You are here

NTIA Seeks Comment on New Approach to Consumer Data Privacy

FOR IMMEDIATE RELEASE: 
September 25, 2018

News Media Contact:

Today, the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA) issued a Request for Comments on a proposed approach to consumer data privacy designed to provide high levels of protection for individuals, while giving organizations legal clarity and the flexibility to innovate.

The Request for Comments is part of a transparent process to modernize U.S. data privacy policy for the 21st century. In parallel efforts, the Commerce Department’s National Institute of Standards and Technology is developing a voluntary privacy framework to help organizations manage risk; and the International Trade Administration is working to increase global regulatory harmony.

“The United States has a long history of protecting individual privacy, but our challenges are growing as technology becomes more complex, interconnected, and integrated into our daily lives,” said David Redl, NTIA Administrator and Assistant Secretary of Commerce for Communications and Information. “The Trump Administration is beginning this conversation to solicit ideas on a path for adapting privacy to today’s data-driven world.”

The Trump Administration’s proposed approach focuses on the desired outcomes of organizational practices, rather than dictating what those practices should be. With the goal of building better privacy protections, NTIA is seeking comment on the following outcomes:

  1. Organizations should be transparent about how they collect, use, share, and store users’ personal information.
  2. Users should be able to exercise control over the personal information they provide to organizations.
  3. The collection, use, storage and sharing of personal data should be reasonably minimized in a manner proportional to the scope of privacy risks.
  4. Organizations should employ security safeguards to protect the data that they collect, store, use, or share.
  5. Users should be able to reasonably access and correct personal data they have provided.
  6. Organizations should take steps to manage the risk of disclosure or harmful uses of personal data.
  7. Organizations should be accountable for the use of personal data that has been collected, maintained or used by its systems.

NTIA also is seeking comment on several high-level goals identified in the Request for Comments setting the broad outline of the direction that the Trump Administration should take to achieve U.S. consumer privacy protections.

Comments are due by October 26, 2018, and may be submitted by e-mail to privacyrfc2018@ntia.doc.gov. Additional information can be found in the Federal Register notice.