Making privacy the priority
If someone were to ask federal information technology managers what the
biggest obstacle to electronic government is, I'd bet that 80 percent of
them would say, "security."
Indeed, with President Clinton's proposal to spend $2 billion on IT
security in fiscal 2001, is it any wonder that security is on the lips of
almost everyone in the federal IT community?
Clearly, the security built into any e-government initiative is critical.
However, I would suggest that for the likely users — citizens and businesses — the initial concern is more basic. It is one of privacy.
For example, in 1997, the Social Security Administration unveiled an
Internet-based application that gave citizens access to information about
their Social Security benefits. Within months the service was killed because
of concerns over the ease with which people could peek at other people's
information. The program's failure had little to do with security and everything
to do with privacy.
This is not the first program to fall victim to privacy concerns — it
is just the most publicized. Undoubtedly, countless other e-government ideas
also have been tabled or terminated because of privacy concerns.
As a federal IT manager, it would be easy to become discouraged by privacy
and security obstacles. The challenge is overcoming these hurdles. It won't
be easy, but it can be done. Just look at how many banks and investment
companies conduct business online.
Unfortunately, there is no silver-bullet solution. But there are a couple
things to do to get started:
* First, in shaping the requirements of any e-government initiative,
managers should deal with privacy requirements first and foremost. Although
privacy and security go hand in hand, in most cases privacy issues will
dictate security requirements.
* Second, it managers must consider the way they will assure users that
their privacy and security concerns are addressed. They shouldn't think
only of technical solutions. They should do some marketing to educate and
convince users that their privacy will be protected. Agencies must counter
Internet users' growing weariness — and wariness — of providing personal
information. Agency managers must help citizens understand that posting
personal information is worth their while.
Many people criticize the government for lagging behind the commercial
world in doing business electronically. But that's not a fair comparison.
The government is held to a higher standard of security and privacy
than commercial organizations because of the sheer magnitude of its operations
and its attractiveness as a target for hackers.
But IT managers cannot allow that to be an excuse for lack of progress
in rolling out a true electronic government.