Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

The Internet and associated information technologies have driven unprecedented innovation, economic value, and improvement in social services. Many of these benefits are fueled by data about individuals that flow through a complex ecosystem. As a result, individuals may not be able to understand the potential consequences for their privacy as they interact with systems, products, and services. At the same time, organizations may not realize the full extent of these consequences for individuals, for society, or for their enterprises, which can affect their brands, their bottom lines, and their future prospects for growth.

To support organizations in better protecting individuals’ privacy, and to help bring privacy risk into parity with other risks such as cybersecurity and safety that organizations manage in their risk portfolios, NIST engages with stakeholders to develop privacy guidance, tools, and international standards. NIST’s Privacy Engineering Program focuses on advancing privacy practices through the application of measurement science and system engineering principles. The NIST Privacy Framework is a voluntary tool developed in collaboration with stakeholders intended to help organizations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy.

News

NIST Releases Version 1.0 of Privacy Framework

Our data-driven society has a tricky balancing act to perform: building innovative products and services that use personal data while still protecting people’s privacy. To help organizations keep this balance, the National Institute of Standards and Technology (NIST) is offering a new tool for managing privacy risk. The agency has just released Version 1.0 of the NIST Privacy Framework: A Tool for

NIST Releases First 3 Finalized Post-Quantum Encryption Standards

NIST Offers Draft Guidance on Evaluating a Privacy Protection Technique for the AI Era

NIST Researchers Explore Best Practices for Talking to Kids About Online Privacy

Blogs

Projects and Programs

Proximity Detection for Electronic Contact Tracing

Completed
We are developing performance metrics for not just ranging, but also for detecting close contacts, which in the context of COVID-19 is the situation where two people are less than six feet apart with no obstacles between them. Obviously, the duration of a close contact is important, as it affects

Cyber-Physical Systems and Internet of Things Foundations

Ongoing
Objective - To provide a common technical and conceptual foundation for CPS and IoT that enables conceptualization, realization and assurance across all domains, including a comprehensive and traceable methodology for meeting all stakeholder concerns throughout any systems engineering process and

Publications

Building a Cybersecurity and Privacy Learning Program

Author(s)
Marian Merritt, SUSAN HANSCHE, BRENDA ELLIS, Julie Nethery Snyder, KEVIN SANCHEZ-CHERRY, DONALD WALDEN
This publication provides guidance for federal agencies and organizations to develop and manage a life cycle approach to building a Cybersecurity and Privacy

Fiscal Year 2023 Cybersecurity and Privacy Annual Report

Author(s)
Patrick D. O'Reilly, Kristina Rigopoulos
During Fiscal Year 2023 (FY 2023) – from October 1, 2022, through September 30, 2023 –the NIST Information Technology Laboratory (ITL) Cybersecurity and Privacy