPs) that are widely accepted among privacy experts as core obligations.

The adoption of baseline FIPPs, akin to a “Privacy Bill of Rights. Should prompt companies to be more transparent about their use of consumer information; to provide greater detail about why data is collected and how it is used; to put clearer limits on the use of data; and to increase their use of audits and other ways to bolster accountability.

Consider Developing Enforceable Privacy Codes of Conduct in Specific Sectors with Stakeholders; Create a Privacy Policy Office in the Department of Commerce
In considering new policies for commercial privacy, the government should enlist the expertise of industry, consumer groups, privacy advocates, and other stakeholders.  In particular, the report recommends establishing a privacy policy office in the Department of Commerce that would work with the FTC, the Executive Office of the President, and other Federal entities, to examine commercial uses of personal information and evaluate whether uncertainty or gaps in privacy protections exist. The new office would convene stakeholder dialogues, and, with respect to specific areas of concern, help develop enforceable privacy codes of conduct.

Encourage Global Interoperability to Spur Innovation and Trade
Reducing regulatory barriers to trade is a high priority for the Obama administration.  Currently, disparate privacy laws have a growing impact on global competition.  The report recommends that the U.S. government work together with its trading partners to find practical means of bridging differences in our privacy frameworks. Collaborations with other privacy authorities around the world can reduce the significant business compliance costs.  This global engagement could play a key role in a new dynamic privacy framework.

Consider How to Harmonize Disparate Security Breach Notification Rules
As an initial step towards consideration of a new privacy framework, the report recommends looking at ways in which to harmonize the rules that set standards for businesses to notify customers about commercial data security breaches.  This comprehensive national approach to commercial data breaches would provide clarity to consumers, streamline industry compliance, and allow businesses to develop a strong, nationwide data management strategy.

This national approach, enacted through Federal law, could help to reconcile inconsistent state laws, authorize enforcement by the FTC, and preserve state authorities’ existing enforcement power.  This recommendation is not aimed at preempting federal security breach notification laws for specific sectors, such as healthcare.

Review the Electronic Communications Privacy Act for the Cloud Computing Environment

The report recommends that the Obama Administration review the Electronic Communications Privacy Act (ECPA) to address privacy protection in cloud computing and location-based services. A goal of this effort should be to ensure that, as technology and market conditions change, ECPA continues to appropriately protect individuals’ privacy expectations and punish unlawful access and disclosure of consumer data.

In order to gather stakeholder input and refine the report’s preliminary recommendations, the Commerce Department will seek public comment and publish questions from the report in a Federal Register notice next week. The Commerce Department’s Internet Policy Task Force will also continue to work with others in government to engage the domestic and global privacy community, and will consider publishing a refined set of policy recommendations in the future.

To download a copy of the report, visit http://www.commerce.gov/node/12471

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder of Crucial Point and publisher of CTOvision.com

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22nd international CloudEXPO | first international DXWorldEXPO and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time t...
DXWorldEXPO LLC announced today that "IoT Now" was named media sponsor of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. IoT Now explores the evolving opportunities and challenges facing CSPs, and it passes on some lessons learned from those who have taken the first steps in next-gen IoT services.
SYS-CON Events announced today that Silicon India has been named “Media Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Published in Silicon Valley, Silicon India magazine is the premiere platform for CIOs to discuss their innovative enterprise solutions and allows IT vendors to learn about new solutions that can help grow their business.
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use of real time applications accelerate, legacy networks are no longer able to architecturally support cloud adoption and deliver the performance and security required by highly distributed enterprises. These outdated solutions have become more costly and complicated to implement, install, manage, and maintain.SD-WAN offers unlimited capabilities for accessing the benefits of the cloud and Internet. ...
"IBM is really all in on blockchain. We take a look at sort of the history of blockchain ledger technologies. It started out with bitcoin, Ethereum, and IBM evaluated these particular blockchain technologies and found they were anonymous and permissionless and that many companies were looking for permissioned blockchain," stated René Bostic, Technical VP of the IBM Cloud Unit in North America, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventi...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.