Key Points
  • ECPA standards must be clarified, providing stronger privacy protections for communications and associated data in response to changes in technology and new services and usage patterns, while preserving the legal tools necessary for government agencies to enforce the laws, respond to emergency circumstances and protect the public.
  • Federal privacy law must be reconciled with requests by fiduciaries and executors for access to digital assets of deceased person, resolving serious conflict of law and preemption questions for the states and privacy questions for users of online services. Policy must balance the interests of estate administrators, with the privacy of users with whom and about whom they have communicated.
  • State Departments of Education should make publicly available an inventory and index of all data elements with definitions of individual student data fields currently in the statewide longitudinal data system, create a data security plan, and ensure compliance with federal and state data privacy laws and policies.
  • Effective cybersecurity measures will build upon public-private partnerships, existing initiatives, and resources, emphasize risk management, focus directly on threats and bad actors and be capable of responding and rapidly adapting to new technologies, consumer preferences, business models, and emerging threats.

A market environment is essential for future success of the Internet. A consumer and private-sector-driven approach to privacy via self-regulation avoids undue regulatory burden that would threaten a thriving electronic marketplace.

The Internet has flourished due in large part to the unregulated environment in which it has developed and grown. Self-regulation, industry-driven standards, individual empowerment and a market environment generally promise greater future success than intrusive governmental regulation.  In order to secure the economic growth and vitality of the electronic marketplace, the private sector must continue to lead through self-regulation. Innovation, expanded services, broader participation, and lower prices will arise in a market-driven arena, not in an environment burdened by over-regulation.

The market has responded favorably and swiftly to consumer concerns regarding the collection and use of personal information.  Innovators have crafted tools that let users block cookies, advertising, the tracking of Internet surfing behavior, and third party sharing of information. The market is responding to consumer concerns, without burdensome government regulation. The most effective privacy policies provide notice, choice, security, and access. Online sites and services should be encouraged to offer more options along these lines and individuals should be free to select the policy that best fits their needs and take responsibility for their online activities.

Effective cybersecurity is essential for the proper function of government and continued growth of the economy in cyberspace.  However, cyber challenges could pose an existential threat to the U.S. economy, our national security apparatus and public health and safety.

Cyberspace’s owners include all who use it: consumers, businesses, governments, and infrastructure owners and operators. Cybersecurity measures must help these stakeholders to be aware of the risks to their assets, property, reputations, operations, and sometimes businesses, and better understand their important role in helping to address these risks. Industry should lead the way in sharing information with the appropriate government entities following an attack and collaborating with others in the private sector to share best practices.

Partnerships between government and industry have provided leadership, resources, innovation, and stewardship in every aspect of cybersecurity since the origin of the Internet. Cybersecurity efforts are most effective when leveraging and building upon these existing initiatives, investments, and partnerships.

Publications

  • Screenshot 2021-03-26 115613

    Amicus Brief: AFP v. Baccera

    “Every American should be concerned about this type of detailed donor disclosure,” said ALEC CEO Lisa B. Nelson. She continued,…
  • A FRAMEWORK FOR PRIVACY LEGISLATION – Web Cover Page

    A Framework for Privacy Legislation

    Privacy is en vogue. Policymakers from Washington, D.C. to Washington State are talking about it. They are holding meetings and…
  • 2013-03-20 Abuse-and-Misuse-of-Personal-Info-Final cover

    Abuse and Misuse of Personal Information

    Executive Summary: Advances in technology provide a number of useful products and services that can either enhance or threaten personal privacy,…
+ All Privacy and Security Publications

Model Policies

  • State Infrastructure Protection Act Final

    AN ACT relating to prohibiting contracts or other agreements with certain foreign-owned companies in connection with critical infrastructure in this state. BE IT ENACTED BY THIS LEGISLATIVE CHAMBER: SECTION 1.  This Act may be cited as the State Infrastructure Protection Act. SECTION 2.  The relevant section or chapter of the business or commerce code…

  • Resolution Urging Congress to Protect Consumer Privacy in Banking and Financial Transactions Final

    Resolution Urging Congress to Protect Consumer Privacy in Banking and Financial Transactions WHEREAS, the Biden Administration and some in Congress have proposed changes to tax information reporting which would require financial institutions to provide the Internal Revenue Service reports of incoming and outgoing transactions from every customer financial…

  • The Privacy Protection Act Final

    Purpose This proposal establishes criteria for the government’s adoption of new and emerging surveillance technologies while ensuring privacy protections for individuals. Text Section 1. Definitions 1. “Commission” means the Personal Privacy Oversight Committee created in Section 4. 2. (a)“Government entity” means the state, county, a municipality, a higher education institute,…

  • Statement of Principles on Facial Recognition Policy Final

    I. Policymakers should avoid one-size fits all frameworks. Any framework should identify actual harms to consumers and be designed to protect against those harms. Prescriptive legislation should be avoided as it prevents the private sector from innovatively addressing public concerns about the technology. To the extent possible, policymakers should avoid…

  • Resolution In Support of Telehealth Modernization Principles

    WHEREAS, laws and regulations should allow health care providers to practice the full extent of their professional training and expertise through telehealth; WHEREAS, laws and regulations should permit health care providers to deliver all forms of telehealth, including real-time video consultations, remote patient monitoring, and store-and-forward technology; WHEREAS, all health…

  • Resolution Supporting Efforts of Telehealth Working Group Final

    WHEREAS, the cost of healthcare has grown an average of 2.4 percent faster than GDP since 1970 and currently represents 18 percent of the United States’ total GDP; and WHEREAS, the lack of access to health care in rural areas is contributing significantly to these increasing costs; and WHEREAS,  21…

+ All Privacy and Security Model Policies

Task Forces

Commerce, Insurance and Economic Development

Members of the Commerce, Insurance and Economic Development Task Force believe that economic freedom is the cornerstone of prosperity. The…

Health and Human Services

There is no sector of our economy where the hand of government is more evident than in health care. Half…

Communications and Technology

With nearly 200 members representing all parts of the country and every segment of industry, the Communications and Technology Task…