SIIA, Industry Offer Guidance to NIST Privacy Engineering

Privacy engineering can offer tremendous value to consumers. This is the premise of a new privacy engineering initiative launched by the National Institute of Standards and Technology (NIST) earlier this year.  After two workshops, a webcast and substantial outreach to industry, NIST is still seeking feedback to help them provide technical guidance to information system users, owners, developers and designers.

On October 10, SIIA joined with a dozen industry groups in submitting comments to NIST to help scope their initiative.  In the letter, the groups note that many of our member companies utilize privacy engineering solutions as part of their “privacy-by-design” practices and internal information management.  And we concur that refining and improving privacy engineering processes requires a collaborative effort involving information technology, compliance, legal, product development, marketing, customer service and other functional areas.

However, as SIIA has often pointed out, expectations surrounding the collection and processing of personal information are not purely personal.  They reflect evolving social norms – which often vary significantly across jurisdictions around the world.  As technologies evolve to become instrumental in all facets of our lives, our experience and expectations of privacy also evolve.  As for the legal framework, there are numerous ongoing discussions within myriad self-regulatory and governmental policy-making bodies, and a diversity of existing laws not just in the U.S., but around the world.

In short, the policy framework for privacy is still in flux.  As a result, an exercise to develop guidance in the form of technical standards could prove counterproductive, getting ahead of diverse international user expectations and policies.  The establishment of a technical framework or standard can only follow when we have achieved a consensus on policy objectives.  In the absence of clear, predefined policies, the result could have a chilling effect on innovation, thrusting engineers into the complicated process of critical decision-making on the various gray areas of privacy expectations and legal requirements.  For instance, is it really a matter for technical standards to be set by engineers whether a particular form of consumer consent should be opt-in or opt-out?

To that end, SIIA supports a more tailored effort, where NIST focus its efforts on cataloging, in a policy-neutral manner, how privacy engineers accomplish various privacy-by-design or information management processes.  This represents a pivot from what policy goals should be to how privacy engineering might achieve privacy goals that are defined elsewhere.

We value NIST’s technical expertise and interest in contributing to the shared goal of promoting privacy by design, and by developing a catalog to this end, NIST can make a significant contribution to the field by undertaking such an initiative.


David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy. Follow the SIIA public policy team on Twitter at @SIIAPolicy.

Congress Needs to Give Green Light to Health IT Innovation

Healthcare systems around the world are being challenged by aging populations, chronic illness and revolutionary—but expensive—treatments.  Appropriate solutions are often not available to patients in need, while medical providers, academics and innovators often work  independently or in small groups, with unconnected health datasets that provide incomplete pictures of the health statuses and health care practices of Americans.

While information technology (IT) products hold the promise of dramatically changing this situation and improving health care for those in need, current public policy is standing in the way.  It’s time for Congress to change that.

Applying new information technology (IT) products and services, particularly data analytics, to healthcare, delivered when and where it is needed in a digestible manner, can help medical professionals access evidenced based medicine to deliver better treatments and accelerate the search for timely cures. Some of the potential outcomes include: faster treatments coming to market, aligned health care incentives—lowering  costs for patients and providers (eliminating needless procedures), and a more  efficient, patient-centered healthcare systems that enable a more comprehensive view of patient care across a variety of conditions and procedures.

Unfortunately, America’s broad regulatory approach is harming the development and application of a wide range of software supporting this evolution, threatening to delay or prevent the implementation of revolutionary healthcare solutions. There is significant confusion in the market about what technologies may be regulated, by which agencies, and to what standards. This uncertainty is standing in the way of myriad promising technologies that can help clinicians access more evidence-based medicine, provide patient populations with more individualized care, and generate better patient-caregiver-provider engagement.

This week, SIIA joined with dozens of technology providers, health organizations and trade associations urging Congress to pass legislation to provide much-needed statutory clarity and a stable foundation for continued innovation in health IT.  Now is the time for Congress to give the green light to foster the necessary innovation to improve our Nation’s healthcare system and reducing costs. There is broad consensus on the need for a risk-based framework for health IT.


