Consumers should control the extent to which their personal information may be collected, analyzed, shared, and sold.
Privacy protections should be embedded into products and services.
Organizations (including private companies, nonprofits, and government entities) should clearly communicate:
Policymakers should protect against the misuse of data, including:
Policymakers and the private sector should ensure that organizations effectively protect against unauthorized access to or misuse of consumers’ personally identifiable information
Organizations must effectively inform consumers about how their PII is secured and what actions will be taken in the event of a security breach.
Companies, government agencies, and individuals should protect the unauthorized use, display, collection, and sale of SSNs.
Federal policymakers should strengthen protections and enforcement against identity theft.
Consumers should be protected against e-mail spam. They should easily be able to opt out of receiving e-mails.
Policymakers and the private sector should support the ability of people of all ages, ability levels, and backgrounds to travel.