It is a challenge to design, operate, or use technologies in ways that are mindful of diverse privacy needs in an increasingly connected and complex environment. Cutting-edge technologies such as the Internet of Things and artificial intelligence are raising further concerns about their impacts on individuals’ privacy. Inside and outside the U.S., there are multiplying visions for how to address these challenges.
Accordingly, the National Institute of Standards and Technology (NIST) is developing a voluntary privacy framework, in collaboration with private and public sector stakeholders, to help organizations: better identify, assess, manage, and communicate privacy risks; foster the development of innovative approaches to protecting individuals’ privacy; and increase trust in products and services.
While good cybersecurity practices help manage privacy risk by protecting people’s information, privacy risks also can arise from how organizations collect, store, use, and share this information to meet their mission or business objective, as well as how individuals interact with products and services. NIST believes that organizations that design, operate, or use these products and services would be better able to address the full scope of privacy risk with more tools to support better implementation of privacy protections.