Online privacy

In April 2024, AT&T learned that customer data was illegally downloaded from our workspace on a third-party cloud platform.

The US Department of Commerce’s National Institute of Standards and Technology (NIST) has launched a collaborative project to adapt NIST’s digital identity guidelines to support public benefits programs, such as those designed to help beneficiaries pay for food, housing, medical, and other basic living expenses.

The Federal Communications Commission adopted a three-year, $200 million Schools and Libraries Cybersecurity Pilot Program.  This program will allow the FCC to obtain actionable data about which cybersecurity services and equipment would best help K-12 schools and libraries address the growing cyber threats and attacks against their broadband networks. From this program, the FCC aims to learn how to improve school and library defenses against sophisticated ransomware and cyberattacks that put students at risk and impede their learning.

Broadband industry groups are asking a federal appeals court to scuttle the Federal Communications Commission's new disclosure obligations on telecommunications companies that suffer data breaches. The agency specifically required companies to notify consumers, federal law enforcement agencies and the agency about all breaches—even “inadvertent” ones—that expose personally identifiable information, including sensitive financial information. The broadband lobbying groups argue that Congress stripped the FCC of authority to issue the new regulations.

On behalf of Free Press, the African American Research Collaborative (AARC) and BSP Research (BSP) completed a survey of 3,000 American adults to better understand how Americans use media and technology to gain information, how they deal with misinformation and safety online, what privacy concerns they have about online platforms, what they believe are appropriate roles in content moderation, and whether they perceive a need for more independent news sources in the current media and political environment. Key findings included:

On May 15, Federal Communications Commission Chairwoman Jessica Rosenworcel spoke about the National Plan to End Gender-Based Violence. She spoke about some of the actions the FCC has taken to help and protect survivors of domestic abuse, including requiring phone carriers to "swiftly and securely separate phone lines of survivors from family plans." The Chairwoman also spoke about action the FCC is taking to prevent internet connected cars from being used by abusers to stalk and harass survivors. "I don’t think that answer is good enough.

Some say the car a person drives can say a lot about them. As cars get “connected,” this turns out to be truer than many people might have realized. While connectivity can let drivers do things like play their favorite internet radio stations or unlock their car with an app, connected cars can also collect a lot of data about people.

Governor Wes Moore (D-MD) signed two measures into law that are aimed at better protecting personal data online from Big Tech, including a bill making Maryland the second state to try to create strong limits on information collected on children. The measure, known as the Maryland Kids Code, seeks to limit data that could be collected from children online and protect them from being flooded with harmful material they were not trying to find. Supporters say the new law aimed at protecting children was crafted to withstand court challenges like one that halted a California law.

In December 2023, members of Congress wrote to Federal Communications Commission Chairwoman Jessica Rosenworcel expressing concern that proposed data breach reporting requirements would violate the Congressional Review Act. On May 3, Chairwoman Rosenworcel responded and explained that the new requirements were a needed update, and consistent with the Congressional Review Act.

The House of Representatives passed the Privacy Enhancing Technology Research Act, 354 to 36. Privacy enhancing technologies (PETs) are a broad range of technologies that allow organizations to collect, share, and use data while mitigating the privacy risks that arise from those activities. This legislation, introduced by Rep Haley Stevens (D-MI) and co-led by Rep Tom Kean, Jr.