As part of an effort to help organizations manage risk, the U.S. Commerce Department's National Institute of Standards and Technology (NIST) has launched a collaborative project to develop a voluntary privacy framework. The American National Standards Institute (ANSI) encourages its members and relevant stakeholders to attend NIST's public workshop on October 16 in Austin, Texas, to contribute to collective stakeholder input to support the development of the framework.
The public workshop will take place in conjunction with the International Association of Privacy Professionals' Privacy. Security. Risk. 2018 conference. Prospective attendees can register on the event website by October 9.
The framework is a response to the growth of privacy issues related to the growth of innovative technologies including the Internet of Things (IoT) and Artificial Intelligence (AI). While IoT and AI enhance organizational efficiency and spur economic growth, these technologies increasingly put individual's privacy at risk, as they require complex networking environments and use detailed data about each user.
NIST, which has released a detailed description of its new project, reports that the framework will be based on the successful, open, transparent, and collective approach used to develop their highly impactful Cybersecurity Framework [Read related article: NIST Releases Version 1.1 of Its Cybersecurity Framework]. NIST will convene and work with industry, civil society groups, academic institutions, federal agencies, state, local, territorial, and foreign governments, and others through a series of workshops and requests for public comment.
"We've had great success with broad adoption of the NIST Cybersecurity Framework, and we see this as providing complementary guidance for managing privacy risk," said Walter Copan, Under Secretary of Commerce for Standards and Technology and NIST director. "The development of a privacy framework through an open process of stakeholder engagement is intended to deliver practical tools that allow continued U.S. innovation, together with stronger privacy protections."
In addition, parallel with this effort, Commerce's National Telecommunications and Information Administration is developing a domestic legal and policy approach for consumer privacy, in coordination with the department's International Trade Administration, to ensure consistency with international policy objectives.