NIST cites confusion over privacy risks in issuing draft framework for comment

The National Institute of Standards and Technology says there is a lack of public understanding about how to manage privacy risks, based on recent comments it received in developing a draft framework issued today for further public review.

“[T]here is not a consistent or widespread understanding of privacy risk management, so NIST plans to provide a more in-depth treatment of the subject in an appendix to the Privacy Framework,” according to an “outline” draft released today by NIST. The...