Security Watch: Obama on Privacy

The new administration may get some of the big issues right, yet smaller concerns like data-mining your Web cookies and protecting the rights of “legitimate” marketers to pump out spam might succumb to business as usual.
Amid new disclosures of rampant eavesdropping on Americans, including revelations of a Nixon-like list of reporters and anti-war activists targeted for special monitoring, many experts are expecting that the Obama administration will be a lot more privacy friendly than the crowd they replaced.

In truth, however, it shouldn’t be difficult for the Obama team to demonstrate more concern for privacy than their predecessors – if they make any substantive effort at all, it’ll be more than the Bush team managed to muster.

To change the overall posture of the government on privacy matters doesn’t require any new and far-reaching initiatives. If the new administration could simply manage to comply with existing laws and processes that purport to protect Americans from unwarranted privacy invasions, it would represent a huge departure from the wholesale abandonment of basic protections that arose in the post-9/11 years.

According to a number of reports, many of the protections enacted in recent years by Congress to remedy both real and perceived violations of basic privacy rights were largely ignored in the waning days of the Bush administration.

For example, USA Today reported recently that the departments of State, Defense, and Health and Human Services have all failed to comply with rules intended to protect Americans’ civil liberties. Moreover, an independent oversight board set up to monitor agencies’ compliance is devoid of members and hasn’t convened in over two years.

The Privacy and Civil Liberties Oversight Board was set up in 2004, but when Congress passed legislation expanding the board’s activities and designating it as an independent agency, the Bush administration dragged its feet on nominations and no new members of the board were ever confirmed.

Congressional leaders and privacy watchdog groups are heartened by the Obama administrations statements during the transition that the oversight board would be strengthened, including giving the board subpoena power to bolster its ability to investigate compliance problems.

The major privacy challenges represent some of the most challenging privacy issues facing the new administration. These include issues like warrantless wiretapping of random Americans, massive aggregation and data-mining by special teams in the Defense department, and a “no-fly” list that grows every day with names of people whose only crime is sharing the name of a random alias coughed up during a waterboarding session at Gitmo. There are plenty of smaller privacy issues that may also well benefit from renewed attention.

Privacy and civil liberties groups have petitioned the incoming administration asking for agencies like the Federal Trade Commission (FTC) to reexamine practices such as behavioral targeting of consumers’ online activities by advertisers.

In past years, the FTC has not only declined to explore ways of setting rules for how consumers can be tracked and targeted for online marketing purposes, the agency has also permitted some huge mergers in the online advertising space, such as advertising powerhouse Google’s purchase of online targeting juggernaut DoubleClick.

No one is seriously expecting quick action or sweeping changes, but lobbyists for the direct marketing industry are already hard at work making sure that Obama’s future nominees to the FTC will understand the need to make sure we all get our daily quota of dancing aliens selling home equity loans.

My expectation is that the Obama administration may well get some of the big issues right, such as warrantless wiretapping, and enact changes that are more likely to promote security without compromising our core values and liberties.

However, I also expect that many of the less exciting issues, such as data-mining of your web cookies and protecting the rights of “legitimate” marketers to pump out spam, will succumb to a level of “business as usual” that is inevitable, even for an administration whose very DNA seems coded with the urge to bring change.

Ray Everett-Church is an entrepreneur and principal at PrivacyClue LLC, a privacy and security consultancy. He is a founder of CAUCE, an anti-spam advocacy group, and co-author of Internet Privacy for Dummies.

Comment and Contribute


(Maximum characters: 1200). You have characters left.