David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy. Follow the SIIA public policy team on Twitter at @SIIAPubPolicy.

Digital Policy Roundup

Groundbreaking Study of U.S. Software Industry Shows Wide-Ranging Impact on GDP, Productivity, Exports and Jobs

At a lunch time event Wednesday – featuring an armchair discussion with U.S. Deputy Secretary of Commerce Bruce Andrews – SIIA released the results of a comprehensivestudy of the economic impact of the U.S. software industry. The software industry has had a substantial, transformative impact on the American economy. Regarded as an enabling technology in use by virtually all sectors, software has become a critical driver of productivity, growth and employment. Disputing claims that automation hurts jobs, the SIIA analysis found that software contributes to job growth in three critical ways.

To produceThe U.S. Software Industry: An Engine for Economic Growth and Employment, SIIA worked with independent economic analysis firm Sonecon and its chairman and co-founder Robert Shapiro, former undersecretary of commerce for economic affairs under President Bill Clinton. The study represents a rigorous empirical analysis of the economic effects arising from the diffusion of software across U.S. businesses and households.

To read the executive summary, click here. To access a brief power point presentation of Shapiro’s findings, click here.

SIIA Applauds Passage of H.R. 5233, the Trade Secrets Protection Act

Wednesday, the House Judiciary Committee passed H.R. 5233, the “Trade Secrets Protection Act of 2014,” and voted to favorably report it to the House of Representatives. SIIA released a press statement in favor of the bill’s passage. . H.R. 5233 would establish a cause of action in federal court by an owner of a trade secret who is injured by the misappropriation of a trade secret that is related to a product or service used in or intended for use in the interstate or foreign commerce. During the markup, a few members questioned whether legislation was needed since almost all states provide protection for trade secrets under the Uniform Trade Secrets Act, but otherwise there was broad bipartisan support for the measure. At the conclusion of Wednesday’s markup Chairman Goodlatte noted that the bill will not be taken up in the House until sometime during the post-elections “lame duck” session. The bill and an amendment adopted during the markup will eventually be found here.

SIIA Participates in FTC Big Data Workshop

On Sept. 15, SIIA VP of Public Policy, Mark MacCarthy, participated in the Federal Trade Commission’s workshop: Big Data: A Tool for Inclusion or Exclusion? Speeches by FTC Chairwoman Edith Ramirez and FTC Commissioner Julie Brill provided an overview of the key objectives of the FTC in this area. Particularly they are assessing current laws and potential gaps in the law that could allow “big data” or analytics to lead to discrimination or “digital redlining.” To that end, Commissioner Brill reiterated her challenge to “the data broker industry,” urging them to “take stronger, proactive steps right now to address the potential impact of their products that profile consumers by race, ethnicity or other sensitive classifications, or that are proxies for such sensitive classifications.” In particular she urged data providers to investigate how their clients are using data and stop doing business with those whose use is “inappropriate.” In addition to seeking to prevent discrimination, the FTC is encouraging industry to take affirmative steps to utilize data and technology to empower the underserved.

Data is increasingly a strategic, core component of SIIA members’ business models, and many of these companies are leaders in providing data analytics and data-driven innovation. Therefore, SIIA has been a strong proponent policies that data-driven innovation. Prior to the FTC workshop, SIIA hosted a workshop on Capitol Hill highlighting the uses of data and data analytics for empowerment and risk mitigation.

In conjunction with the workshop, the FTC is accepting additional comments. SIIA will work with members to submit comments on this important issue on behalf of members and the industry.

Outgoing European Commission Vice-President for the Digital Agenda Neelie Kroes Delivers Swansong Speech at Georgetown University

Kroes spoke of her hope for a transatlantic digital single market. The Vice-President delivered a mostly positive upbeat talk, although she did mention the surveillance revelations. Kroes emphasized that for a transatlantic digital market to flourish, online transactions must be secure, and that networks and systems must be protected from attack. She supported the Transatlantic Trade and Investment Partnership. The Commission official added that within the EU alone, a digital single market could be worth 4% of GDP, i.e. $1500 per EU citizen. She emphasized the importance of an open Internet. A recurring theme in her speech was that ICT was not a purely American invention. Kroes said: “25 years ago, a network first devised for the U.S. military, benefited from protocols developed by a British scientist working in Switzerland. Today, the Internet is now used by 3 billion people across the world, the platform for billions of dollars of trade.”


