Need for a Federal Privacy Policy Office

Need for a Federal Privacy Policy Office

Ensuring a Unified, Cross-Agency Approach to Privacy

By Peter Swire, August 21, 2012.
  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
Peter Swire

Note: This blog is adapted from testimony delivered before the Senate Homeland Security and Governmental Affairs' Subcommittee on Oversight of Government Management, the Federal Workforce and the District of Columbia.

* * *

In a piece prepared for publication in the Stanford Law Review in 2000 (but not ultimately published), I explained the role that the chief counselor for privacy played during the intense privacy policy debates of the late 1990s. Earlier this year I returned to the subject in a law review article on "Why the Federal Government Should Have a Privacy Policy Office."

That article highlights the role such a privacy policy office would play in the inter-agency clearance process and in coordinating a unified approach to the large number of international privacy issues.

First, the chief privacy officer is important for the "clearance" process."

To ensure a unified administration position, for congressional testimony, executive orders and many other documents, drafts are circulated for clearance among the various agencies and components of the Executive Office of the President. Once comments are received, discussions are sometimes needed to resolve differences of opinion, with appeal to more senior officials if differences are not resolved at lower levels. In addition to these structured clearance procedures, agency experts on an issue such as privacy often get engaged earlier in the policy planning process, in a variety of working groups and less-formal methods of sharing expertise and views.

From my time as chief counselor for privacy in the White House Office of Management and Budget, the number of privacy issues addressed by federal agencies is far greater than many people realize. Here is a list of the sorts of privacy issues that can arise in each of the cabinet departments:

  • Agriculture: Migrant worker records.
  • Defense and Veterans Affairs: Records of service members.
  • Education: Education records, including for for-profit institutions.
  • Energy: Smart grid.
  • Health and Human Services: Medical records; many forms of human services records.
  • Homeland Security: Numerous issues, including transportation safety and immigration.
  • Housing and Urban Development: Public housing records.
  • Interior: National park reservations and other services provided online.
  • Justice: Numerous issues.
  • Labor: Records of union membership.
  • State: International privacy issues.
  • Transportation: Drone surveillance.
  • Treasury: Financial privacy; money laundering.

This list shows a wide variety of privacy issues, and also that privacy issues emerge for new agencies over time. As one example, surveillance by drones is becoming an important privacy issue as the Federal Aviation Administration permits expanded use of drones within the borders of the United States. For these kinds of emerging issues, the expertise developed by a federal CPO would be quite useful.

Second, along with clearance, the executive branch needs effective coordination to develop and announce the administration position in international settings. Data flows today are pervasively global. We are reminded of this reality by the ongoing debates about the European Union's draft Regulation on Data Protection. A very wide range of Internet and other private-sector data practices would be affected if that regulation were to go into effect as written.

For the public sector, there are also many cross-border issues, such as for passenger name records, law enforcement investigations and many others. One of my current research projects analyzes how cloud computing, together with the widespread current adoption of encryption, is making international cooperation on law enforcement investigations much more important than in the past. For the federal government, the increasing number and complexity of trans-border privacy issues means that coordination of privacy policy would be very helpful.

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Top Data Breaches of 2014

If the top breaches of 2014 taught the security world anything, it's that size and sector don't...

Latest Tweets and Mentions

ARTICLE Top Data Breaches of 2014

If the top breaches of 2014 taught the security world anything, it's that size and sector don't...

The ISMG Network