Government Panel Calls For Privacy Policy Overhaul - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Government // Enterprise Architecture
08:33 AM
Connect Directly

Government Panel Calls For Privacy Policy Overhaul

Report to OMB outlines the creation of a chief privacy officer role and chief privacy officers at every federal agency that already has a CFO.

Existing privacy laws and policies are outdated, federal leadership on privacy is scattershot, and a significant overhaul is needed to bring government's approach to personal information in line with 21st century realities, an independent government advisory board said Wednesday afternoon in a report to the Office of Management and Budget.

In order to manage government privacy policies, the report recommends the government hire one chief privacy officer in the Office of Management and Budget to provide regular government-wide guidance on privacy, as well as chief privacy officers at every agency that already has a CFO.

The report by the Information Security and Privacy Advisory Board, which advises several government agencies and Congress on the government's approach to cybersecurity and privacy, says that "current law and policy do not reflect the realities of current technologies and do not protect against many important threats to privacy."

The government has been especially lackadaisical in providing privacy direction to federal agencies, the report says. For example, there's been little guidance on government use of private-sector databases to collect and use detailed personal information. Well-publicized security failures like the Veterans Administration's 2006 loss of a laptop containing troves of personal information strengthen the case for change.

In addition to the creation of a chief privacy officer role, the ISPAB is recommending the government take a number of steps to shore up privacy protection, including amending the Privacy Act of 1974 and the E-Government Act of 2002 to cover commercial data and the use -- not just the holding -- of private records as well as to improve privacy notices.

The panel also wants the OMB to update the federal government's policy on the use of cookies, issue guidance on the use of location-based data, and work with the United States Computer Emergency Readiness Team to collect government data loss information.

Since 2002, there have been a number of additional developments in policy governing the federal use of privacy data. For example, OMB guidance two years ago required agencies to use access controls like authentication and encryption to render personal records inaccessible to unauthorized users, and just last December the Department of Homeland Security released a framework that said the use of personal information should be limited and retained only as long as necessary.

The ISPAB includes representatives from a number of federal agencies, private companies and other groups, including the National Security Agency, Department of Transportation, Fidelity Investments, Cornell University, the Center for Democracy and Technology, and Google, and it is tasked with advising the National Institute of Standards and Technology, the Department of Commerce and the Office of Management and Budget on cybersecurity and privacy issues, though only in regard to federal systems.

InformationWeek Analytics has published an independent analysis on what executives really think about security. Download the report here (registration required).

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Augmented Analytics Drives Next Wave of AI, Machine Learning, BI
Jessica Davis, Senior Editor, Enterprise Apps,  3/19/2020
How Startup Innovation Can Help Enterprises Face COVID-19
Joao-Pierre S. Ruth, Senior Writer,  3/24/2020
Enterprise Guide to Robotic Process Automation
Cathleen Gagne, Managing Editor, InformationWeek,  3/23/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
Flash Poll