David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy. Follow the SIIA public policy team on Twitter at @SIIAPolicy.

Digital Policy Roundup

SIIA Event to Examine Software’s Transformative Impact on the US Economy & Employment

Join SIIA for lunch and dialogue with business leaders on how software is transforming the U.S. economy, and reinventing the way businesses and consumers operate. The event, “The Software Century: Analyzing Economic Impact & Job Creation,” will take place on September 17 from 11:30am-1pm in Room HVC 215 of the U.S. Capitol Visitor Center. Featuring an exclusive interview with Deputy Secretary of Commerce Bruce Andrews.RSVP HERE.

At the event SIIA will unveil its new report, “The U.S. Software Industry: An Engine for Economic Growth and Employment.” This SIIA report is a comprehensive review of the software industry’s economic impact, authored by former Undersecretary of Commerce for economic Affairs, Robert Shapiro. For more information, or to register, click here.

SIIA to Participate in in FTC Workshop on Big Data and Discrimination

The FTC recently made available the agenda and list of participants for its upcoming Workshop “Big Data: A Tool for Inclusion or Exclusion?” which will take place on Monday, Sept. 15. Mark MacCarthy, SIIA’s Vice President for Public Policy, will be participating on the panel focused assessing what is on the horizon for big data, exploring both the benefits and potential harms for particular populations of consumers. The workshop will include a range of academics, consumer advocates, industry and technology experts, including SIIA member SAS on a panel covering the current landscape of big data analytics. The workshop is a follow-up to the Administration’s white paper released in April.

SIIA and Tech Industry Press Enactment of USA Freedom Act

On Monday, SIIA joined with a group of technology industry associations in sending a letter to U.S. Senate leaders Harry Reid (D-NV) and Mitch McConnell (R-KY) urging the Senate to act in a bipartisan fashion and swiftly pass the USA FREEDOM Act (S.2685). In sending the letter, SIIA highlighted the need for surveillance reform in the U.S. as an essential part of restoring the public trust and providing support for U.S. businesses internationally. The USA FREEDOM Act modifies legislation already passed by the House in May, and it balances critical U.S. national security objectives and individual privacy needs. At this time, Senate leadership has not indicated when the legislation will be considered. With very few days of the congressional session remaining this month, consideration of the legislation could slip to the lame duck session after the November elections.

New European Commissioners Likely to be Announced this Week

The President-Elect of the European Commission, former Luxembourg Prime Minister Jean-Claud Juncker, is expected to announce the portfolio allocation of the next European Commission sometime this week. The Commission is the executive branch of the European Union. Besides Italy’s Federica Mogherini, nominated to be the Commission High Representative for Foreign Affairs, we do not know who will take over the different Directorates General (akin to government departments) of the Commission. After the nominations are announced, the European Parliament has to give its consent, including for Juncker and Mogherini.

From an SIIA member standpoint, the Directorates General in charge of trade, justice and the internal market are the most significant because they control trade, intellectual property and privacy/data flow issues. Given that there will be a new Commission and a new Parliament, we can expect significant activity affecting SIIA member interests. Juncker’s “Political Guidelines for the Next European Commission” suggest that this will be the case. The Guidelines lay out ten priorities. Priority number two is called: “A Connected Digital Market.” Juncker plans to “swiftly” conclude negotiations on new European data protection rules. (Note: Interestingly the political declaration does not specify whether the rules will take the form of a Regulation or a Directive. The current draft of the new rules is a Regulation. Regulations become law in Member States without the Members having to change their laws for the Regulation to come into effect. Directives need to be “transposed” into Member State law through national legislation.) Juncker also plans on “modernizing copyright rules in the light of the digital revolution and changed consumer behavior.” Priority number six calls for: “A Reasonable and Balanced Free Trade Agreement with the U.S.” The Resident-Elect says he will “not sacrifice data protection standards “on the altar of free trade.”


David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy. Follow the SIIA public policy team on Twitter at @SIIAPolicy.

Digital Policy Roundup

DOC Announces Creation of Chief Data Officer, Private Sector Advisory Council

Last week, U.S. Secretary of Commerce Penny Pritzker announced that the Department of Commerce (DOC) is expanding its role as “America’s Data Agency” by hiring the first ever Chief Data Officer. The role of the new CDO will be to oversee improvements to data collection and dissemination, and to ensure that Commerce’s data programs are coordinated, comprehensive, and strategic. In coordination with the new CDO, the DOC will also soon create a data advisory council, comprised of private sector leaders, to advise the Department on how to best use and unleash more government data.

This announcement is a major step in the direction of meeting one of SIIA’s key policy priorities. As established in our 2013 paper on Data-Driven Innovation, , SIIA is a leading proponent of open data policies, to use public-private partnerships to provide access to critical public data, and to adopt enterprise architectures that enable sharing. Governments at all levels possess treasure troves of valuable data that have gone largely untapped for many years. More than ever before, citizens want access to government data, and they want it applied in innovative ways to which they are increasingly becoming accustomed.

Publication of European Commission “White Paper” on Copyright Delayed

The press report that a white paper on the future of copyright has been removed from the agenda of a meeting of European commissioners next week. The white paper, which is supposed to set out a roadmap for possible reform in the European Union, has elicited a great deal of interest among both pro-copyright and other stakeholders. Perhaps reflecting the current controversies surrounding copyright, Commissioner Barnier who is responsible for the Internal Market and Services, appears to have been outmaneuvered by the European Commissioner for the Digital Agenda, Nellie Kroes.

Kroes delivered a widely discussed speech on July 2 called “Our single market is crying out for copyright reform.” Her speech has been widely viewed as an attempt to force the Commission’s hand to propose reforms that some observers would consider a weakening of copyright protections. Kroes, for instance, made it quite clear that she would favor a European Union-wide copyright exception for non-commercial text and data mining. And she noted that Japan has introduced a text and data mining exception that includes commercial use. There have been reports of leaked versions of the white paper which suggest that Barnier has taken a neutral approach to many of the issues that critics of copyright cite as ripe for reform. This is what observers believe prompted Kroes to deliver her July 2 speech calling for reform now.

As a practical matter, given that there will be a new Commission in October, copyright changes are not likely before 2015 at the earliest. Moreover, even if Kroes is considered the “winner” now in terms of stopping the white paper’s release, the white paper will likely still be the base document the next Commission uses to start considering possible copyright changes.


David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy. Follow the SIIA public policy team on Twitter at @SIIAPolicy.

Intellectual Property Roundup

IP News

Google, Canon, Dropbox and Others Pool Parents to Ward Off Trolls (Re/code)
A coalition of technology companies have agreed to join the License on Transfer network, promising to grant licenses to one another whenever one of those patents is sold, in an attempt to defang patents before they get into the hands of patent trolls.

Copyright Office Ponders Aereo Fallout (The Hill)
The U.S. Copyright Office is asking the public to weigh in on what the Supreme Court’s ruling on streaming TV service Aereo means for the future of copyright law.

Aereo’s Plan C for Cable (ZDNet)
Aereo’s new plan after the Supreme Court ruled its service was illegal is to argue that it is a cable company and as such Section 111 of the Copyright Act grants it the “compulsory licenses” it needs to re-transmit over-the-air television content.

White House Pulls Plug on Controversial Patent Office Nominee (GigaOM)
The Obama Administration has backed away from an unpopular plan to name a Johnson & Johnson executive and patent reform opponent as head of the U.S. Patent Office.

House Panel Approves Bill to Curb Patent Threats (The Hill)
The House Commerce subcommittee approved Chairman Lee Terry’s bill, the Targeting Rogue and Opaque Letters Act, a bill aimed at increasing transparency and accuracy in the letters companies send to threaten patent infringement lawsuits.

File-Sharing Lawsuits Are a Waste of Mondy, Says the American Bar Association(VentureBeat)
The American Bar Association is recommending to its members that they stop filing file-sharing lawsuits since they “do not yield significant financial returns.”


Keith Kupferschmid is General Counsel and SVP, Intellectual Property Policy & Enforcement at SIIA. Follow Keith on Twitter at @keithkup and sign up for the Intellectual Property Roundup weekly newsletter here.

Digital Policy Roundup

Data Analytics Event This Thursday

Join SIIA for lunch and exciting technology presentations on how big data is being employed to empower and protect citizens. The lunch workshop, “Big Data at Work for Citizens: Applying Data Analytics for Empowerment and Fraud Prevention,” will take place Thursday, July 17 from 12-1:30pm in Room G11 of the Dirksen Senate office building.RSVP HERE

Executive Director Marjory Blumenthal of the President’s Council of Advisors on Science and Technology (PCAST) will open the event with discussion of the Administration and PCAST reports on Big Data and Privacy released in May. In addition, the SIIA workshop will provide for Q&A and discussion about key policy considerations to maximize data-driven innovation. For more information, or to register, click here!

Patent Troll Demand Letter Bill Passes House Subcommittee

Last Thursday, the House Energy and Commerce Committee’s Subcommittee on Commerce, Manufacturing and Trade passed the Targeting Rogue and Opaque Letters Act (TROL Act) by a vote of 13-6. The bill attempts to crack down on demand letters sent by patent trolls by giving the Federal Trade Commission (FTC) the authority to seek penalties when patent licensing demand letters make false or misleading statements. The bill has been widely criticized and even its sponsor, Rep. Lee Terry of Nebraska, has conceded that the bill needs to be further amended to address these concerns. The real question seems to be whether amendments can fix the bill or whether it is fatally flawed. Contentious provisions in the bill include provisions that would: (i) create an affirmative defense that applies if the sender can show that the statements made in the letter were made in good faith or that the sender usually sends letters that are not misleading; (ii) preempt state laws dealing with demand letters; (iii) compromise the FTC’s ability to get an injunction under Section 5 of the FTC Act, which allows it to police deceptive business practices.

Potential PTO Director Nominee Withdrawn

Back in late June rumors swirled that the Obama Administration had planned to name Phil Johnson, a pharmaceutical executive for Johnson & Johnson, as head of the U.S. Patent and Trademark Office. Given Johnson’s very public stance against patent troll litigation reform legislation, the potential appointment was met with significant criticism. In response, last week, the Administration apparently backtracked on the appointment and has withdrawn Johnson’s name from consideration. It is unclear who or when the Administration will name someone to head the PTO in lieu of Johnson.

European Parliament’s International Trade Committee (INTA) Chairman Pushes for Less Ambitious TTIP

Inside U.S. Trade reports that the new Chair, Bernd Lange (member of the Socialists & Democrats group) would like to conclude TTIP by the end of 2015, not the end of 2014 which was the original plan. He would like a more “classic” agreement focused on tariffs, some non-tariff barriers, and government procurement. Regulatory cooperation and Investor State Dispute Settlement (ISDS) would be left out under this scenario. Lange’s comments illustrate how unpopular trade agreements are on the other side of the Atlantic, as well as in the United States. Regulatory cooperation is arguably the most important component of the TTIP given the ambition, often stated in both the United States and the European Union, for the TTIP to serve as a model for the rest of the world. The role of parliament is significant on trade. In 2012 the parliament rejected the Anti-Counterfeiting Trade Agreement (ACTA), which the European Commission (the European Union’s executive branch) had invested significant political capital to conclude. As a result, the Commission has to take parliament’s views seriously.


David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy. Follow the SIIA public policy team on Twitter at @SIIAPolicy.

Curated By Logo