As Chief Counselor for
Privacy at the U.S. Office of Management and Budget, one of my primary tasks
was to promote good data handling practices within the federal government.
My comments here focus on government-wide privacy issues. My unpublished
(but now available) article on our 1999 activities gives examples of the way
we tried to promote good data handling in individual agency initiatives.
Federal web site privacy. In 1999, we learned that many federal
agencies lacked privacy policies on their web sites. OMB Director Jack Lew
issued government-wide guidance for such privacy policies in June, 1999. A
year later, Director Lew issued a follow-up policy, limiting the use of
cookies on federal web sites and also providing that agency compliance with
good privacy practices would become part of the OMB budget review process.
Clarification of the cookies policy was contained in a 2000
letter from OMB official John Spotila and in OMB testimony by Sally
Katzen. My own view is that further updating of that policy is appropriate,
users affirmatively consent to have cookies set as part of personalization
of a web site.
Privacy impact assessments. While at OMB I strongly supported use of
Privacy Impact Assessments (not Privacy Impact Statements as good acronym
users might appreciate) in appropriate settings. The IRS has had an
effective system of PIAs since at least 1999, and the Chief Information
Officers Council's Subcommittee on Privacy
voted the IRS program a "best practice" in 2000. President Clinton's
budget for 2001 supported making PIAs a regular part of new agency computer
systems. Since that time, the idea of PIAs has gained attention in the
Congress, in both the House
and the Senate. I support
the use of PIAs for computer systems and regulations that involve "a
significant amount of personal information." An FAA rule about the average
weight of plane engines does not need a PIA, but a Department of
Transportation database about every traveler who enters an airport does.
Court records. I was very involved in a report on privacy and
bankruptcy records, released by the Office of Management and Budget, the
Justice Department, and the Treasury Department in January, 2001. There are
obvious and substantial advantages to putting litigation and court records
on-line, so that litigants, reporters, and the public can avoid the expense
and hassle of physically going to a courthouse to check every court records.
On the other hand, this study highlights the way that bank account numbers
and other sensitive financial data would then be made available to anyone
surfing the Internet, becoming a ready target for theft from anywhere in the
world. I discussed similar topics in a 2000 speech on privacy and the future
of justice system records.
First Amendment and government records. In studying the future of
openness of public records, the First Amendment limits the ways that
statutes can restrict the flow of information once it is released into the
public domain. I have given a speech on my views on this subject, but have
not had the chance yet to write about it. We built careful findings
concerning constitutionality into a bill on protecting Social Security
Numbers, which Vice President Gore announced in a speech in June, 2000.
Privacy, security, and critical infrastructure. These issues
intersect with surveillance and wiretap issues, discussed in a separate part
of this site. The challenge is some security measures for government systems
turn out to have a large surveillance component. I worked extensively on
these issues in connection
with the Federal Intrusion Detection Network (FIDNet), and spoke to
federal agency computer experts about the topic. These issues were discussed
in a chapter of the National Plan for critical infrastructure protection. My
more recent views on the intersection of privacy and security are discussed
in a law review article, co-authored with Lauren Steinfeld in 2000.
Privacy and Homeland Security. In July, 2000 I was asked to testify
in the House Judiciary Committe on the issue of how to build privacy
protections into the proposed new Department of Homeland Security. In my
testimony, I gave detailed recommendations about how to institute better
privacy protections both within that Department and more generally in the
The Privacy Act and the future of government record systems. The
Privacy Act was passed in 1974 in the wake of spectacular abuses of
government records during the 1960s and 1970s. The history is described in
books such as Database Nation by Simson Garfinkel and The Lawless State: The
Crimes of the U.S. Intelligence Agencies by Morton Halperin, Jerry Berman,
The Privacy Act responded to the problems of the period, prohibiting secret
databases, giving individuals access to records about themselves, and
limiting transfers of files to other federal agencies except with consent or
a "routine use" published in the Federal Register. OMB was tasked with
policy guidance for the Act.
During my time in government, I tried to figure out how to update the
Privacy Act, much as the Freedom of Information Act was updated by the
Electronic FOIA Act in the 1990s. This is a topic that cries out for more
intellectual work -- I wasn't able to figure out what to recommend.
As I write this in the summer of 2002, there are calls by the current
leaders at OMB and others for far greater "information sharing" and the end
to the "silos" of federal data. Better information sharing undoubtedly will
bring benefits in many settings, but how do we protect against abuse if
state, local, and federal officials all get to browse around in confidential
files with few legal or institutional limits on their actions? It is to
study issues such as these that I support a major national Commission on the
topic of Privacy, Personal Freedom, and Homeland Security.
Freedom of Information Act