Search Icon White
News Cover Image

U.S. to Help Define New International Standard for Consumer Privacy by Design


Amazon, American Express, Apple, Axiomatics, Bank of America, BigID, Cisco, Comcast, Deloitte, DocuSign, Dropbox, Equifax, Experian, Ernst & Young, Facebook, Ford, Google, IBM, Ionic Security, JPMorgan Chase, Kaiser Permanente, KPMG, MailChimp, Mastercard, Microsoft, OneTrust, PwC, Return Path, Riot Games, State Street, Sumo Logic, Tesla, TransUnion, TrustArc, Uber, US NIST, Verizon, Walmart, and WireWheel Form US Technical Advisory Group Under ANSI and OASIS to ISO/PC 317

The American National Standards Institute (ANSI) encourages relevant stakeholders to review and share the recent press release, U.S. to Help Define New International Standard for Consumer Privacy by Design, issued by OASIS:

Defining international standards for privacy is critical for the future of global commerce. To support this cause, many of America's leading companies and government agencies are collaborating to help define the new international standard for "Consumer Protection: Privacy by Design." The standard will be part of ISO Project Committee 317. As one of 12 countries with Participant status in ISO/PC 317, the United States will be represented by its Technical Advisory Group (TAG), administered by the American National Standards Institute (ANSI) in partnership with the OASIS standards and open source consortium. Members of the U.S. TAG represent America's leading companies and government agencies committed to privacy rights for consumers.

"ISO/PC 317 will complement the efforts of the European GDPR standard aiming to aid in the prevention of data breaches while giving consumers more control over the use of their data," said Rik Parker of KPMG, chair of the U.S. TAG to ISO/PC 317. "By being involved from the outset, the U.S. can be sure that this international standard is practical, well-conceived, and adoptable across complex organizations."

"The implementation of data privacy principles and data protection requirements into an organization's business processes has become one of the most complex business challenges of the 21st century," said Debra Farber of BigID, vice chair of the U.S TAG to ISO/PC 317. "I consider it a tremendous honor to contribute to the establishment of a global set of regulatory-agnostic guidelines that embed privacy into products and services by design and default."

"It's a huge endeavorbut one we have to take on now," added Aris Gkoulalas-Divanis of IBM Watson Health, vice chair of the U.S. TAG to ISO/PC 317. "Every organization that deals with consumer data is going to be impacted by the standard we produce in ISO/PC 317. State-of-the-art privacy enhancing technologies, including privacy and security controls, should be incorporated into product design to offer end-to-end privacy protection while allowing products to deliver on their intended functionality."

In addition to the U.S., 11 other countries, including the U.K., China, Canada, and Korea, have a voice in establishing this global standard. The first meeting of ISO/PC 317 will be held in London, Nov 1-2, 2018.

Representation on the U.S. TAG to ISO/PC 317 is open to U.S.-based companies, national and local government agencies, and researchers that digitally collect or process consumer data.

More information on the U.S. TAG to ISO/PC 317 is at:

Support from U.S. TAG members

Quotes from American Express, Equifax, MailChimp, Mastercard, OneTrust, Return Path, Uber, Verizon, and WireWheel are at:

About ANSI

The American National Standards Institute (ANSI) is a private non-profit organization whose mission is to enhance U.S. global competitiveness and the American quality of life by promoting, facilitating, and safeguarding the integrity of the voluntary standardization and conformity assessment system. Its membership is comprised of businesses, professional societies and trade associations, standards developers, government agencies, and consumer and labor organizations. The Institute represents and serves the diverse interests of more than 270,000 companies and organizations and 30 million professionals worldwide. ANSI is the official U.S. representative to the International Organization for Standardization (ISO) and, via the U.S. National Committee, the International Electrotechnical Commission (IEC).


OASIS is one of the most respected, member-driven standards bodies in the world. It offers standards and open source projects a path to recognition in international policy and procurement. OASIS has a broad technical agenda encompassing cybersecurity, privacy, cryptography, cloud computing, IoT, legal, emergency management, augmented reality, and more.

Media inquiries:

Carol Geyer
[email protected]; 1.941.284.0403


Jana Zabinski

Senior Director, Communications & Public Relations


[email protected]

Beth Goodbaum

Journalist/Communications Specialist


[email protected]