Welcome to New America, redesigned for what’s next.

A special message from New America’s CEO and President on our new look.

Read the Note

Issues [1]
At New America, our work spans across five issue areas—each essential to building a nation and a world where everyone can thrive.
Education & Work

Education & Work

Democratic Futures

Democratic Futures

Global Security

Global Security

Technology & Democracy

Technology & Democracy

Thriving Families

Thriving Families
Latest [2]
Trending Topics

Democracy

National Security

Artificial Intelligence (AI)

Immigration & Global Migration

See The Latest
Real Skills, Real Income: Why Youth Apprenticeship Is Resonating Now

Real Skills, Real Income: Why Youth Apprenticeship Is Resonating Now

Future-Proofing U.S. Nuclear Policy: Forecasting Outcomes of the Nuclear-Armed Sea-Launched Cruise Missile

Future-Proofing U.S. Nuclear Policy: Forecasting Outcomes of the Nuclear-Armed Sea-Launched Cruise Missile

Debunking Myths on Student Parent Data Collection

Debunking Myths on Student Parent Data Collection

The App Store Accountability Act Poses Serious Concerns for Privacy, Security, and Free Expression

The App Store Accountability Act Poses Serious Concerns for Privacy, Security, and Free Expression
Impact [3]

For over 25 years, New America’s insights and policy solutions have helped usher in sweeping, long-term change. Discover how we have turned bold ideas into real-world impact.

See Our Impact

Redrawing School Boundaries for Fairer Funding

Redrawing School Boundaries for Fairer Funding

Reframing Fusion Voting as a Practical, Powerful Reform Strategy

Reframing Fusion Voting as a Practical, Powerful Reform Strategy

Harnessing Terrorism Data to Reshape U.S. National Security Policy

Harnessing Terrorism Data to Reshape U.S. National Security Policy

Establishing a National Housing Loss Rate

Establishing a National Housing Loss Rate
Fellows [4]
For more than 25 years, New America has supported hundreds of fellows as they pursue ambitious work. Through our flagship Fellows Program and specialized fellowships, we back ideas rooted in depth, rigor, and lasting relevance.

See All Fellowships
New America Fellows

The New America Fellows Program supports thinkers, creators, and storytellers whose work shapes public conversation on the defining issues of our time.
Us@250 Fellowship

Learning Sciences Exchange (LSX) Fellowship

Future Security Fellowships
Events [5]

New America hosts various in-person, virtual, and hybrid events. Join the conversation.

See Our Events

Making Child Care Work for Student Parents

Making Child Care Work for Student Parents

Drinking Water Data for the Nation: Version 1.0 Release Webinar

Drinking Water Data for the Nation: Version 1.0 Release Webinar

The Understated Value of Regional Intermediaries for Workforce and Economic Development

The Understated Value of Regional Intermediaries for Workforce and Economic Development

The Charleston Regional Youth Apprenticeship Model

The Charleston Regional Youth Apprenticeship Model
About [6]
Generating big ideas and bold solutions for a new America.

Learn About Us
About Us

Who We Are

Leadership

Programs, Projects, and Initiatives

Careers

Funding

Press
Search
Subscribe
Donate

Press Release

The NIST Privacy Framework Inadequately Addresses Risks Associated with Data Collection

Oct 25, 2019

Shutterstock/ Gorodenkoff

For Media Inquiries
media@newamerica.org

View as PDF

Yesterday, New America’s Open Technology Institute (OTI) filed comments in response to the National Institute of Standards and Technology’s (NIST) proposed privacy framework. The voluntary, risk-based framework provides guidance to companies to take stock of their privacy practices, identify ways to improve, and then make those improvements. OTI’s comments focus primarily on how the framework inadequately addresses the risks associated with data collection.

The framework places responsibility on companies to assess what level of privacy risk is acceptable to users resulting from their data practices. Placing that responsibility on companies will likely increase privacy risks to individuals and likely cause individual harm as companies downplay certain risks and ignore others in pursuit of enhancing revenue. If NIST retains this approach, it should be much clearer and more comprehensive in its explanation of the types of risks that companies should assess.

Moreover, the framework does not discuss the importance of data minimization, which is possibly the most effective way to reduce privacy risks overall. Nor does it create any mechanism to encourage organizations to limit the amount of data they collect. If companies limit their data collection to only the data they need for their operations, the risks associated with data retention and use are greatly reduced. The framework also fails to properly address the risks associated with the use of de-identified data, which can in many cases be re-identified.

The following quote can be attributed to Eric Null, senior policy counsel at New America’s Open Technology Institute:

“We appreciate NIST’s extensive work and thoughtfulness in creating the privacy framework, but changes are needed if the framework is to lead to significant improvements in online privacy practices. Under the current draft, the likelihood that online privacy practices will get better is low. Without clearer guidance from NIST, companies adopting the framework will lure themselves and their users into a false sense of security because the companies will not understand the breadth or gravity of the privacy risks involved in their data processing practices.”

The NIST Privacy Framework Inadequately Addresses Risks Associated with Data Collection

View as PDF

Welcome to New America, redesigned for what’s next.

Education & Work

Democratic Futures

Global Security

Technology & Democracy

Thriving Families

Real Skills, Real Income: Why Youth Apprenticeship Is Resonating Now

Future-Proofing U.S. Nuclear Policy: Forecasting Outcomes of the Nuclear-Armed Sea-Launched Cruise Missile

Debunking Myths on Student Parent Data Collection

The App Store Accountability Act Poses Serious Concerns for Privacy, Security, and Free Expression

Redrawing School Boundaries for Fairer Funding

Reframing Fusion Voting as a Practical, Powerful Reform Strategy

Harnessing Terrorism Data to Reshape U.S. National Security Policy

Establishing a National Housing Loss Rate

New America Fellows

Making Child Care Work for Student Parents

Drinking Water Data for the Nation: Version 1.0 Release Webinar

The Understated Value of Regional Intermediaries for Workforce and Economic Development

The Charleston Regional Youth Apprenticeship Model

Issues

Programs/Projects/Initiatives

Topics

Related

IRS Data Mistake Breaks the Social Contract with Americans, Says OTI

SCOTUS’ Decision to Uphold the Texas Age Verification Law Jeopardizes Everyone’s Online Privacy and Security, Says OTI

KOSA Would Boost the Federal Government’s Powers to Shape Online Speech, Says OTI

App Store Accountability Act Magnifies Privacy and Security Risks, Says OTI

The NIST Privacy Framework Inadequately Addresses Risks Associated with Data Collection