News & Insights  |  Alerts

NTIA Seeks Comment on Big Data Impacts on the Consumer Privacy Bill of Rights in Support of Proposed New Privacy Legislation

June 4, 2014

The National Telecommunications and Information Administration (NTIA) released today a Request for Comments on how developments related to “big data” impact the Obama Administration’s 2012 Consumer Privacy Bill of Rights (CPBR).  The Request for Comments follows the May 1st release of the Administration’s much anticipated report on the collection and use of big data (the Big Data Report), which calls on the U.S. Department of Commerce to take a lead role in advancing the CPBR.  Specifically, the report calls on the Department of Commerce to draft legislation based on the CPBR for review by the President and Congress after seeking comment from stakeholders.  New legislation potentially could expand consumer privacy protections to commercial sectors not currently subject to federal privacy regulation.

The CPBR offers a comprehensive framework for protecting privacy in the modern age.  Based on the Fair Information Practice Principles, the CPBR provides baseline privacy protections for consumers and places obligations on private companies collecting consumer information.  Although more than two years have passed since President Obama announced the CPBR, Congress has yet to enact it into law.  In that time, the collection and use of big data, which challenges several of the key assumptions that underpin current privacy frameworks, including the notice and consent model, have increased.

To advance the CPBR, NTIA seeks comment on the following broad questions, among others:

  • How the principles in the Consumer Privacy Bill of Rights support innovations related to big data while also responding to potential privacy risks;
  • Whether the Consumer Privacy Bill of Rights should be clarified or modified to better accommodate the benefits or risks of big data;
  • Whether a responsible use framework should be used to address the challenges posed by big data; and
  • Mechanisms to best address the limits of the “notice and consent” model for privacy protection noted in the big data report.

NTIA also seeks comment on specific questions raised by the Administration’s Big Data Report as well as on possible approaches to big data, including:

  • Whether accountability programs play a useful role in promoting socially beneficial uses of big data while safeguarding privacy; and
  • Whether emerging privacy enhancing technologies can mitigate privacy risks to individuals while preserving the benefits of robust aggregate data sets.

Comments will be due 60 days after the Request for Comments is published in the Federal Register.