White House Big Data Report Earns Praise, Skepticism

Tech experts say the administration is wise to call for statutory protections for data in the cloud. But some advocacy groups say overregulation will have a chilling effect on innovation.

William Welsh, Contributing Writer

May 5, 2014

7 Min Read

5 Online Tools Uncle Sam Wants You To Use

5 Online Tools Uncle Sam Wants You To Use

5 Online Tools Uncle Sam Wants You To Use (Click image for larger view and slideshow.)

A White House report on big data released May 1 concludes that the explosion of data in today's world can be an unprecedented driver of social progress, but it also has the potential to eclipse basic civil rights and privacy protections.

The report drew praise from business and technology groups for its grasp of how big data analytics could improve education and healthcare, uncover wasteful government spending, and help with the nation's continuing economic recovery. But those same groups cautioned that government attempts to regulate data collection could interfere with productivity and job growth.

"Big Data: Seizing Opportunities, Preserving Values" recommended that the president take a number of steps, including directing government agencies to work closely with their senior privacy and civil liberties officials to examine how they might harness big data to carry out their missions. It also suggested agencies experiment with pilot projects, nurture in-house talent, and expand research and development.

[Big data raises serious privacy concerns. Read White House Big Data Report: 5 Privacy Takeaways.]

In addition, the report recommends that the administration take prompt action to do the following:

  • Advance the Consumer Privacy Bill of Rights.

  • Pass national data breach legislation.

  • Extend privacy protections to non-US persons.

  • Ensure data collected on students is used for educational purposes.

  • Expand technical expertise to stop discrimination.

  • Amend the Electronic Communications Privacy Act.

The recommendations are part of an 85-page report delivered to President Obama, who asked his counselor John Podesta in January to form a working group to address the opportunities and impact of big data. Podesta's working group included the secretaries of commerce and energy, the directors of the Office of Science and Technology Policy and the National Economic Council, and others tasked with studying big data and recommending executive branch action or legislative proposals to Congress.

"Big data is saving lives … making the economy work better… and saving taxpayer dollars," Podesta said in a May 1 White House blog post, noting how it helped the Centers for Medicare and Medicaid Services identify $115 million in fraudulent payments. "But big data raises serious questions, too, about how we protect our privacy and other values in a world where data collection is increasingly ubiquitous and where analysis is conducted at speeds approaching real time."

In particular, the report raised concerns about whether the "notice and consent" framework, in which users grant permission for a service to collect and use information about them, "still allows us to meaningful control our privacy as data about us is increasingly used and reused in ways that could not have been anticipated when it was collected."

A White House poll, which is open for general public input but is not statistically representative of US opinions, found that high percentages of the 24,092 respondents expressed concerns about privacy.

Figure 1:

The report calls for a dramatic increase in research and development in privacy-enhancing technologies, recommending that the administration spearhead an effort to identify areas where big data analytics can have the greatest influence in improving Americans' lives.

To achieve this, the report recommends that the Office of Science and Technology Policy work to define areas that promise significant public gains and then direct the necessary resources to those areas. Basic research should address data provenance, de-identification, and encryption.

In addition, the administration and Congress should strive to ensure that the nation's privacy values at home and abroad are protected, prevent new modes of discrimination that might come about through the use of big data, and ensure that law enforcement and national security agencies use big data in a responsible way that respects privacy.

"An important finding of this review is that while big data can be used for great social good, it can also be used in ways that perpetrate social harms or render outcomes that have inequitable impacts, even when discrimination is not intended," the report states. "Society must take steps to guard against these potential harms by ensuring power is appropriately balanced between individuals and institutions, whether between citizen and government, consumer and firm, or employee and business."

According to the report, the Electronic Communications Privacy Act is outdated and was crafted several decades ago,

Next Page

when personal information was stored on paper. Since email, text messaging, and other private digital communications have replaced paper as the principal means of personal correspondence, and the cloud is increasingly used to store Americans' files, digital communications and the cloud require similar legislative protections.

The Commerce Department should take appropriate consultative steps to seek stakeholder and public comment on big data developments and how they affect the Consumer Privacy Bill of Rights, the report states. Once that is done, the administration should draft a legislative proposal that the president can submit to Congress.

To help ensure privacy, the data services industry should bring greater transparency to its work, the report says. To achieve this goal, the data services industry should build a common website or online portal that lists companies and their data practices, and it should provide ways for consumers to control how their information is used or collected, including opting out of certain marketing uses.

The report also says that Congress should pass legislation that establishes a single national data breach standard similar to the administration's May 2011 cybersecurity legislative proposal.

Daniel Castro, director of the Center for Data Innovation, an affiliate of the Information Technology and Innovation Foundation, a non-partisan think tank, said in a press release that the report calls attention to a number of important policies that can strengthen data-driven innovation, such as embracing government data as a public resource, promoting the use of data in fields such as education and healthcare, and investing in more research for privacy-enhancing technologies.

But it misses the mark in some respects, according to Castro. "The report disproportionately focuses on fears that big data might harm consumers by violating their privacy, threatening their civil liberties, and hurting their pocketbooks," he said. "For example, the report renews a call to support the administration's proposed Consumer Privacy Bill of Rights, an attempt initiated in 2012 to impose unnecessary restrictions on the collection and use of data by the private sector."

The US Chamber of Commerce used the report's release as an opportunity to list the myriad benefits of big data, including its ability to create jobs, spur innovations, and expand entrepreneurial opportunities in each and every market. But the chamber believes that overregulation is not a good idea for big data.

"As the government continues to examine the collection and use of data, policymakers should restrain from acting unless there are specific, identified harms that cannot be addressed by the myriad of existing laws and regulations governing the use of information collected about consumers," David Chavern, president of the US Chamber of Commerce's Center for Advanced Technology and Innovation, said in a press release.

The Obama administration should make an effort to ensure that policymakers do not confuse US national security-related privacy issues with commercial privacy practices, Chavern said.

For his part, Castro said the report failed to debunk popular myths about big data, such as "once data is collected, it can be very difficult to keep anonymous" or that "re-identification is becoming more powerful than de-identification." Though there have been some high-profile examples of data re-identification, he said, techniques exist to effectively de-identify data.

"The Administration should be commended for recognizing opportunities to advance data-driven innovation, but the report is a reminder that we have a long way to go before Washington gets over its fear of big data," Castro said.

The NIST cyber-security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work? Read the Protecting Critical Infrastructure issue of InformationWeek Government today.

About the Author(s)

William Welsh

Contributing Writer

William Welsh is a contributing writer to InformationWeek Government. He has covered the government IT market since 2000 for publications such as Washington Technology and Defense Systems.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights