Election 2012 -- Privacy and Unfinished Business

It was a little more than a decade ago that the United States was rocked by the events of 9/11. Much happened on that day, including a sharp turn away from personal privacy and toward national security. Up went the cameras and the Patriot Act, and down came many laws that help safeguard privacy. A new industry for domestic surveillance emerged.

But does it need to be this way? At the beginning of a second term for President Obama, it is time to move beyond the paranoid strategies for public safety that have dominated both Democratic and Republican presidencies.

On the civil liberties front, the open secret is that little changed during the Obama years from the Bush years. The White House not only backed the FISA Amendments Act but defended it before the Supreme Court. That law leaves vulnerable the private communications of Americans in circumstances far outside the realm of a legitimate Fourth Amendment search. It needs a significant review and better oversight mechanisms before Congress considers renewal.

Electronic privacy laws need to be updated and strengthened, not just for the benefit of companies that oppose government searches, but also for users whose personal data is routinely collected for tracking and profiling in ways they could not even imagine. And the risks to medical record privacy will increase as more personal data is stored online.

On the consumer privacy front, the administration gets props for the Consumer Privacy Bill of Rights, a powerful framework for the protection of privacy. But this is only an outline and there is much to do, including legislation, before online privacy improves. The new administration would be wise also to take a closer look at cloud computing. The low-cost -- literally free for many users -- structure of modern computing services also requires that users give up control over their data once it resides on someone else's server. That is a cost that too few users understand. The Federal Trade Commission should begin workshops on that topic early next year. And while the FTC has been busy issuing consent orders, it may also want to take a step back and assess whether companies are in fact doing what they promised to do. Congress could help with that effort.

If you look up in the sky, the odds are growing that you will see a small aerial drone with a surveillance camera looking back at you. President Obama has promoted the use of drones in the United States, but has yet to address the privacy consequences. New rules from the Federal Aviation Administration and legislation are clearly needed. Several bills are currently pending in the House.

The promised efforts to strengthen the Freedom of Information Act, launched literally the day after President Obama was first elected to office, still remains a box unchecked. Perhaps the Justice Department gets credit for not joining the Federal Election Commission's effort to knock out a key pillar of the law -- a meaningful determination by the agency on a request -- but across the open government community the perception remains that agencies are litigating when they could simply be making public information available to the public. More can be done to strengthen open government.

Resolving the challenges of cyber security in the next year will require better cooperation between the two parties. Business groups are right to push back on excessive and quickly outdated rules. But the data in those companies is also that of their customers. To imagine that the problems of security breaches, identity theft, and cyber attacks will simply go away is to ignore reality. Beyond upgrading security and rethinking unbounded data collection, governments and businesses should continue to follow legal obligations for privacy protection and government transparency. There has been enough immunity for unlawful wiretapping.

We also believe that if the National Security Agency plans to enter the realm of domestic computer security, then it must play by the same rules as other federal agencies - openness and public accountability. The urgency of the cyber security challenge is an argument for government transparency not government secrecy.

One issue of particular concern to EPIC, not always in the headlines but central to restoring government accountability, is the need to scale down the Department of Homeland Security. The DHS has become Big Brother's laboratory -- body scanners at airports, "fusion centers" for state governments, RFID-enabled identity documents, surveillance cameras on public streets, and "Future Attribute Screening Technology," a technique for "pre-crime" detection. For those who need the refresher on the movie Minority Report, these systems -- more black boxes than real science -- are prone to abuse. Like the backscatter x-ray devices that are now being boxed-up and taken out of major airports, it is time to pull the plug on these creepy tools for mass surveillance.

Privacy protection, open government, and cyber security. These issues may not be at the top of the list for the new administration, but they should be near the top. And four years from now, we should expect progress.