Forward this message to a friend
Click to view this email in a browser

Bipartisan Senate Bill Holds Promise for Internet Privacy

National ID Strategy Envisions Trustworthy Web

Near Field Communication Poses New Privacy, Security Risks

Featured on Policy Beta

May 2, Washington, DC - Leslie Harris will speak at the UNESCO conference 21st Century Media: New Frontiers, New Barriers.


Federal policymakers last week announced initiatives on two key challenges facing the Internet: consumer privacy and online identity. CDT is deeply involved in shaping the outcome of both issues.

Bipartisan Senate Bill Holds Promise for Internet Privacy

On April 12, Senators John Kerry (D-MA) and John McCain (R-AZ) introduced the first comprehensive consumer privacy bill the Senate has seen in more than ten years. While the bill is not perfect, its introduction moves the U.S. one step closer to the enactment of federal privacy protections. The U.S. embarrassingly behind the times in this area.

CDT has long advocated for a 21st century privacy law to fill the gaps left by existing sectorial privacy laws that cover areas like financial, health, telephone data, etc. The Kerry-McCain bill addresses the full range of Fair Information Practice Principles, which provide the best available source for defining consumer privacy rights. The bill is designed to support innovation by including flexible provisions allowing companies to work with the FTC and Commerce Dept. to develop industry-specific rules that make sense for both consumers and businesses. CDT will release its initial in-depth analysis of the bill next week.

National ID Strategy Envisions Trustworthy Web

Last Friday, the Administration released its ambitious National Strategy for Trusted Identities in Cyberspace (NSTIC). The Strategy presents a vision of an online identity eco-system where individuals can choose from a number of interoperable, secure, convenient and privacy-preserving identities. The approach is intended to promote a shift away from today's norm of numerous insecure usernames and passwords used and reused across the Web. The NSTIC is not a national ID program. In fact, it's not an ID "program" at all. It is an effort to encourage private sector leadership and innovation. As CDT's Leslie Harris comments in her post, the new strategy has made individuals its first priority. It envisions a framework that preserves anonymity and pseudonymity while improving security through federated identities so users do not have to disclose extensive personal data every time they want to use a new site.

Near Field Communication Poses New Privacy, Security Risks

Near Field Communication (NFC) allows mobile devices to communicate with nearby targets. Potential applications include mobile payment and local messaging. Android devices already include NFC capability; Microsoft, Sprint, Amazon and RIM have announced plans to incorporate NFC into new products. AT&T, T-Mobile and Verizon have announced mobile payment plans with Mastercard, Citigroup and other credit card companies.

CDT's Harley Geiger has examined some of the security and privacy issues this powerful technology poses. As he notes, the presence of payment card information on phones will make those devices a target for malicious attacks. The good news: smartphones can provide strong cryptography and authentication but makers have to build those capabilities into the phones. Another issue: how much control consumers will have over the information disclosed to merchants and third parties during an NFC transaction.

Much remains to be done in advance of extensive NFC rollout over the next few years. The pubic and private sectors, along with advocates like CDT, will have to develop guidelines for the design and application of this new technology. Good starting points include the FTC's 2010 Staff Report and CDT's RFID Deployment Best Practices.

Two Updates in Fight Over Internet Neutrality

Andrew McDiarmid provides an update on efforts in the House to repeal the FCC's Open Internet rules.

Beyond Bright Shiny Objects

Leslie Harris offers thoughts on kids' privacy in online advertising.

CDT, EFF, Libraries Urge Appeals Court To Uphold YouTube Decision

CDT urges a federal appeals court to uphold a lower court ruling that YouTube is subject to the "notice and takedown safe harbor" provisions of the copyright law.

The Continuing Saga of Thomas Jefferson and the Net

CDT fellow David Post discusses Thomas Jefferson's philosophical legacy and the Web.

Click to view this email in a browser

If you no longer wish to receive these emails, please reply to this message with "Unsubscribe" in the subject line or simply click on the following link: Unsubscribe

Center for Democracy & Technology
1634 I St.
Suite 1100
Washington, District of Columbia 20006

Read the VerticalResponse marketing policy.

Non-Profits Email Free with VerticalResponse!