Last month, Europe implemented its General Data Protection Regulation in an effort to protect the data of all individuals within the European Union, with some aspects affecting users worldwide. According to a new report by Axios, the White House is "in the early stages" of figuring out what a federal approach to online data privacy would look like in the United States.
So far, special assistant to President Trump on tech, telecom, and cyber policy Gail Slater has met with industry groups about the issue. Discussions include possible "guardrails" for the use of personal data online, according to a few sources familiar with the talks. Furthermore, Slater has talked about the implementation of GDPR with Dean Garfield, CEO of the Information Technology Industry Council, which represents tech companies like Apple and Google.
/article-new/2018/06/white-house-image-wikimedia-commons.jpg?lossy)
Slater and the Trump administration have reportedly referred to the U.S. proposal as a "counter-weight to GDPR," aimed at ensuring that the European law doesn't become the global standard of online privacy, sources said. Still, Slater also stated that there is no desire to create a "U.S. clone" of the European rules.
Axios theorized that one possible outcome from the conversations could be an executive order that leads to the development of a privacy framework for U.S. citizens.
One option is an executive order directing one or more agencies to develop a privacy framework. That could direct the National Institute of Standards and Technology, an arm of the Commerce Department, to work with industry and other experts to come up with guidelines, according to two sources.
An executive order could also kick off a public-private partnership to lay out voluntary privacy best practices, which could become de-facto standards, according to sources.
News about the potential new privacy practices comes as "pressure" is being placed on lawmakers in the U.S., following high-profile data breaches like the Facebook/Cambridge Analytica scandal. Beginning with reports in March, it was discovered that Facebook was connected with consulting firm Cambridge Analytica, which itself was tied to Trump's 2016 presidential campaign. Using a survey app called "This Is Your Digital Life," the firm secretly amassed data from millions of Facebook users that targeted and attempted to sway votes in the election.
Slater claimed that "giving consumers more control over their data" and "more access to their data" are high marks of the GDPR, suggesting these aspects would be emphasized in the U.S. law.
"We're talking through what, if anything, the administration could and should be doing" on privacy, Slater said at a conference hosted last month by the National Venture Capital Association
In the wake of GDPR, Apple itself launched a new Data & Privacy website that lets users download all of the data associated with their Apple ID. While the feature was limited to Apple accounts registered in the European Union, Iceland, Liechtenstein, Norway, and Switzerland at launch, Apple said it will roll out the service worldwide "in the coming months."
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Top Rated Comments
*Kidding... Obviously they won't ask for permission.
I'm all for data privacy. However, to me, when it comes to GDPR, it seems ludicrous, and quite illegal, that any business in any country outside the EU should be beholden to any policy passed by the EU. EU law should have ZERO legitimacy outside of the EU. Otherwise, what's to stop any country/countries from setting international law all on their own. Crazy.
Companies can feel free not to do business with EU citizens and processors.IMO, if EU citizens want to use services operated or hosted outside the EU that collect data, they do so at their own risk and without the protections or guarantees of GDPR. Simple as that.
That may be your opinion, but it's not the law.Now... who should set that standard? Good question. It's going to have to come from a combination of industry leadership - both technology and consumer - and governments. Many people will balk at government involvement - and I don't generally disagree with the premise - but the reality is that without such participation there will be no mandate or enforcement.
GDPR is actually a great start and could, IMO, be leveraged. After all, most companies are already taking requisite measures... so there is little to no additional cost with significant benefit to the rest of the world.
I'm all for data privacy. However, to me, when it comes to GDPR, it seems ludicrous, and quite illegal, that any business in any country outside the EU should be beholden to any policy passed by the EU. EU law should have ZERO legitimacy outside of the EU. Otherwise, what's to stop any country/countries from setting international law all on their own. Crazy.
If you want to do business in a country then you follow their rules. Doesn't matter if it's a foreign-based company or not. The alternative choice is to not do business in that country, and obviously these companies have chosen not to do that because quite frankly that would be a financially stupid decision. Conversely, foreign-based companies operating in the U.S. also have to follow U.S. law. This isn't a new concept so I'm not sure why you're acting as such.IMO, if EU citizens want to use services operated or hosted outside the EU that collect data, they do so at their own risk and without the protections or guarantees of GDPR. Simple as that.