The Information Technology Industry Council (ITI) recently responded to the National Telecommunications and Information Administration’s (NTIA) request for public comments on “Big Data and Consumer Privacy in the Internet Economy.” In the request, NTIA, an agency within the Department of Commerce, posed a series of questions to stakeholders relating to big data and privacy to solicit input on challenges and possible policy solutions.
In our comments, we discuss some of the findings of the inter-agency working group on big data that delivered a report to President Obama on May 1. ITI appreciates the report’s recognition of the many opportunities and benefits created by big data. An important big data policy consideration identified in the report is preventing inappropriate discriminatory outcomes, and ITI agrees that this is an area that warrants further examination.
In its written submission, ITI offers a number of recommendations to address privacy in the big data context:
First, ITI advocates for a responsible use framework—built upon risk-based assessment and mitigation—to address privacy risks in the big data context. This type of framework, which puts greater attention on how data is used, and less on its collection, provides a mechanism to enable organizations to fully consider the privacy issues involved in decisions about data.
Second, ITI encourages an “accountability” approach, where companies develop and implement processes that foster compliance with their privacy-related commitments.
And finally, ITI advocates for a uniform national breach notification framework to allow businesses to notify consumers more efficiently when a breach of sensitive personal data occurs by easing the confusion and duplication that results from the current patchwork of state laws.
Big data offers tremendous opportunities in a variety of fields, including health care, agriculture, energy efficiency, transportation, and education. As policymakers continue to examine big data and develop related policies, it is important that they take into account the data environment as it exists today, and recognize that this ecosystem continues to evolve. We look forward to continuing to engage with the administration and other stakeholders to ensure that big data continues to provide consumers with benefits previously unimaginable.
ITI’s full set of comments to NTIA can be found here.
The European Commission’s proposal for a General Data Protection Regulation (GDPR) Procedural Regulation is a pivotal step towards streamlining the cross-border enforcement of the landmark regime. The [...]
In an increasingly challenging geopolitical and economic climate, strengthening Europe’s resilience and protecting its fundamental values and interests, while preserving an open and sustainable economy [...]
The EU Data Act will greatly impact the way companies manage data. It contains ambitious rules on data sharing between businesses and with governments, as well as provisions on cloud switching that have [...]
ITI’s Rob McGruer takes stock of the latest data privacy developments and sets out what’s needed to push forward with a truly global approach. January 28th marks Data Privacy Day, an annual event recognized [...]
On March 15, ITI hosted the virtual event “ITI Presents the EU Data Act: Ensuring Fair and Balanced Rules for Data.” Yvo Volman, Director of the Data Directorate in the European Commission’s DG Connect, [...]
As economies around the world are sputtering back to life following an unprecedented global pandemic, the EU and U.S. continue to face a massive disruption to a key business driver – the transfer of data [...]
This article was originally published on New America and was re-published here with permission. In October, China’s National People’s Congress (NPC) released a long-awaited draft of the Personal Information [...]
In September, Brazil’s new privacy law went into effect. This new law is one of the most thoughtful and balanced approaches to protecting users’ privacy and embracing trust and innovation. This week, ITI [...]
One of the most anticipated court cases in data protection, the Court of Justice of the European Union (CJEU) decision on C-311/18: Data Protection Commissioner v Facebook Ireland Limited, Maximillian [...]
As Europe marks the General Data Protection Rule’s (GDPR) two-year-review, ITI and our members continue to assess what is working well and what can be improved to create legal certainty for businesses, [...]