WASHINGTON — Leading up to the State of the Union, President Barack Obama gave a broad overview of some of his proposals on cybersecurity this week, calling for legislation and a national standard to ensure people are notified within 30 days of their information being compromised.
“This is a direct threat to the economic security of American families and we got to stop it. If we’re going to be connected, then we need to be protected. As Americans we shouldn’t have to forfeit our basic privacy when we go online to do our business,” he said.
According to research from eMarketer, more than 3 billion people will be Internet users in 2015.
David Inserra, a research associate specializing in homeland and cybersecurity at conservative think tank Heritage Foundation, likened cyberspace today to a jungle in warfare.
The jungle is neither inherently good or bad, but it can be used by both sides in the war, Inserra said. Whoever uses the jungle better wins, which for cybersecurity means information and data either can be either protected or lost.
During Tuesday’s State of the Union address, Obama is expected to further outline a proposal to create a national standard for companies to inform customers within a certain timeframe if their information has been compromised.
Forty-seven states already have data breach notification legislation.
Obama said he hoped a national standard would eliminate some of the confusion and extra costs surrounding multiple state policies.
Inserra said a national standard made sense and would be acceptable if it was not overly restrictive.
“Moving to a single standard is wise so long as that standard isn’t burdensome,” he said.
Mark Jaycox, a legislative analyst at the pro-civil liberties nonprofit Electronic Frontier Foundation, said an ideal law would ensure at minimum that a state attorney general could still act in accordance with his or her state law if it is tougher than the federal standard.
Obama also proposed legislation protecting consumer and student privacy.
Consumers should know what personal data is being collected by companies and be able to decide how those companies use their data, Obama said on Monday at the Federal Trade Commission.
His student privacy act would focus on protecting information of students who have to use technology to participate in classes at the elementary and secondary school level. Because students have to surrender some of their information to use the Internet for school, Inserra said, some level of protection is appropriate. He said it may be easier for businesses to have one federal rule that a number of different state rules.
Actual legislation detailing with the specifics of Obama’s proposals have yet to be released publicly.
Rep. Pete Olson, R-Texas, said in a statement Monday he is anticipating working on consumer privacy with the president but “the devil is in the details.”
“I agree that we need a federal standard for data breach notification, but we must take a balanced approach to protect consumers without putting unnecessary burdens on companies or hindering important uses of data.”
A number of companies have had national attention for recent data breaches: Target, Home Depot and Sony Pictures.
Five Things to keep in mind while watching the State of the Union
- Cyber security is a leading issue: 2013 and 2014 saw data breaches at companies such as Sony Pictures, Target and Home Depot
- The 114th Congress is controlled by Republicans: Obama’s hope of cybersecurity being a unifying issue may be unfounded.
- Obama appears to be in good spirits heading to the State of the Union: At engagements this week, Obama seemed relaxed, even making jokes, a sign he is confident in his proposals.
- Obama is proposing measures but no specific legislation has been released. What he’s mentioned so far are a national data privacy standard; free access to credit scores, a measure applauded by banks such as JP Morgan Chase and Bank of America; a consumer privacy bill of rights; and a student data privacy act.
- A number of people and groups seem open to a discussion on cybersecurity, but the details surrounding Obama’s proposals will be a main thing to look out for during and after the State of the Union.
