“Privacy and the Future of Justice Statistics” Peter P. Swire Chief Counselor for Privacy OMB/OIRA National Conf.on Privacy, Technology & Criminal Justice.

Slides:

Advertisements

Similar presentations

PRIVACY ACT OF 1974 OVERVIEW. FAIR INFORMATION PRACTICES The Privacy Act is primarily concerned with fair information practices. The Privacy Act is primarily.

Advertisements

Chapter 44 Administrative Law Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.

Why the Financial Privacy Law is Better than People Think Professor Peter P. Swire Ohio State University University of Minnesota Symposium February 9,

Medical Privacy in a Broader Privacy Context Professor Peter P. Swire George Washington Law School Former Chief Counselor for Privacy, U.S. Govt. HIPAA.

The United States, Privacy, and Data Protection Peter P. Swire Dutch Embassy Presentation January 19, 2001.

Privacy and the Internet Professor Peter P. Swire Ohio State University National Press Foundation February 14, 2001.

The Chief Privacy Officer for the U.S. Government Professor Peter P. Swire Ohio State University Visiting, George Washington University Privacy Officers.

Reflections on the White House Privacy Office Peter P. Swire U.S. Chief Counselor for Privacy, OSU College of Law, 2001-present CFP, March 8,

Is Confidentiality in Banking Outdated? Peter P. Swire Chief Counselor for Privacy United States Government.

Court Records and Data Privacy: Online or Over the Line? Professor Peter P. Swire Moritz College of Law The Ohio State University Judges Day 2005 October.

"Embedding Privacy in Federal Information Systems" Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster LLP MITRE Corp. Workshop.

Research and Privacy Under HIPAA Professor Peter P. Swire Moritz College of Law Ohio State University National Academy of Science Panel on Science, Technology.

The Role of the Federal Government in Privacy Policy Professor Peter P. Swire The Ohio State University Center for American Progress The Privacy Symposium,

Mental Health Issues & Information Sharing Professor Peter P. Swire The Ohio State University NAAG Task Force on School Safety July 5, 2007.

Reflections on the White House Privacy Office Peter P. Swire Ohio State University Center for American Progress N.C. State Privacy Day January 29, 2008.

The Need for Government-Wide Privacy Policy Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster, LLP DHS Privacy Advisory Committee.

COLLECTION HOT TOPICS WV HMFA Winter Educational Conference January 15, 2015.

WHAT IS HIPAA? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides certain protections for any of your health information.

Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.

Privacy and the Right to Know Grayson Barber, Esq. Grayson Barber, LLC.

Sources of Law Chapter 1.2.

IS3350 Security Issues in Legal Context

Domain Name Registrant Data: The Privacy Questions Alan Davidson Center for Democracy and Technology

HEAVEN’S HANDS COMMUNITY SERVICE H.I.P.A.A. What is HIPAA? HIPAA stands for the Health Insurance Portability and Accountability Act, which was passed.

Privacy in Ontario Brian Beamish Office of the Information and Privacy Commissioner/Ontario Presentation to Security Canada Central 2002 International.

Security of Computerized Medical Information: Threats from Authorized Users James G. Anderson, Ph.D. Purdue University.

Disclaimer This Presentation is provided “as is” without any express or implied warranty. This Presentation is for educational purposes only and does not.

Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.

Security Issues on Campus: Government Initiatives Rodney J. Petersen University of Maryland Educause/Internet2 Security Task Force Copyright Rodney J.

Standards and Guidelines for Web Page Publishing December 9, 2009.

Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University

Newsgathering: Access to Meetings & Records. Access and the First Amendment How has the U.S. Supreme Court responded to claims that the First Amendment.

© 2010 Dorsey & Whitney LLP Social Media Friday, September 17, 2010 The Committee on Finance & Information Technology (CFIT)

The U.S. Approach to Consumer Protection in the Online World U.S. Presentation FTAA Joint Government Private Sector Committee on Electronic Commerce 13th.

P A R T P A R T Regulation of Business Administrative Agencies The Federal Trade Commission Act and Consumer Protection Laws Antitrust: The Sherman Act.

School Law and the Public Schools: A Practical Guide for Educational Leaders, 5e © 2012 Pearson Education, Inc. All rights reserved. Chapter 11 The Instructional.

Privacy Framework for Monitoring Social Media Professor Peter Swire Ohio State University & Future of Privacy Forum National Academy of Sciences Public.

How Can We Deal with Risks from the Internet: Why Privacy Legislation Is Hot Right Now Professor Peter Swire Ohio State University/Center for American.

