Are Obama’s new cybersecurity standards a form of privacy regulation in disguise?

While the National Security Agency has been working to gather data about Americans' communications, other branches of government have been working to develop new rules to promote online privacy and security. Among them is the National Institute of Standards and Technology.

With the private sector's input, NIST has been putting together an obscure but important proposal to improve the nation's resilience against malicious hackers. Buried in the back of it is a series of recommendations that, if approved, might pave the way for stronger government oversight of businesses when it comes to their use of personal information. They include suggestions such as figuring out what exactly a company knows about its employees and its customers; whether its handling of the information poses a security risk; and how to treat personal data in the event of an online attack. These ideas are based on a common set of privacy principles that don't have the force of law. But according to Stewart Baker, the NSA's one-time top lawyer and former Bush administration official, the NIST guidelines could eventually turn into more enforceable regulations.