In Big Data report, White House calls for national breach reporting standard

Share this article:
White House says new Chinese IT equipment rule may disrupt business without helping security
White House says new Chinese IT equipment rule may disrupt business without helping security

Senior White House officials have released a report reviewing Big Data and privacy concerns in the nation and called for the adoption of a national standard for reporting data breaches.

On Thursday, White House counselor John Podesta took to the White House blog to announce the findings of the review, which President Obama had requested in January. The President had charged Podesta with leading the effort to dissect the personal privacy implications of Big Data analytics, as well as its affect on the government and economy.

Podesta, and senior government officials, spent three months consulting with academic researchers, privacy advocates, technology experts, regulators, advertisers, civil rights groups and the public, as well as reviewing the results of a related study conducted by the President's Council of Advisors for Science and Technology. In addition, the White House jointly organized three conferences at high-profile universities, before presenting the 85-page report (PDF) to the President.

Senior officials made six key recommendations, including that a singular standard for data breach reporting be enacted.

“Congress should pass legislation that provides for a single national data breach standard along the lines of the Administration's May 2011 Cybersecurity legislative proposal [PDF],” the report said. “Such legislation should impose reasonable time periods for notification, minimize interference with law enforcement investigations, and potentially prioritize notification about large, damaging incidents over less significant incidents.”

Podesta noted that the majority of states adhere to their own data breach notification laws, but that Congress should act to provide a more cohesive, over-arching standard that organizations can follow.

Privacy and security buffs have long discussed the merits and challenges of having such legislation, but, in the past, efforts to create and pass uniform laws have stalled.

David Walton, co-chair of law firm Cozen O'Connor's privacy, data and cybersecurity group, told SCMagazine.com in a Friday interview that, while he was in support of a national breach standard being passed, it may still be an uphill battle.

“I think it would be great to have a national breach standard, because, unfortunately, we are just seeing the tip of the iceberg as far as breach activity,” Walton said. “On one hand, [state-by-state legislation] works because it's case specific, but, on the other hand, it's harder to counsel clients on a gray standard.”

He later contended that continuous and widespread breaches may have an impact on lawmakers.

“I don't think it would be any easier [to pass], but I do think there's great motivation for people to agree to something,” Walton said.

Page 1 of 2
Share this article:

Sign up to our newsletters

More in News

Leahy bill would end bulk data collection, introduce reforms

Leahy bill would end bulk data collection, introduce ...

Sen. Patrick Leahy introduced an NSA reform bill that would update the USA Freedom Act.

House passes two cyber security bills

One bill aims to improve agencies' website security, while another works to thwart critical infrastructure attacks.

A five-month-long Tor attack attempting to 'deanonymize' users

For roughly five months beginning in January, traffic confirmation attacks were used to attempt to "deanonymize" Tor users.