November 12, 2010
US Government Stepping Up Online Privacy Protection
The Wall Street Journal reports that the US federal government is looking at creating new laws and new oversight mechanisms in an effort to better protect consumers' online privacy. In "Watchdog Planned for Online Privacy," Julia Angwin reports that reports and recommendations from both the US Commerce Department and Federal Trade Commission are due to be issued in the near future.
Similarly, the Obama administration has launched an online privacy task force that sources say will be asked to "transform the Commerce Department recommendations into policy." As the article states, currently there is no comprehensive US law that protects consumer privacy online (such issues are instead monitored by the Federal Trade Commission, which takes action in cases where policy violations are deemed deceptive or unfair).
This has lead many US states to take action on their own, passing legislation that governs the handling of private information of residents of those states (for a look at some of the regulations that affect how enterprises handle private and personally identifiable information, see the Osterman Research report, "The Critical Need for Encrypted Email and Secure File Transfer Solutions.")
According to the article:
A spokesman for the Commerce Department said the administration is "committed to promoting policies that will preserve consumer privacy online while ensuring the Web remains a platform for innovation, jobs, and economic growth. These are complementary goals, because consumer trust in the Internet is essential for businesses to succeed online."
These sorts of initiatives will cause more organizations to take a closer look at the way they handle private data both at rest and in motion. A recent Gartner research report that Proofpoint made available this week provides some helpful advice for enterprises that are taking a closer look at technologies for data loss prevention—read Gartner's, 2010 Content-Aware Data Loss Prevention FAQs.
Of course, it's not just regulations and growing consumer concern about privacy that are driving demand for data protection solutions. Every organization creates and needs to manage confidential information that they want to protect from unauthorized disclosure.
As just one example that's been in the news this week, consider the reports that Google gave employees a raise in an effort to increase retention, but has fired the employee who leaked that information to the media.
And just one more privacy item worth mentioning: The Register reports (in their usual snarky style) that Facebook is testing some new account protection features that could be mistaken for a phishing attempt.
