- Количество слайдов: 15
“Reflections on the White House Privacy Office” Peter P. Swire Ohio State University Center for American Progress N. C. State Privacy Day January 29, 2008
Overview Ø Privacy actions in the Bill Clinton years Ø Structure of the privacy office Ø Possible reasons to care: l l l Role of the CPO History of what happened Preview of what might happen?
I. Clinton Administration Privacy Actions Ø Privacy hot buttons before I entered government in 2/99: l l l Clipper Chip & encryption CALEA Know Your Customer (banking)
Medical Privacy Rule Ø HIPAA in 1996 Ø Support for legislation through 8/99 Ø Proposed rule 10/99 Ø 52, 000 comments by 2/00 Ø Final rule 12/00 Ø Executive Order 12/00: limits on using health oversight record for law enforcement
Financial Privacy Ø Clinton speech 5/99 Ø House bill with half that 6/99 Ø Significant Administration push for privacy Ø Gramm-Leach-Bliley 11/99 Ø Administration proposal for more, Ø GLB regs 2000 4/00
Federal Government Privacy Ø 6/99 OMB memorandum to post clear privacy policies on agency sites Ø 6/00 OMB memorandum presumption against cookies on federal sites & reports to OMB on privacy in the budget process Ø 12/00 OMB memorandum on agency data sharing, including push for privacy impact assessments (E-Gov Act 2002) Ø Federal CIO Council privacy committee
Some other privacy actions Ø Crypto policy change 9/99 Ø Genetic Discrimination E. O. 2/00 Ø NAS study on authentication and privacy Ø Bankruptcy and privacy study 1/01: public records and privacy issue
Other privacy actions Ø Safe Harbor Ø Double. Click & Network Advertising Code 6/00 Ø SSN bill proposed 6/00, and fought Gregg bill Ø Bill to update wiretap laws for the Internet, summer 2000; proposed higher standards for trap-and-trace and email wiretaps (Patriot Act 2001)
II. The Privacy Office in the U. S. Ø Chief Counselor for Privacy, l l l U. S. Office of Management and Budget Executive Office of the President Old Executive Office Building Ø 4 functions: l l Government data handling Clearance Enforcement/Ombudsman Bully Pulpit
Government Data Handling Ø Big advantage if in OMB Ø “Management” l Office of Information & Technology Policy Ø “Budget” Ø Can’t do that way in an independent agency – imagine a corporate CPO that was “outside” of the company
Clearance Ø Testimony, legislative proposals cleared in OMB Ø Less formal statements also cleared Ø Examples: l l l FIDNet Money laundering New hire data base (information sharing) Ø Can’t do as well in independent agency
Enforcement Ø Can’t do in OMB Ø HHS and financial agencies Ø FTC for consumer protection Ø Web seals & CPAs (expand scale)? Ø Private rights of action?
Bully pulpit Ø Cons: l l Fishbowl in White House therefore cautious about statements Can’t comment on individual products or companies Ø Pro: l l Big impact if President or Cabinet speak Any White House official can raise the issue’s visibility & help on the Hill Ø Independent agency has more flexibility
Ombudsman/Investigator Ø No subpoena power at OMB Ø Limited ability to blow the whistle externally to force change internally Ø W. H. Privacy & Civil Liberties Board l l Version 1 Version 2 Ø What role for this beyond GAO, IGs, Congress, and the press?
Conclusion Ø Episodes of privacy activity Ø What might happen in a next Administration? Ø Many issues could be open for revisiting, perhaps pretty soon. New Administration has made encouraging statements but we need to watch their actions