U.S. Unveils First Step Toward New Online Privacy Rules
26.9.2018 securityweek
BigBrothers

The US administration called Tuesday for public comments on a "new approach to consumer data privacy" that could trigger fresh regulations of internet companies.

The Commerce Department said the announcement is part of an effort to "modernize US data privacy policy for the 21st century."

The move follows the implementation this year of ramped up data protection rules imposed by the European Union, and a new privacy law enacted in California.

Both measures will impact internet firms whose websites can be accessed around the globe.

Privacy and data protection have come into greater focus in response to these new laws, and also because of growing concerns on how private data is handled following revelations on the hijacking of millions of Facebook user profiles by a political consultancy ahead of the 2016 election.

"The United States has a long history of protecting individual privacy, but our challenges are growing as technology becomes more complex, interconnected and integrated into our daily lives," said David Redl, who heads the agency's National Telecommunications and Information Administration (NTIA).

"The Trump administration is beginning this conversation to solicit ideas on a path for adapting privacy to today's data-driven world."

The agency said it was also developing a voluntary privacy framework to help organizations manage risk and working on ways "to increase global regulatory harmony."

The Commerce Department statement said the agency is focused on "desired outcomes" for privacy rather that dictating specific practices.

But it plans to seek public comment on transparency practices -- how data is collected and used -- as well as security safeguards.

Users of online platforms "should be able to reasonably access and correct personal data they have provided," the statement added. "Organizations should take steps to manage the risk of disclosure or harmful uses of personal data."