Technology in Focus: Information Technology Ethics

Marketing Systems Group Southern California MRA Education Seminar Presentation September 17, 2005 Privacy and Current Issues.

Can We Have EHRs and Privacy Too? Dr. Alan F. Westin Professor of Public Law and Government Emeritus, Columbia University; Principal, Privacy Consulting.

Component 4: Introduction to Information and Computer Science Unit 2: Internet and the World Wide Web 1 Component 4/Unit 2Health IT Workforce Curriculum.

Federal Trade Commission required to issue and enforce regulations concerning children’s online privacy. Initial COPPA Rule effective April 21, 2000;

Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.

Security of the Distributed Electronic Patient Record: A Case-Based Approach James G. Anderson, Ph.D. Purdue University.

Location, Location, Location: The Emerging Crisis in Wireless Data Privacy Ari Schwartz & Alan Davidson Center for Democracy and Technology

Where Did HIPAA Come From? “HIPAA Then and Now” Peter Swire Georgia Tech Scheller College of Business Alston & Bird LLP IAPP-Las Vegas 2015.

The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;

Patient Confidentiality and Electronic Medical Records Ann J. Olsen, MBA, MA Information Security Officer and Director, Information Management Planning.

Federal Agencies and Laws for Consumer Rights

HEALTH POLICY – A PRIMER. WHAT IS POLICY? A PLAN OR COURSE OF ACTION DESIGNED TO DEFINE ISSUES, INFLUENCE DECISION-MAKING, AND PROMOTE BROAD COMMUNITY.

Chapter 5 Part III. 2 Executive Orders Regulating Rulemaking What is the president's authority over rulemaking? What about for independent agencies? Why.

When Can You Redact Information Without Requesting an Attorney General Decision? Karen Hattaway Assistant Attorney General Open Records Division Views.

Approved for Public Release. Distribution Unlimited. 1 Government Privacy Rick Newbold, JD, MBA, CIPP/G Futures Branch 28.

HIPAA History March 3, HIPAA Ruling Health Insurance Portability Accountability Act Health Insurance Portability Accountability Act Passed by Congress.

Instructions for using this template. Remember this is Jeopardy, so where I have written “Answer” this is the prompt the students will see, and where.

Rulemaking Part III. 2 Executive Orders Regulating Rulemaking What is the president's authority over rulemaking? What about for independent agencies?

Today’s Objective Identify and explain the four sources of law –Constitutions –Statutes –Case Law –Administrative Law Identify the three branches of government.

Healthcare Privacy and Security After September 11 The HIPAA Colloquium At Harvard University August 20, 2002 Presented by: Lauren Steinfeld Privacy Consultant,

Copyright, Intellectual Property, and Privacy 1 Lesson Plan: BMM A9-4.

An Overview of Legislation and Board Policy. Federal Legislation (CIPA, COPPA) WCPSS Board of Education ◦ Policy 2313, 3013, and 4013 Federally Mandated.

1 HIPAA’s Impact on Depository Financial Institutions 2 nd National Medical Banking Institute Rick Morrison, CEO Remettra, Inc.

The American Experience in Regulatory Review and Reform Dominic J. Mancini, PhD. Office of Information and Regulatory Affairs U.S. Office of Management.

Chapter 7 Part III. Inferring Tenure What is the assumption if there is no term of office? If there is no term of office, the starting assumption is that.

Delivering eHealth Ireland | Office of the Chief Information Officer IHI Infographic Office of the CIO | Delivering eHealth Ireland.

Chapter 3 Administrative Law Chapter 3: Administrative Law.

Federal Agencies and Laws for Consumer Rights

Employee Privacy and Privacy of Employee Information

“Court Records and Data Privacy: Online or Over the Line?”

Enforcement and Policy Challenges in Health Information Privacy

Presentation transcript:

“Privacy and the Future of Justice Statistics” Peter P. Swire Chief Counselor for Privacy OMB/OIRA National Conf.on Privacy, Technology & Criminal Justice Information May 31, 2000

Overview n Free flow of information n Administration privacy policy n Government as a model n Public records n Concluding thoughts

I. “Free flow of information” n A noble goal, but what does it mean? – Security -- free flow to hackers? – Intellectual property -- free flow to pirates? – Privacy -- free flow to intruders? n Moral: – Many wonderful flows – Not all flows are wonderful

“Free flow” in the justice context n Common practice -- police have had unlisted phone numbers and addresses n Police concern about their own and their family’s safety at home

The Durham, N.C. example n Law enforcement officer concern n After debate, city council decided to make name a hidden field for all property records n County disagreed -- register of deeds decided to keep owners listed, online n County tax assessor plans to post blueprints of houses -- additional l.e. concern

Observations on “free flow” of information n Which flows of information make sense? n Do the flows happen automatically in the course of putting information on web sites? n When should there be thoughtful consideration of whether personal information should become increasingly available?

