The White House closed its so-called “big data” review Thursday, including in its findings a set of recommendations for policies to protect individuals. Those suggestions include include passing national legislation on responding to data breaches, and a fresh call for baseline consumer privacy legislation the White House first recommended in 2012.

President Barack Obama launched the review, led by White House counselor John Podesta, during a January speech calling for reforms to National Security Agency surveillance. The review stokes an already simmering debate about the ways businesses collect, sell, and utilize data on millions of Americans.

“The big data revolution presents incredible opportunities in virtually every sector of the economy and every corner of society,” Podesta said in a blog post announcing the report. “But big data raises serious questions, too, about how we protect our privacy and other values in a world where data collection is increasingly ubiquitous and where analysis is conducted at speeds approaching real time.”

The report underscores the value of “big data” — a key component that the technology industry was hoping to see, given its reliance on user data. Large data sets are leading the way toward advancements in health care, energy, and agriculture, the 79-page report says.

But it also cautions that improper use of data can result in discrimination against “vulnerable classes.”

“An important conclusion of this study is that big data technologies can cause societal harms beyond damages to privacy, such as discrimination against individuals and groups,” the report states.

“…Just as neighborhoods can serve as a proxy for racial or ethnic identity, there are new worries that big data technologies could be used to ‘digitally redefine’ unwanted groups, either as customers, employees, tenants or recipients of credit. A significant finding of this report is that big data could enable new forms of discrimination and predatory practices.”

The critical question is whether or how the White House will act on its findings. Pushing new regulations or legislation for commercial data use is far from easy, given the tech industry’s lobbying might and the Republican-controlled House’s general inclination against business regulation. The administration, for example, has worked for two years on consumer privacy legislation, but has yet to introduce any on Capitol Hill.

Of the six “actionable” proposals in the report, several had been previously endorsed or pursued by the administration in some form or at some level. A plan to dig into possible discrimination based on data sets is similar in focus to a still-unfinished Federal Trade Commission of “data brokers.” The report’s call for changes to federal law governing searches of e-mail records is largely the same as previous administration statements, and contains the same caveats about needing to address the concerns of government agencies which lack the power to obtain criminal search warrants.

The only recommendation that seemed dramatically new was a call to ensure that data collection on students in school is used only for educational purposes.

Just in the past couple of weeks, one major education-focused data gathering effort called inBloom shut down, and Google announced that it would stop scanning student e-mails to deliver targeted advertising through its Google Apps for Education platform.

In a conference call with reporters, Podesta said he thought the administration could act on its education-related recommendation largely through the regulatory process or executive orders, without involving Congress. But, he added, “people may conclude…that basic educational privacy laws could use some tweaks.”

Some privacy advocates said they were troubled that the report suggested another round of consultations with business interests and advocacy groups before settling on new legislation to regulate private-sector data practices. Before announcing the Consumer Privacy Bill of Rights in 2012, the administration conducted three years of so-called “multi-stakeholder” discussions, and has continued such talks in since — even though privacy advocates have seen them as largely worthless.

“We are disappointed that even though it’s been more than two years since the White House announced support for a Consumer Privacy Bill of Rights, the report further delays the release of a legislative proposal,” said Jeff Chester of the Center for Digital Democracy. “Nor does the report acknowledge that the White House’s approach to consumer privacy — relying on lobbyist dominated ‘stakeholder’ meetings at the Commerce Department to develop ‘industry codes of conduct’ cannot be relied on to protect Americans.”

In a conference call with reporters, Podesta and Commerce Secretary Penny Pritzker said the administration wasn’t stalling, but trying to keep up with fast-moving technological developments.

Podesta said a parallel review by Obama’s outside technology advisers “suggests that some of the other elements of the bill of rights may be under severe pressure in light of these new technologies.”

“We thought a quick round of new input is an appropriate way to go,” he added.

“There’s no effort to delay here,” Pritzker insisted. “It seems clear to us we need to go back and make sure the consumer privacy bill of rights was addressing the challenges that they have raised in advance of us beginning to work on legislation.”

Privacy proponents did applaud some aspects of the White House review, including its blunt discussion about the discrimination large data sets can facilitate.

“There’s a lot of discussion about the risks of discriminatory profiling, which is a real concern about the need for companies to be more transparent,” said Electronic Privacy Information Center Executive Director Marc Rotenberg.

The difficulty of enacting new data policies underscores the tight spot the White House and policymakers across Washington have long been in. On the one hand, they want to say they’re standing up for consumer privacy. But they also want to stoke the fires of an economy increasingly reliant on access to consumer data. And in a post-Snowden world, aggressive government-driven consumer privacy policies risk inviting criticism of we-can-do-it-but-they-can’t hypocrisy.

Still, Wednesday’s report brings into greater public view a long-running, under-the-radar Washington debate over data issues.

Privacy hawks have long had companies that collect and sell data on millions of Americans — so-called data brokers — in their sights, particularly because few Americans are familiar with the companies or know where to contact them.

The report also comes in the context of a much higher-profile debate over how the government itself should collect and use data in the wake of Edward Snowden’s revelations. The report did not delve much into intelligence practices, but it recommends expanding some privacy protections for foreigners “where practicable” under a 1970s government law that protects personal information held by the federal government.

But even as Washington has taken a hard look at intelligence collection over the last year, Obama has had his eye on private-sector collection and leveraging of data, referring in an interview last June to the “general problem of big data.”

Industries reliant on consumer information have repeatedly warned in the wake of Snowden’s revelations that their own use of data was a different ball of wax from the NSA’s activities. While the report reiterates the White House’s call for baseline consumer privacy legislation — something that businesses have been somewhat wary of — it says little else that might spook the private sector.

“It’s thorough, it’s thoughtful, I think it recognizes both the value of data and some of the legitimate concerns that are out there,” said Stu Ingis, general counsel for the Digital Advertising Alliance. “It doesn’t try and bite off more than it should.”

Stephanie Simon contributed to this report.