DARPA sets privacy rules for its programs

Move is a response to concerns about some of the agency's projects

As the government agency responsible for much of the nation’s cutting-edge research, the Defense Advanced Research Projects Agency  has been at the forefront of technologies such as the Internet and the Global Positioning System. But some of its research, such as work on the Total Information Awareness program, which was designed to mine and analyze public data in search of terrorist activities, raised concerns about data privacy.

To counter these concerns, DARPA has developed a set of privacy principles intended to address privacy implications throughout a program’s life cycle. On its Web site, the agency said it will resolve to consistently examine how its research affects privacy; analyze the privacy dimensions of ongoing research regarding ethical, legal and societal implications; and to transparently respond to the findings of its assessments for unclassified work and ensure independent review of classified work to address privacy issues.

The agency said that its privacy guidelines are consistent with President Obama’s May 2010 National Security Strategy addressing privacy-related issues.

To meet its responsibilities, DARPA has taken three steps:

On research, the agency has engaged the National Academy of Sciences to undertake a study on the ethical and societal implications of technological advances in a global, democratized and rapidly changing environment.

For internal controls, DARPA has assigned an internal privacy ombudsman to closely work with the Defense Department's Privacy Office. The agency will create an independent privacy review panel to assess existing and emerging privacy laws, regulations, technologies and norms to analyze their potential. The panel will consist of leading scholars, and policy and technology experts in the privacy field. The experts will help DARPA meet its responsibilities to research and develop novel technologies while addressing privacy issues and concerns.

To conduct internal reviews, DARPA has established an Ethical, Legal and Social Implications Working Group with the National Science Foundation to identify, analyze and address the ELSI of personally identifiable information during scientific development activities. This work is not only to identify theft and cyber crime interests, but also by the national security concerns associated with operations security and the protection of sources and methods. According to DARPA, the board is an extension of the Institutional Review Board model of shared responsibility, which allows all participants equal responsibility for protecting privacy.

Featured

  • Cybersecurity
    malware detection (Alexander Yakimov/Shutterstock.com)

    Microsoft targets copycat influence websites

    Microsoft went to court to take down websites it believes to be part of a foreign intelligence operation targeting conservative think tanks and the U.S. Senate.

  • Cybersecurity
    secure network

    FAA explores shifting its network to FISMA high

    The Federal Aviation Administration is exploring an upgrade to the information security categorization of IT systems as part of air traffic control modernization.

  • Cybersecurity
    Shutterstock photo id 669226093 By Gorodenkoff

    The disinformation game

    The federal government is poised to bring new tools and strategies to bear in the fight against foreign-backed online disinformation campaigns, but how and when they choose to act could have ramifications on the U.S. political ecosystem.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.