Making the Web safe

Agencies must highlight privacy from the onset as part of the design of any new system.

Three years ago, the Social Security Administration learned this lesson the hard way when it released an Internet version of the Personal Earnings Benefit Statement (PEBES). The project had good intentions: Give citizens online access to information about their Social Security contributions and future benefits.

But public perception turned on SSA when the press reported that the privacy of the system may not have been assured. SSA had not adequately consulted privacy advocates and had not built privacy protections into the system.

Even though SSA thereafter held public meetings and addressed all of the concerns of the privacy advocates and the public the online version of PEBES had been too badly tainted. What should have been one of the first great interactive government applications has been shelved indefinitely.

The privacy backlash from the PEBES project has reverberated among information technology program managers in the federal government. The Clinton administration has begun to push forward on e-government proposals, but many agencies still seem wary.

The CIO Council seems to have recognized those concerns in its latest strategic plan, which announces that the council's Security, Privacy and Critical Infrastructure Committee plans to build model privacy impact assessments.

Although the plan is short on specifics, the idea is obviously based on the environmental impact of statements that agencies routinely write for a variety of projects affecting the physical environment. This new privacy version could help agencies identify, mitigate and avoid privacy snafus in procuring of new software and the creation of new e-government projects.

Policy-makers will often stress the strict rules against the misuse of data, and following the recent denial-of- service attacks on e-commerce sites, there are calls for more laws. However, as Harvard University law professor Lawrence Lessig aptly notes in his recent book Code and Other Laws of Cyberspace the technologies and design standards play a more powerful role in accomplishing a goal than the establishment of laws or policy guidelines.

Privacy impact statements could help weed out technologies that do not embed the widely accepted code of fair information practices.

With privacy as the No. 1 fear of potential e-commerce customers, many private-sector companies and standard setting bodies have also begun looking into products and technical standards that are built with privacy in mind.

In Toronto next month, the 10th Annual Computers, Freedom and Privacy Conference (www.cfp2000.org) will kick off with its first-ever "Workshop on Freedom and Privacy by Design." Policymakers and technologists should follow this discussion and begin to look into the elements that would make up a quality impact statement.

Schwartz is a policy analyst at the Center for Democracy and Technology.