Both privacy advocates and tech groups found something to like within the 90-day "Big Data" review, led by John Podesta, a top advisor to President Barack Obama.
The review consulted Internet companies such as Google Inc and Facebook Inc, data miners like Acxiom Corp, as well as academics, advertising agencies, legal experts, civil rights groups and intelligence agencies.
The White House threw its support behind a legislative update to a privacy law for email, the Electronic Privacy Communications Act. The bill, which protects email and other data stored in the cloud, has stalled in Congress, but is backed by privacy groups and the tech sector.
The review also recommended legislation to create a national standard for telling consumers when their data has been hacked to improve upon a patchwork of state laws for data breaches, such as the December breach at retailer Target Corp.
The Commerce Department also said it would look at how to codify a "Consumer Privacy Bill of Rights" that calls for consumers to have more say in how their data is used, first drafted by White House in 2012.
The emphasis on data protections pleased Marc Rotenberg, executive director of the Electronic Privacy Information Center.
"We see 'Big Data' as one of the great privacy challenges facing the country," said Rotenberg, who teaches information privacy law at Georgetown University Law Center.
"The question now is what steps will be taken to implement the recommendations," he said in an interview. Congress is unlikely to advance legislation ahead of midterm elections in November, and timelines for other ideas in the report were unclear.
Big data White House
Obama's campaign team made deft use of big data analytics to target supporters during his election campaigns, and his administration has championed using data to advance its health, education and climate agendas.
But he asked for the review of "Big Data" after a backlash at home and abroad following leaks by former National Security Agency contractor Edward Snowden about the government's data collection programs.
The review gave a nod to concerns raised by European allies shocked by the extent of U.S. surveillance on foreigners revealed by Snowden, saying government agencies should look at how to apply the Privacy Act of 1974 to non-U.S. persons.
But otherwise, the Podesta report sidestepped national security uses of big data, instead seeking to put the debate over privacy in a broader context.
"We were disappointed by the actual scoping of the report to largely avoid the especially hard issues around NSA surveillance and more generally intelligence community use of big data techniques," said Lee Tien, a senior staff attorney with the Electronic Frontier Foundation.
The review highlighted the social good that data collection and analysis can do in areas such as medical research, but also pointed out that the same techniques could be used to discriminate against consumers for housing or jobs.
"Big Data raises serious questions about how we protect our privacy and other important values in a world where data collection is increasingly ubiquitous and where analysis is conducted at speeds approaching real time," Podesta told reporters.
The review raised the specter of algorithms crunching data to "digitally redline" people based on race or where they live, and recommended that the government hire more people who know how to use technology to spot and investigate violations.
But some industry groups said that finding may raise unwarranted fears about big data techniques without providing any evidence that they have been used to discriminate against people for housing, jobs or credit. They said the review failed to highlight the privacy protections already in place.
"It's less finding a smoking gun, and it's more saying, 'Let's go look for one,'" said Mark MacCarthy, head of public policy for the Software and Information Industry Association, a trade group.
© Thomson Reuters 2014