Last week, the Trump Administration released its long awaited Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure (“Cybersecurity EO” or “Executive Order”). The Order launches significant reviews of the federal government’s digital vulnerabilities, existing efforts to protect critical infrastructure, and the development of the “cyber workforce”, and focuses on three…
Consumer privacy is an area of policy where companies can and must work alongside their users to protect data while providing their services. Companies should design products with privacy in mind from the start, following Fair Information Practice Principles (FIPPs) such as transparency, choice, and security. The questions posed today revolve around how companies should go about implementing those FIPPs, who should enforce those principles, and how we can maintain the flow of data, particularly across borders, while still protecting users.
The best way to manage this process is through multi-stakeholder convenings with the goal of developing codes of conduct that can be enforced by the FTC. By bringing everyone to the table, companies, civil society, academics, and others can collaborate, understand the issues, and reach results that protect privacy, give users the information and choices they need, and still be flexible enough to allow for innovation and the development of services. The Commerce Department and the World Wide Web Consortium have both instituted projects along these lines, and positive outcomes seem possible.