Sen. Kirsten Gillibrand (D-NY) proposed a bill called the Data Protection Act that would create a federal U.S. data protection agency.
Data Protection Act
Right now the countries that don’t have some sort of data protection law include Libya, Sudan, Syria, Venezuela, and the United States. Sen. Gillibrand says the U.S. has a “growing privacy crisis” and believes a federal agency dedicated to protecting Americans’ privacy could help.
The data privacy space remains a complete and total Wild West, and that is a huge problem.
She calls out Google and Facebook by name, saying these companies have “built major empires of data with information about our private lives.” The agency would have three missions:
- Give Americans control and protection over their own data.
- Work to maintain the most innovative, successful tech sector in the world and ensure fair competition within the digital marketplace.
- Prepare the American government for the digital age.
According to TechCrunch the bill wouldn’t affect state laws like California’s privacy act. So far, Sen. Gillibrand remains the bill’s sole sponsor.
This might appear to be a good idea. I do not think it is. We don’t need another Federal government agency to do this and muck it up as it has done with nearly everything it touches. We need the government to get out of the way and let the private sector create good security. The only reason for this agency will be the creation of backdoors in the security so that it can continue to violate the 4th amendment with the protection of this law. Read Edward Snowden’s book Permanent Record.
Government should handle privacy, as it does human rights and other rights. Privacy is in The Constitution, it’s a matter of honouring it and if necessary enforcing it.
Trouble is, government agencies tend to become the opposite of what was intended, in the name of National Security.
The NSA should be looking for and advising flaws found in security, not building backdoors into approved encryption – for law enforcement and national security reasons, of course. Nor should it be collecting Private information itself, from whatever sources, legitimate, like information people unsuspectingly post to the internet that is repackaged for all who can pay for it, and illegitimate sources (backdoors, agreements with other nations’ security services monitoring, etc.)
It only takes the WILL to LIMIT the powers and activities of government agencies, but there’s too much money behind data collection, both commercial and security/military. And no politician can say no to campaign donations, especially if it’s for law enforcement/security reasons.
Commercial enterprises are no better in protecting rights. It’s the only internet business model that makes money.
Even Open Sourcing or publishing protections publicly improves the situation very little. It may have public scrutiny, but who has the most money to ‘build in flaws’, the security industrial complex combined with commercial interests, or Joe security expert or a university professor not already funded by government or corporate interests?
You end up with the Flash situation. Oh, another flaw, our bad, we’ll fix that next release. Repeat infinitely.
Apple got out of the router business when Law Enforcement Assistance was being pushed down to the local router level. Trust me. Apple couldn’t take any privacy stance when its routers were required to be open to Law Enforcement Assistance. Too much negative publicity could result. And you see what happens if you make a keyboard that people don’t like, can you imagine what the fallout would be if routers were open/vulnerable – a backdoor for the good guys is a backdoor for the bad guys too.
As for this particular bill, I guarantee it was dreamed up by the same people who came up with “freedom-of-information” and “whistle blower protection”, and you know what a quagmire they’ve become. Give the appearance of something, cover your arse whenever it becomes an issue (ombudsman anybody?), but with neither the will nor capability to combat the forces against this.