Editorial: The need for privacy officers

Traditionally, privacy and security are considered incompatible.

But Nuala O'Connor Kelly, the Homeland Security Department's chief privacy officer, argues that national security and data privacy are tied to each another. Despite the connection, she adds, the concept of seeking a balance between the two is passé.

She is correct — many people are starting to recognize a link between privacy and security, especially as a result of the seemingly endless string of data losses. Although few of the recent losses involved cybersecurity vulnerabilities, the results have been the same — personal data falls into the wrong hands.

The government information technology community has been cognizant of the link between security and privacy. And the recent data breaches should reinforce agencies' need for more funding for security initiatives.

We disagree with Kelly, however, about balancing privacy and security. Following the Sept. 11, 2001, terrorist attacks, privacy issues were shoved aside in the name of national security. And policy-makers continue to struggle to balance potential terrorist threats against potential threats of an Orwellian "Big Brother" government.

That dilemma proves the need for chief privacy officers at agencies, including the Office of Management and Budget.

Chief privacy officers can — and should — play a role in national security discussions. Rep. Tom Davis (R-Va.) seeks to overturn a provision in the fiscal 2005 omnibus spending bill that requires all agencies to have chief privacy officers. Davis argues that the provision undercuts the responsibilities of chief information officers.

But the privacy issue is sufficiently complex to justify the creation of a position that focuses exclusively on privacy issues. In addition, a chief privacy officer at OMB could help the administration set governmentwide policies.

The chief privacy officer, like chief procurement officers and chief people officers, will need to work with CIOs.

Kelly has demonstrated that a chief privacy officer can have a powerful and effective voice within an organization to help ensure that important issues receive the attention they deserve. She serves as a good model for other agencies.

— Christopher J. Dorobek

Featured

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above