Recently, President Obama released a package of cybersecurity reform proposals. Along with these proposals, Obama also unveiled a new executive order: “Establishment of the Federal Privacy Council.” The council will be composed of senior privacy officials from at least 24 federal agencies, including Cabinet-level departments and NASA and the Office of Personnel Management, and “may also include other officials from agencies and offices, as the Chair may designate.”
The new council is tasked with developing, coordinating and sharing ideas and best practices for federal programs to protect privacy and implement “appropriate privacy safeguards” throughout the administration.
Although the council’s mission is important, this move seems incomplete. First, such a concerted effort to improve privacy protections throughout the federal government should have begun years ago. If privacy and security protections for sensitive personal data had been prioritized, there might not have been the problems caused by the hacker attack last year against the Office of Personnel Management, which did not use encryption or other such security technology to protect the information (including fingerprints) of the millions of current and former federal employees affected. Read more »