Way back during the 2008 campaign, Barack Obama made a broad promise to strengthen privacy protections online and to hold both government and business accountable for violations.
The most concrete success on that front came in the final days of his presidency. On Oct. 27, the Federal Communications Commission adopted new rules that govern broadband internet service providers. These companies, such as Verizon and Comcast, sell high-speed connections to the web.
The new rules give customers more control over how their personal information is used and shared.
"It one of the biggest changes we've seen in years," said Jay Stanley, a senior analyst with the American Civil Liberties Union's program on speech, privacy and technology.
The rules put personal information into two boxes -- sensitive and non-sensitive. The first category includes Social Security numbers, web browsing history and precise physical location. Companies must get a positive opt-in from customers to use and share that data.
Non-sensitive information includes your email address and the level of service you're buying. Providers can share that information, but customers have the power to opt-out to block them.
Stanley said internet service providers had just begun to look at the marketing value of the information they had on their customers. The FCC rules put controls in place before they started to run with the idea.
The Obama administration was not particularly engaged in the rulemaking process, but it can take some credit for the outcome. The three Democratic-affiliated members of the FCC voted in favor of the rules. The two Republican affiliated members voted against.
Companies that violate the rule will face fines and penalties.
In 2012, the administration published the Consumer Privacy Bill of Rights. The measure says consumers have a right to expect that organizations will use their data for the same purpose they provided it, that their data will be handled responsibly and with limits, and that they can access it easily.
In May 2011, the White House unveiled a cybersecurity legislative proposal, which included proposals for protecting the nation's power grids and computer networks but also individuals' personal data. Ed Mierzwinski, consumer program director for the U.S. Public Interest Research Group, called it a "comprehensive and generally widely-praised" platform.
The law that emerged, the Cybersecurity Information Sharing Act of 2015, imposes limits on the use of information by federal and state governments as they ward off hackers and viruses, but some privacy advocates are wary. They worry that the limits might not be as tight as promised.
Obama said he would strengthen privacy protections and hold government and business accountable if they didn't respect those limits. The new rules on broadband internet service providers are the clearest move in that direction and while privacy advocates might have wanted more, they approve of the gains. We rate this as a Promise Kept.