Forward this message to a friend
Click to view this email in a browser

HHS Takes Two Steps Forward, One Step Back on Privacy

Court Strikes Down FCC's Fleeting Expletives Policy

Online Privacy Victory as Blizzard Rolls Back Real Name Plans

Featured on Policy Beta

July 22, Washington, DC - CDT President Leslie Harris will testify before the House Subcommittee on Commerce, Trade, and Consumer Protection during a hearing to examine draft consumer privacy bills from Congressmen Rush and Boucher.


CDT has been deep in the weeds of Internet policy these last few weeks, sorting through thousands of pages of new HHS rules on health privacy and analyzing the White House's draft strategy for online identity. Meanwhile, our quick action helped convince a leading online gaming forum to reverse course on a policy that would have diminished user privacy.

HHS Takes Two Steps Forward, One Step Back on Privacy

CDT's health privacy experts have their heads buried in text! In the course of a week, the U.S. Dept. of Health and Human Services (HHS) released more than a thousand pages of text covering new rules on certification, health privacy and "meaningful use" for health information technology (HIT). New rules for certification and health privacy are positive advances.

Provisions in the 2009 stimulus law seek to encourage doctors to adopt HIT and use it effectively. The law added a bonus to the Medicare and Medicaid payments to doctors and hospitals making "meaningful use" of the technology; ultimately, there will be a penalty for not adopting HIT. Unfortunately, using the "meaningful use" objectives to achieve significant advances in privacy and security appears to be off the table. HHS ignored recommendations to ban doctors and hospitals found in violation of state and federal privacy laws from collecting federal HIT subsidies.

HHS also recently proposed a rule expanding the protections for patient information under the Health Insurance Portability and Accountability Act (HIPAA), which is the nation's foremost health privacy law. Although the proposed rule does not address all of the issues that deserve attention, it would strengthen privacy, data security and enforcement. One section of the proposed rule establishes new privacy and security requirements for business associates and subcontractors of entities covered by HIPAA.

Court Strikes Down FCC's Fleeting Expletives Policy

Last week, a federal appeals court struck down the FCC's broadcast indecency policy, calling it "unconstitutionally vague" and citing the "chilling effect[s] that go far beyond the fleeting expletives" at issue in the case, Fox v. FCC. The court found that the policy's prohibition of all "patently offensive" references to sex and excretion, without adequately defining the term patently offensive, "has the effect of promoting wide self-censorship of valuable material which should be completely protected under the First Amendment." The court also questioned the continuing validity of the constitutional basis of broadcast content regulation in general. To preserve the constitutional protections enjoyed by online speech, it's critical that TV content regulations not be applied to the Internet, even as TV programming increasingly moves online.

Online Privacy Victory as Blizzard Rolls Back Real Name Plans

Gaming giant Blizzard, creator of the popular Warcraft and Starcraft games, recently drew the ire of customers when it announced plans to mandate the use of posters' real names in online forums associated with its games. Users reacted strongly, generating over 2,000 pages of forum discussion within a day of Blizzard's announcement. Users cited fears of stalking and harassment, and many threatened to cancel long-standing accounts. CDT's Sean Brooks authored one of the more thoughtful and constructive comments, explaining how Blizzard's legitimate goals could be satisfied without true name identity. Blizzard quickly withdrew its plans and stated that it would allow users to continue to post pseudonymously. The case shows how motivated users can take back their privacy by using the power of the Internet to share a common concern, amplify the message and demand corporate action. For its part, Blizzard showed how a company responding quickly to user input can reverse a privacy misstep in a way that builds trust.

Round Two for Title II Lite

Andrew McDiarmid summarizes CDT's latest comments to the FCC regarding the expansion of broadband access.

Trusted Identities Plan Needs More Public Feedback

Heather West calls for more public input to improve the White House's draft national plan for trusted identities.

Mobility for the Web, No Rascal Required

Cyrus Nemati explains how YouTube's new mobile site is revitalizing the mobile web.

Click to view this email in a browser

If you no longer wish to receive these emails, please reply to this message with "Unsubscribe" in the subject line or simply click on the following link: Unsubscribe

Center for Democracy & Technology
1634 I St.
Suite 1100
Washington, District of Columbia 20006

Read the VerticalResponse marketing policy.

Non-Profits Email Free with VerticalResponse!