THINKPolicy #2: Protecting Privacy to Strengthen Trust

Share this post:

In its second THINKPolicy perspective, IBM calls on the U.S. Congress to pass a series of bills intended to strengthen privacy protections for the digital age.

By Christina Peters, Chief Privacy Officer, IBM Corporation


In our first THINKPolicy perspective, IBM asserted that legislation to promote more sharing of cyber threats is necessary to better protect the data of citizens and organizations. In our second installment, we are looking at the privacy of that data.

Rapid, data-driven innovation should not spell the end of individual privacy. People must be confident in how their information can be used, by whom, and under what conditions.

IBM has long been committed to protecting the privacy of our clients, and citizens.  In a 2014 open letter, IBM spoke clearly to its clients worldwide on the subject of governmental access to data. We laid out the steps we have always taken to ensure the integrity of our solutions, how we safeguard our clients’ data, and the steps we would take should governments seek access to that data.

In 2015, we are once again stepping out and strongly calling on governments to modernize privacy protections for the 21st century.


IBM offers the following recommendations to modernize privacy laws for the age when postal mail is no longer a dominant form of communication, and data lives in the cloud:

  • Modernize ECPA – when Congress passed the Electronic Communications and Privacy Act (Act), Internet access came through CD-ROM’s sent in the mail, and services like instant messaging, Twitter or Instagram were decades away. Congress should update ECPA to provide a consistent standard for judicial access to data no matter its form, or how and where it is stored.
  • Extend Overseas Warrant Requirements – revelations of government access to data have complicated America’s relationship with some of our most valued allies. A critical step in normalizing those ties is to pass legislation that sets clear rules on how, when and under what circumstances the U.S. government can access the data of non-Americans that is stored overseas. The LEADS – or Law Enforcement Access to Data Stored Abroad – Act – would do just that, and we urge Congress to pass this bill, which enjoys broad bipartisan support in both the House and Senate.
  • Broaden People’s Control Over How Their Data is Used – Privacy should be respected regardless of the passport one carries. Just as ECPA reform and cybersecurity legislation will help strengthen privacy protections for Americans, citizens of foreign countries, especially America’s close European friends and allies, deserve the same basic privacy protections afforded to U.S. citizens. These include the right to rectify any wrongful disclosure or misuse of their personal data that is lawfully collected by U.S. government agencies. By passing the Judicial Redress Act, Congress can help strengthen the bonds of trust and cooperation between America and the European Union.

Many of the basic legal concepts needed to protect privacy in the digital age are already on the books. They don’t need to be thrown out and rebuilt from scratch. Rather, what’s needed is an expansion and update of existing legal frameworks to ensure data policy on privacy is keeping up with the rapid pace at which data is transforming business and society.

With that pace showing no signs of letting up, the time to act is now.


Media Contact:
Adam R. Pratt
Ph: (202) 551-9625

More stories

Bias in AI: How we Build Fair AI Systems and Less-Biased Humans

Artificial intelligence (AI) offers enormous potential to transform our businesses, solve some of our toughest problems and inspire the world to a better future. But our AI systems are only as good as the data we put into them.

Continue reading

A New Public-Private Partnership to Advance Cybersecurity in France

IBM today opened its new Security Operations Center (SOC) in Lille, France. The SOC offers security incident and response services to organisations that are at the heart of the French society and economy. Operating 24 hours a day, seven days a week, the security center team will monitor the latest security events, assess their potential impact […]

Continue reading

Four decades. Nine jobs. One company. Meet Albert, IBM’s first-ever new collar employee.

Nearly 40 years before the first class of P-TECH students graduated high school with an associate’s degree and a pathway to a new collar career in tech (and before the term “new collar” was even coined), Albert Schneider was on his way to becoming the first new collar IBMer. Albert began working full time after […]

Continue reading