Email this Article Email   

CHIPS Articles: A Framework for Online Privacy

A Framework for Online Privacy
By CHIPS Magazine - October 17, 2018
Online privacy is a growing concern, not only here in the U.S., but across the globe. By the same token, “It is a challenge to design, operate or use technologies in ways that are mindful of diverse privacy needs in an increasingly connected and complex environment,” according to the National Institute of Standards and Technology.

Disastrous data breaches, which have occurred across all sectors of business and government, have exposed individuals to identity theft, extortion — and have made Americans susceptible to unethical and harmful foreign and criminal manipulation.

It’s very important that organizations take serious responsibility for how they collect, process, share and store individuals’ data and protect it against unauthorized uses. Responsibility extends to ethical decisions that organizations make about intentionally using data, and the steps they can take to minimize any adverse actions that individuals might experience when data is unintentionally exposed, NIST Senior Privacy Policy Advisor Naomi Lefkovitz explained in an interview on the NIST website.

“I personally think organizations have the primary responsibility to manage privacy risks because they are the ones determining how to collect, store, use and share individuals’ information to meet their mission or business objectives. That said, I do encourage my friends and family to think carefully about how and with whom they share information online. Be very vigilant about clicking on suspicious links or opening documents in emails. And no, I’m not going to tell you to read privacy notices — at least until they get a lot simpler and easier to understand!”, Lefkovitz said.

Lefkovitz also pointed out that organizations run the risk of losing customers because they are concerned about how their personal data is being used. “These problems can cause people direct emotional distress as well as causing them to limit or abandon their use of beneficial products and services due to lack of trust.”

Lefkovitz is encouraging organizations that want to get involved in developing the Voluntary Privacy Framework to visit the NIST Privacy Engineering Program website.

“NIST aims to collaboratively develop the Privacy Framework as a voluntary, enterprise-level tool that could provide a catalog of privacy outcomes and approaches to help organizations prioritize strategies that create flexible, effective privacy protection solutions and that let individuals enjoy the benefits of innovative technologies with greater confidence and trust,” Lefkovitz said.

NIST Senior Privacy Policy Advisor Naomi Lefkovitz
Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer