State of the Union Discusses Privacy

On February 7, 2023, President Joe Biden delivered his second State of the Union address to the United States (U.S.). Biden addressed many issues facing the nation, including the privacy rights of U.S. citizens. 

First, Biden affirmed the importance of protecting and safeguarding patient privacy for information obtained about them in a health care setting. The importance of this privacy right is very timely, considering that, on February 1, the Federal Trade Commission (FTC) issued its first regulatory penalty for a company’s breach of the FTC’s Health Breach Notification Rule, which “requires vendors of personal health records and related entities to notify consumers following a breach involving unsecured information.”   

Biden also asserted that the US “must finally hold social media companies accountable for the experiment they are running on our children for profit.” Biden added that bipartisan legislation should be passed governing the collection of personal data by companies, with a special emphasis on the protection of “kids and teenagers online” through a prohibition on collecting their data and utilizing targeted advertising to children. 

According to Wired, President Biden’s mention of data privacy issues is a rare topic to be discussed in a State of the Union, as it was never addressed during any of former president Trump’s State of the Union and it was only addressed once by former president Obama. Biden’s mention of these issues, according to Wired, “sets a precedent that the topic should be of real concern to US presidents and the public.” 

This notion is further evidenced by the fact that Biden has addressed data privacy pertaining to children in each of the State of the Unions he has delivered. In the 2022 State of the Union, he said “[i]t’s time to strengthen privacy protections; ban targeted advertising to children; demand tech companies stop collecting personal data on our children[.]” 

Although Biden has been the first US president to formally address data protection, this progress has been reportedly insufficient according to some industry participants. 

According to a statement by Alex Santos, CEO of the critical infrastructure protection-focused firm Fortress Information Security, Biden’s recognition of cybersecurity was “disappointing,” although Santos did acknowledge that this speech, being that it is “arguably a performance” had to hit on the issues most pressing to the public and that “maybe the public isn’t as interested in that issue as some of the headline issues.” 

Mark Green, the new chairman of the House Homeland Security Committee and Republican Congressman from Tennessee, stated that the exclusion of cybersecurity as a topic during the State of the Union was a large issue as he believes cybersecurity should be treated as a priority due to the “cyberthreats from criminal actors and nation-state adversaries [being] a preeminent national security threat of our time.” 

Regardless of your opinions on Biden’s State of the Union, one thing can be for sure: data privacy is at the forefront of the regulatory scheme for 2023. As such, we should all be considering the effectiveness of our data privacy policies and practices.