Something that I want to know about the U.S. presidential candidates, along with all their views and plans for the economy, education, healthcare, defense and so on, is what their plans are for information security and privacy protections. The past 8 years certainly has been a mixed bag of impacts for privacy and information safeguards.

Neither candidate has produced a detailed privacy plan. However, they have each provided some information about their data protection and high-level privacy plans.
You can see Barack Obama’s data protection plans within “BARACK OBAMA: CONNECTING AND EMPOWERING ALL AMERICANS THROUGH TECHNOLOGY AND INNOVATION”
You can see John McCain’s data protection plans within “Ensuring the Personal Security and Privacy of Americans in the Digital Age.”
McCain emphasizes the need for self-regulation, but also lists the following laws and regulations that he authored or co-authored during the past 10 or so years: The Children’s Online Privacy Protection Act (COPPA), the Children’s Internet Protection Act (CIPA) , the Driver’s License Fraud Prevention Act, the FTC’s “Do-Not-Call” telemarketing registry, the CAN-SPAM Act, and the U.S. SAFE WEB Act.
Obama discusses his plans using more forward-looking terms, and discusses his view of the importance of education and communications.
Something that has worried me, and many others, since its inception is the lack of oversight and responsibility within the USA PATRIOT Act.
McCain’s document does not address this issue.
Obama’s document does address the USA PATRIOT Act somewhat with the following statement, “• Obama supports updating surveillance laws and ensuring that law enforcement investigations and intelligence-gathering relating to U.S. citizens are done only under the rule of law.”
Both need to address the issue of government accountability head-on and with specific plans to make government and law enforcement fully accountable for the bad things that happen to the massive amounts of personally identifiable information (PII) they have in their possession. With acknowledged and enforced responsbility will come better PII security protections by those agencies.
Read the plans and make your own decisions!

Tags: awareness and training, Barack Obama, Information Security, IT compliance, IT training, John McCain, policies and procedures, privacy training, risk management, security training

This entry was posted on Monday, October 27th, 2008 at 2:47 pm and is filed under government. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.