To protect the privacy and civil liberties of Americans, the federal government may get a privacy czar if two congressional representatives have their way.
Reps. Kendrick Meek (D-Florida) and Jim Turner (D-Texas), who are both members of the House Select Committee on Homeland Security, introduced a bill Thursday that would establish a federal chief privacy officer position, as well as separate positions at every federal department and agency.
Additionally, the Strengthening Homeland Innovation by Emphasizing Liberty, Democracy, and Privacy Act -- or Shield Privacy Act -- would establish a 10-member commission, appointed by various government bodies, for overseeing privacy and civil-liberty freedoms related to homeland security initiatives.
"It's important that we take into account the impact on our fundamental freedoms" when considering emerging technologies, Meek said in a phone conference. "We're trying to be proactive in heading off major privacy violations. We don't have to see a major, major violation of privacy or civil liberties for us to act."
The privacy czar, who would be appointed by the president and positioned in the Office of Management and Budget, would hold primary responsibility for privacy policies throughout the federal government. The czar would ensure that technologies procured by the federal government would not erode privacy protections, as designated under the Privacy Act of 1974. The czar would also evaluate legislative and regulatory proposals involving the federal government's collection and use of Americans' personal information. The czar would present an annual report to Congress about each federal agency's activities and violations related to privacy.
Peter Swire, Ohio State University law professor and former chief privacy officer in the Clinton administration, welcomed the bill.
"Right now there's no one at home at the White House when it comes to privacy," Swire said. "There's no political official in the White House who has privacy in their title or as part of their job description. Congress should take the lead here because this administration has not."
Swire said in addition to establishing federal privacy oversight, the bill would help "broaden the national debate on privacy so that it's harder to slip into a surveillance state."
The Shield Act is modeled on the E-Government Act of 2002, which provided for a chief security officer for federal agencies, and strengthens provisions in the E-Government Act that call for privacy risk assessments of any new federal computing systems.
The Department of Homeland Security is currently the only agency with a federally mandated privacy officer. Nuala O'Connor Kelly was appointed chief privacy officer of the department in April 2003. Some individual federal agencies, such as the Internal Revenue Service and the Transportation Security Administration, have appointed privacy officers on their own. But the positions have, until now, been inconsistently implemented. Some of the officers serve only part time, and deal primarily with requests from individuals for access to their government records, rather than establishing privacy policies for their agencies.
The bill addresses concerns expressed in testimony given in February by Jim Dempsey, executive director of the Center for Democracy and Technology, before a hearing of the House Judiciary Committee's Subcommittee on Commercial and Administrative Law.
Dempsey testified that a privacy officer for the Department of Homeland Security alone was not enough. He said privacy advocates and members of Congress often found out about privacy issues after the government had already implemented systems or technologies, making it more difficult to correct a privacy lapse. Dempsey said it was necessary to establish privacy officers inside agencies who could be consulted during the conception phase of new projects to vet the concerns of privacy advocates and the public.
Ari Schwartz, associate director of the Center for Democracy and Technology, said that such officers would establish accountability for government actions, since they could be called to testify for wrongdoing on the part of their agencies.
"No one's going to call up the head of an agency for small ongoing violations of privacy," Schwartz said. "But writing letters to privacy officers or holding chief privacy officers responsible for being willfully negligent of their jobs will be much easier to do."
Schwartz said congressional oversight of the czar would provide appropriate checks and balances. He said it was especially important to do this now, since Congress is in the process of "putting out a whole slate of homeland-security initiatives."
Meek said he hoped that a privacy commission and czar would help guide technology companies to produce products for law enforcement and other federal agencies that have privacy safeguards built into them. Companies have been criticized for marketing technologies that benefit their bottom line while ignoring civil liberties and the privacy rights of citizens.
"This will send a stronger message to Silicon Valley and the private sector that the government holds high individual privacy," Meek said.
You can view the original article here... http://www.wired.com/news/privacy/0,1848,63542,00.html?tw=wn_tophead_4