Are technology and privacy mutually exclusive? It doesn't have to be that way, several federal privacy officers told a confence recently. Barbra Symonds, director of the IRS' Privacy and Information Office, calls her profession the "friendly auditors" and emphasizes her role in helping system designers build in privacy controls from the ground floor, Government Computer News reports.
Symonds added that when she talks to private companies that build the software taxpayers use to file tax returns, she emphasizes that they can use their systems' privacy features as a selling point.
"It's not that all information-sharing is evil and wrong," Symonds said. She added that privacy officers can help system designers focus on methods of limiting the amount of information shared with a particular group of users to the data that they really need to help improve privacy controls.
At the same time, Symonds said, privacy officials sometimes face problems with disgruntled software developers who leave back doors or "God keys" hidden in systems. "Many software developers don't like to document what they have done," she said. "But as soon as there is a problem, everyone wants to see the audit log."
At the Dept. of Homeland Security, privacy officer Kenneth Mortenson said privacy has become an operational duty. "We are working to ensure that technology sustains privacy and does not erode it," Mortenson said.
Mortenson's office has developed a template for program managers to use as they build privacy controls into their systems. DHS also has evaluated the privacy effects of national security systems and intelligence systems, Mortenson said. DHS is looking to attain a situational awareness of privacy issues in the department, similar to the situational awareness that military organizations develop, he said.