SIIA, like many others in the tech industry, eagerly awaits a draft privacy bill from the Hill. We support a strong and comprehensive federal privacy law that is designed to prevent and remedy harms, gives consumers meaningful control and access to their personal data, and bars unreasonable data collection and use practices. As we have noted in many fora, how to achieve this will require many sensitive policy decisions, all of which Congress is uniquely poised to decide.

With Congress returned from the August recess, the technology community and consumers nationwide continue to await action on data privacy – namely, legislation that will strengthen and harmonize data privacy protections while promoting continued U.S. leadership in innovation.

On May 3, Sara DePaul, SIIA’s Senior Director for Technology Policy, moderated a panel at the IAPP’s Global Privacy Summit 2019 in Washington DC on “Balancing Transparency and Privacy in Open Access to Public Records.” The panel featured the views of Cindy Van Ort, Chief Privacy Officer of Thomson Reuters; Chris Calabrese, Vice President for Policy at the Center for Democracy and Technology; and David Cuillier, Associate Professor at the University of Arizona School of Journalism. The panelists engaged in a spirited discussion and found a few high-level points of consensus, such as: that the use of public records confer important social benefits, that open access and use can yield the potential for harmful results that should be accounted for, and that the treatment of public records by privacy laws can raise First Amendment concerns that must be balanced by policymakers. They differed, however, in whether and how a privacy law should apply to public records dat ...

On March 12, the Senate Judiciary Committee held a hearing on “GDPR & CCPA: Opt-ins, Consumer Control, and the Impact on Competition and Innovation.” The Committee heard from witnesses representing industry, consumer organizations, and academia, who discussed a broad range of issues to inform a federal privacy law: from meaningful consumer controls to the successes and failures of other privacy frameworks to beefed up enforcement by the FTC . One important topic that was not discussed was the importance of publicly available information and how it should be treated by a federal privacy law. As SIIA explained in recent comments to the Senate, the social benefits and public policy principles promoted by the processing of public data are tangible, indisputable, and balanced. Public data is used to provide choice and access to credit for personal finances, to enable credit for business expansion to grow our economy, and to promote public safety. Moreover, the free flow o ...

On January 21, 2019, the French National Data Protection Commission (CNIL) fined Google Euros 50 million for not complying with the General Data Protection Regulation (GDPR).   There will be a legal challenge, but this blog focuses on the policy considerations surrounding the decision.  There are at least three initial takeaways from the CNIL decision.  First, this enforcement action demonstrates that the GDPR should not be replicated word for word in a possible U.S. federal privacy law.  Some notion of consumer harm should enter the calculation when a fine is considered.  Second, DPAs should be more forthcoming with guidance on how to comply with the GDPR, especially when companies are making a good faith effort to comply with the law.  Third, there is a risk that the one-stop-shop is going to become effectively meaningless.  As U.S. policymakers consider a federal privacy law, this should be a key co ...

On November 13, I participated in the Federal Trade Commission’s workshop on Ethics and Common Principles in Algorithms, Artificial Intelligence, and Predictive Analytics along with James Foulds, an Assistant Professor at the University of Maryland, Baltimore County, Rumman Chowdhury, the Global Lead for Responsible AI at Accenture Applied Intelligence, Martin Wattenberg, a Senior Research Scientist at Google, Erika Brown Lee, Senior VP & Assistant General Counsel at MasterCard, and Naomi Lefkovitz, a Senior Privacy Policy Advisor at the National Institute of Standards and Technology.  The following commentary is based on my remarks and the discussion at the panel. In 2017, SIIA published its Ethical Principles for Artificial Intelligence and Data Analytics as a guide for companies as they develop and implement advanced data analytic systems.  There are many other such ethical principles including the famous Belmont principles of respect for persons, benefic ...

“. . . as education companies we can't just come up with a great product, show it to teachers, and expect to be successful. Our products and services have to help decision makers with their state and federal compliance and intricately defined funding requirements if we are going to be successful. If we don’t know what these are, we can’t get our products accepted.”  — Mitch Weisburgh, Managing Partner, Academic Business Advisors

At yesterday’s FTC hearing on the business of big data I outlined some of the important uses of big data and analytics. SIIA companies are industry leaders using analytics and big data to improve business methods and processes.  Among their innovative uses of data are the use of these techniques to:  

This is part 2 of a series on the constitution's role in informational privacy.  There will be endnotes.