Kenneth Kraper
Timothy Lisko
More than ever, with government agencies amassing vast amounts of information about Americans and the growing threat of data loss due to malicious and non-malicious factors, privacy is a critical concern. But although data breaches can be embarrassing, there have been few substantial steps taken to prevent them. While federal agencies are already subject to a number of laws and regulations related to safeguarding personal information, resource constraints and lack of strong enforcement from oversight authorities have made it difficult to comply with high-level privacy standards or to integrate privacy policies into new programs or systems.
Instead, most agencies deal with privacy after sensitive data or personally identifiable information (PII) has been compromised and the damage has been done. But that strategy often results in expensive litigation, harm to reputation, and program delays or postponements. Indeed, federal agencies have lost hundreds of millions of dollars in suspended or cancelled systems for not investing adequate attention to privacy and civil liberties risks.
Booz Allen Hamilton associates Timothy Lisko and Kenneth Kraper have come up with an intriguing solution to this issue—a process they call Privacy Engineering. Their concept, a second place prizewinner at Booz Allen’s 2010 Ideas Festival, offers a strategic approach to driving privacy compliance with the use of policy, business processes, and technology; the goal is to achieve robust privacy protection in system and program design and operations.
To do this they propose integrating a privacy engineering specialist into project management teams when a system is under development. This specialist would ensure that design, documentation, and milestones in a project take data protection into account so subsequent threats to privacy are significantly minimized. His or her role would be to weigh in on the privacy implications of all aspects of the system from planning, to design, to integration, testing, operations, maintenance, and periodic reviews. Simply put, the privacy specialist would drive innovative uses of privacy policies, compliance mechanisms, and technology into a program’s or system’s mission and life cycle, making certain that there is buy in for privacy issues from developers to users.
“Privacy Engineering aims to change the culture of build first and ask troublesome questions about threats to sensitive information later,” says Kraper. “Rather than looking for ways to maintain privacy compliance on the back end, privacy engineering architects privacy into a system or program at the outset.”
Privacy Engineering should be a welcome idea among privacy officials at many agencies. As Lisko and Kraper note, government privacy offices are often resource-starved, leaving over-stretched staffs little time to do anything but review submitted compliance documentation and compile ongoing reports based on responses from the agencies themselves without independent verification. Consequently, there is almost no opportunity for privacy officials to address the privacy implications of individual system and program development decisions. Having a designated privacy specialist to oversee projects in the design stage would enable privacy officials to more easily and proactively identify and mitigate potential privacy vulnerabilities as systems or programs are conceptualized.
The need for Privacy Engineering is going to escalate substantially in the coming years as federal agencies increasingly turn to Internet-based cloud computing to manage vast databases more efficiently. These applications can potentially make personally identifiable information maintained by the government more accessible to unauthorized individuals. Absent Privacy Engineering during the design, initiation, implementation, and maintenance of cloud programs, data protection and accessibility standards will become increasingly challenging for agencies to properly control. Similarly, Privacy Engineering is also critical to protect sensitive information in identity management systems used to safeguard facilities, electronic health records, global energy networks, and financial files—any government activities where the need to safeguard personal information must be balanced against requirements to maintain extensive data warehouses.
“Privacy Engineering is not just an information technology solution, it is an overall risk management strategy that touches all aspects of a program and system,” says Lisko. “It encompasses any number of engagements that Booz Allen could participate in—defense, law enforcement, energy, finance, and healthcare, to name a few—as data pertaining to each of these areas need to be shared more widely and protected more vigorously at the same time.”
The biggest constraint that Privacy Engineering faces is an uphill battle for federal resources. Agency budgets are growing tighter and privacy concerns have never been a top priority. To overcome this limitation, Lisko and Kraper recommend integrating Privacy Engineering into existing data security and risk mitigation programs. By bundling program design and protection activities, privacy support and activities could be embedded efficiently without adding significant cost or resource burdens to government departments. “Privacy Engineering is a perfect fit under the umbrella of our information assurance offerings,” says Kraper.
Lisko and Kraper have put together an ambitious agenda for transforming Privacy Engineering from a nascent idea into full-blown reality. Among their planned activities:
Learn more about the firm’s Cloud Computing, Cyber, and Integrated Identity services.
SVP supporting clients in the uniform services, cross-defense agencies, and combatant commanders.
SVP Roger Cressey supports the firm’s cybersecurity business and international government clients.
Senior Vice President leading the firm's commercial and government health business.
