Citing a commitment to maintaining Americans’ trust in their government, President Barack Obama signed an executive order Tuesday setting up the Federal Privacy Council, an interagency group that will share best practices and develop new training for employees across the federal enterprise.
“The proper functioning of Government requires the public’s trust, and to maintain that trust the Government must strive to uphold the highest standards for collecting, maintaining, and using personal data,” the order reads.
“Privacy has been at the heart of our democracy from its inception, and we need it now more than ever.”
First announced at the Federal Privacy Summit in December, the council will fall under the umbrella of the Office of Management and Budget but will include chief privacy officers from across 24 government agencies. In statements made during December’s announcement, OMB Director Shaun Donovan emphasized the importance of enacting strict privacy measures as more sensitive data — like personally identifiable information such as Social Security numbers — is being handled by agencies.
[Read more: OMB will set up Federal Privacy Council]
“As technology and threats evolve, so must our policies,” Donovan said, pledging to “continue to double down on this administration’s broad strategy to enhance privacy practices and fundamentally overhaul information security practices, policies, and governance.”
Currently only a handful of federal departments have a legislatively mandated privacy officer, and the position is in various locations within agencies’ org charts — sometimes as a junior official within the CIO or general counsel office. The order calls for the OMB director to issue a revised policy on the role and designation of “senior agency officials for privacy” within 120 days of its signing, and mandates the head of each agency either designate or re-designate a new privacy official accordingly.
In December, officials told reporters that OMB Senior Adviser for Privacy Marc Groman would head the council, but the order says it will be chaired by the OMB deputy director for management.
OMB Spokesman Jamal Brown did not directly address a question about the discrepancy, but confirmed the deputy director will be chair, adding Groman “will continue actions over the last year with agencies to restructure their privacy programs to make them more efficient and effective, and helping to standup the council.”
There is currently no confirmed deputy for management, because the previous incumbent, Beth Cobert, was nominated as director of the Office of Personnel Management, and is currently acting in that job while her confirmation wends its way through the Senate. OMB Controller David Mader is acting deputy director while nominee Andrew Myock awaits his own confirmation.
The chair of the council will have the power to designate a vice chair, establish working groups and invite privacy officers from additional agencies to join.
One of the first priorities of the new council, Groman said Monday, will be to address the problem of hiring and retaining qualified staff to run federal privacy programs.
“We need to take a deep, hard look at the hiring and retention of privacy professionals across the government, because it is just too challenging today,” he told the DHS Data Privacy and Integrity Advisory Committee. “We need to invest in the privacy profession, we need to make sure privacy professionals have the education and training to stay up to date and help the government address evolving threats and new technologies, a rapidly evolving landscape.” His remarks were reported by Federal News Radio.
The privacy council will coordinate closely with the Federal CIO Council to promote consistency and efficiency within the privacy efforts of the executive branch. The order also mandates the chair collaborate with other interagency councils like the President’s Management Council and the President’s Council on Integrity and Efficiency.
“It is time to stop re-inventing the privacy wheel at agencies and do a better job of leveraging the success of each agency’s related efforts,” Donovan said. “It is time to shift from reactive programs to proactive strategies, and it is time to professionalize the privacy profession.”
The Department of Justice, the Department of State, the Department of Homeland Security and NASA are among the 24 initial member agencies.