Expansion of Social Media at DHS Under Way, but Faces Hurdles, Privacy Chief Says
Mary Ellen Callahan, the new chief privacy officer for the Department of Homeland Security, laid out an ambitious agenda for the Privacy Office in her first address to the DHS Data Privacy and Integrity Advisory Committee Thursday. She faces high expectations, due in part to the role she played, along with Justice Department antitrust chief Christine Varney, in developing online privacy policies for the Internet industry in the late 1990s when the two were lawyers in private practice (WID Feb 20 p2). The Privacy Office has “intensified” its work to make DHS more transparent through social media, in keeping with President Barack Obama’s memo on government transparency, Callahan said. But there are “some complications” arising from government regulations.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
The office compliance team recently published its second quarterly report on privacy impact statements (PIAs) and system-of-records notices (SORNs), and it’s working on a biennial review of SORNs to determine which ones need to be republished, Callahan said. She’s considering revising the form but not the substance of PIAs. Callahan said she was appointed co-chair of the federal government’s CIO Council, working closely with the Office of Management and Budget on government-wide privacy policies. The Privacy Office will start a review of data-mining programs this summer that will wrap up around December, she said.
In April Callahan and another official did a tour of Europe to meet with privacy counterparts there, which was “extremely valuable.” She said they participated in a privacy and information security discussion at the Organization for Economic Cooperation and Development. The Privacy Office also is doing an “exchange program” with other countries, swapping privacy officials. It’s getting its first full-time attorney and is recruiting for a new internal communications position at DHS, to raise the office’s profile and increase public efforts, Callahan said. “I know we can do more” to increase privacy awareness, first at DHS and then government-wide. She asked the committee to give suggestions on how DHS can better communicate with the public, including how to give people “individual access” to data on them held by DHS and how to design redress procedures.
Committee members peppered Callahan with questions about her office’s role in cybersecurity policy, but she left them mostly empty-handed. The office coordinated the feedback of privacy activists to the White House during its recently completed 60-day review of cybersecurity policy, and civil liberties were considered “throughout” the review, Callahan said. “We all keep our fingers crossed” that there will be strong privacy safeguards in the White House report. Dan Caprio, a former chief privacy officer at the Commerce Department, stressed the importance of the committee being looped in to the unclassified portions of the Obama administration’s cybersecurity plan so the committee can explain it to the public. The Privacy Office will consult with the committee on that “in the near future,” Callahan said.
The new communications position sounds like a natural place to centralize social-media efforts, said Neville Pattinson, vice president of government affairs for digital- security firm Gemalto. Social media “could be a very valuable tool” for DHS, he said. Callahan noted her social- media policy work at Hogan & Hartson before joining DHS: “The Privacy [Office] Web site drives me nuts. It’s terrible.” But she said the efforts get complicated when “you put the Privacy Act on top of it and you put the First Amendment on top of it.” DHS has a new task force on social media, she said: “I think we just need to make sure they use it properly.” Social media may see internal use at DHS after the legal, privacy and security issues are resolved for public-outreach efforts, Callahan told Ana Anton, North Carolina State University computer science professor. Charles Palmer, chief technology officer for security and privacy at IBM, asked Callahan to do outreach to K-12 schools as well, because “the schools don’t know what to say” on personal privacy.
The committee should consider “future oriented technologies” so it’s not simply reacting to privacy issues that crop up with new technology, said Oracle Chief Privacy Officer Joseph Alhadeff. It must be “anticipatory” on the risks of cloud computing, virtualization and service-oriented architectures, he said. Callahan agreed and said one of the advisory subcommittees was working to “refine” the service- oriented architecture definition. She also requested committee members and others apply for the committee chairmanship. It was the last meeting in the chair for Howard Beales, George Washington University associate professor of strategy management and public policy. Applications for the chairmanship are due June 8, Callahan said.