Florida wants privacy czar

Florida is taking a cue from corporations such as IBM Corp., American Express Co. and Microsoft Corp. in creating the position of chief privacy officer to oversee privacy policies and practices.

Florida Gov. Jeb Bush, endorsing recommendations from the state's new Task Force on Privacy and Technology, supports the plan for a state chief privacy officer and privacy audits of state agencies.

State officials believe they are the first to consider creating a position to deal exclusively with privacy. A bill is pending before the state Legislature.

As government at all levels moves online, the traditional focus from the business world on customer relationship management has inevitably turned to one of constituent relationship management.

"This task force was created last year to examine how best to create a balance between our open government and the privacy concerns of our citizens," said Marc Slager, executive director of the task force. "Access is such an important issue, but so too, technology has allowed for people to use information for the wrong reasons, and we feel we need someone to watch over those competing issues."

In its recommendations to Bush, the task force cited "disparate practices among various governmental entities," as a key reason behind efforts to better understand the status of what sensitive personal information Florida collects, uses and sells.

"It is vitally important that the state develop a better sense of this information...so that it can ensure the public that its policies reflect a proper balance between open government and the legitimate privacy interests of Florida's citizens," the task force wrote.

In addition to analyzing state agency audits, the state privacy officer would make policy recommendations to the Legislature and keep an eye on data sharing and sales contracts between the state and third parties, the task force said.

Not all states think a CPO is necessary in the struggle to balance increasingly open and accessible government with the privacy concerns of its citizens.

Steve Akridge, Georgia's chief information security officer, said that although his state does not plan to have a CPO position, it has tackled the issue of privacy in a number of different ways, including legislation restricting the disclosure of personal public records to unauthorized persons.

Rich Varn, Iowa's CIO, said he has a privacy officer of sorts working for him, although in Iowa that position is shared between the state's chief security officer, the director of digital government and the director of the Office of Information Technology Management.