II. Administration Privacy Policy n Support self-regulation generally n Sensitive categories deserve legal protection – Medical & Genetic – Financial – Children’s Online n Government should lead by example

Internet Privacy n Quantity of policies – 15% to 66% to 88% from 1998 to 2000 n Quality of policies – Seek continued improvement n Incentives for good action by companies n Concern about “free riders” with no policies

Medical Records Privacy n HIPAA 1996 called for legislation by 8/99 n President announced proposed regs 10/99 n Over 53,000 submissions of comments n SOTU promise to make the regs final this year

Medical Records (cont.) n Fair information practices – Notice – Patient choice – Access – Security – Enforcement n Regs have other provisions, including for law enforcement access to medical records

Genetic Discrimination n February 8 Executive Order – Prohibits federal agencies from using genetic information in hiring or promotion n Call for legislation – Extend protections to private sector – Apply to purchase of health insurance n Genetic information and law enforcement – What will be public concerns over time about DNA databases?

Financial Privacy n Financial Modernization enacted in 1999 – Notice of uses – Choice to 3d parties – Enforcement n Administration Plan announced in April – Choice for affiliates, too – Opt in for especially sensitive data, including medical – Other provisions

Other Privacy Legislation n Children’s Online Privacy Protection Act of 1998 – FTC rules took effect 4/2000 – Key is “verifiable parental consent” n Identity Theft law in 1998 n Pretext Calling law in 1999 n “Opt in” for motor vehicle records for marketing in 1999

Summary on privacy legislation n Significant level of legislative activity n Significant level of public concern – WSJ poll in 9/99 n Seek balance among multiple goals – Privacy and public safety goals – Privacy and use of information for economic growth – Which uses of data are net beneficial, upon thoughtful consideration

III. Government as a Model n Government web sites n Government computer security n Privacy Impact Assessments n Oversight mechanisms

Government web sites n How is data collected and used at government web sites? n OMB guidance 6/99 for federal sites n All federal agencies had clearly posted privacy policies by the end of 1999

Government computer security n Good security is necessary for privacy – Weak security allows access to tax records, criminal investigative files, etc. – Good security stops hackers and other unauthorized users n Good security is not sufficient for privacy – What can an authorized user do with the data? – Post it to the Internet? – Privacy policies govern authorized users

Privacy Impact Assessments n Idea: build good security and privacy into new information technology systems n IRS has been approved as a Federal CIO Council “best practice” n FBI and Bureau of Justice Statistics in process

PIAs (continued) n Structured set of questions – What laws apply? Privacy Act? Others? – What agency or other policies apply? – The “friends and family” test -- do our practices seem reasonable and fair when they become public?

Oversight mechanisms n New databases and flows of information often achieve important public safety and other goals n What mechanisms exist to consider privacy and other values? n There may be public questions in the absence of oversight mechanisms?

IV. Public Records n Many criminal and other court records are “public records” n Dialogue with states on public records n Recent Supreme Court cases n The example of bankruptcy records

Supreme Court cases this term n United Reporting v. Los Angeles Police – State law with stricter limits on marketing than for press uses – State law upheld n Reno v. Condon – Federal statute limiting state release of motor vehicle records – Federal law upheld against federalism challenge

Bankruptcy records n What’s in the public bankruptcy file? – Bank account numbers – Social Security numbers n Should we place these online for millions of Americans? n President has asked OMB, Justice & Treasury to issue a report this year

Concluding thoughts n Many flows are good, but not all flows are good n Take advantage of new technologies to promote public safety, economic growth, public education, and other values n But, thoughtful consideration of the subset of flows that are possible but not advisable: – Home addresses of vulnerable people – Bank account numbers of individuals

For the justice system(s) n Improving technology makes many new flows less expensive and more practical n PIAs -- your practices should meet the requirements of – Applicable law – Applicable policies – Confidence of the public

Concluding thoughts n In the Information Age, there will be a constant stream of issues -- which information flows are good? n President Clinton has asked: how do we keep our traditional value of privacy in this era of new technology?

Conclusion n The answer will be in the good will of all of us who build the new information systems: – Medical – Genetic – Financial – Government generally – Justice systems in particular n We look forward to that challenge