EPIC gives Obama administration mediocre privacy grades
So far, progress on privacy has been disappointing, EPIC says
Computerworld - The Electronic Privacy Information Center gave the Obama Administration mediocre grades in its second annual privacy report card, which it released this week.
The report is based on an analysis by EPIC's advisory board of the administration's efforts to foster better privacy practices in cyberspace, and around consumer data and health care data. The report also assessed the administration's records on civil liberties.
Overall, EPIC gave the administration B's for its privacy efforts in cyberspace and in protecting health care data, a C for consumer data protection efforts and a D on civil liberties.
The scores are lower than those handed out by EPIC last year and reflect the disappointing record the administration has had on privacy in its second year in office, said Mark Rotenberg, executive director of EPIC.
"Our bottom-line assessment is that with respect to privacy, things are getting worse," Rotenberg said.
The White House did not immediately respond to a request for comment.
Last year was the first time that EPIC released a privacy report card; the grades then reflected considerable optimism about the new administration's commitment to privacy and civil liberties issues, Rotenberg said. However a year down the road, little has changed in key areas, he maintained.
On the civil liberties front, for instance, there were high expectations that changes would be made to many programs, including the Patriot Act, the Fusion Centers that were created for sharing intelligence information between local and federal agencies, no-fly lists and the Real-ID national identification program. All of those were programs inherited from the Bush administration, and a year ago it was too early to assess what impact the new administration would have on them, he said.
The fact that little has changed a year later is surprising given the early expectations, Rotenberg said. The Obama administration's failure so far to set up an advisory board for monitoring key issues such as the airport full-body scanner program is troubling, he noted. So too is its relative inaction around controversial programs such as the Patriot Act and the Fusion Center initiative, he said.
Rotenberg also criticized what he claimed has been the Federal Trade Commission's less than aggressive approach in dealing with serious consumer privacy issues stemming from the use of technologies such as Facebook and Google's Buzz and Street View.
Latanya Sweeney, professor of computer science, technology and policy at Carnegie Mellon University and a member of EPIC's advisory board, said the Obama administration has failed to live up to early expectations for better privacy protections for health care data.
Obama's Health Information Technology for Economic and Clinical Health (HITECH) Act, which passed last year as part of the stimulus bill, contained several provisions for better patient privacy, Sweeney said. However, many of those controls have been diluted in the actual implementation of the policy, she said.
HITECH is being implemented in a manner that offers health care entities plenty of financial incentives for implementing electronic health systems and using them in a meaningful way. However, there are no incentives at all for improved privacy protections for health care data, she said. That could pose a major problem as more health care records are converted, used and shared electronically, she said.
"I view this as a failure of the administration to deliver on the privacy promises provided in the [HITECH] bill," she said. "They have lost an opportunity to use incentives to foster better privacy," Sweeney said.
Not everyone was so critical, though. Pablo Molina, CIO and associate vice president of information technology at Georgetown University and a member of EPIC's advisory board, gave a thumbs-up to the administration's efforts in cyberspace, in particular, and on other fronts as well.
Obama's appointment of Howard Schmidt as White House cybersecurity coordinator was a major step forward, Molina said. Since taking the job, Schmidt has been actively engaging with privacy and civil rights groups such as EPIC, the Electronic Frontier Foundation and the Center for Democracy and Technology to try to understand and address privacy concerns, he said.
Molina also said that the FTC has done a reasonably good job on consumer privacy issues. But he too expressed concern over the apparent slowness by the FTC to respond to Facebook privacy concerns and to those that have been raised about Google.
Plans by the Department of Homeland Security to collaborate with the Department of Defense on cybersecurity issues also need to be monitored, he said. There needs to be transparency and oversight considering that the National Security Agency will have an expanded role in domestic cyber matters, he said.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Privacy in Computerworld's Privacy Topic Center.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- 3 Steps to Content Sharing and Collaboration ft. Forrester Research Consumer sync and share tools help people access and send personal files, but smart IT leaders know that businesses require more than just...
- Empowering Your Mobile Workers A modern mobile IT strategy is no longer an option, it is an absolute necessity. Here's how some of the nation's most progressive...
- Info-Tech Research Group Vendor Landscape: Cloud File Sharing Box recommends this report for any growing business or company considering an investment in enterprise content collaboration and cloud file sharing.
- The Changing Face of Collaboration in the Enterprise The importance of having enterprise content anywhere is the main focus of this article. Along with this, having an API-based environment with collaborative...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Four Myths of High-Productivity App Dev Debunked Debunk the main myths surrounding high-productivity application development and how both platforms have overcome them. All Privacy White Papers | Webcasts