Privacy Committee Stacked with Anti-Privacy Advocates

Opinion: The feds' Data Privacy and Integrity Advisory Committee isn't likely to safeguard data privacy or integrity.

So here I am, head of a large corporation, and its time for me to pick a few top people to help run the company. But who should I pick for key positions such as CFO and CIO?

My first pick is Marty, a person who cant track or control his spending, who is completely clueless and unorganized about his finances. The next time he saves a dollar will be the first time he saves a dollar. Im going to make him chief financial officer.

And then theres Gail, who avoids using e-mail, a PC or anything technology-related and who in a company meeting famously stated that all technology is bad and that the company should return to pencil, paper and Day-Timers. She is, of course, the perfect candidate for chief information officer.

OK, I know you think I may be nuts with these decisions, but Im just following the example of one of the biggest organizations around—namely, the U.S. government. Lately it seems as if the main qualification to get a top position in a government agency is to be completely opposed to the stated goal of that agency.

From a technology and, especially, an Internet business perspective, some of the most disconcerting agency appointments have been in the Department of Homeland Securitys Data Privacy and Integrity Advisory Committee, a group that advises the departments chief privacy officer and has the potential to shape government policies for individuals, corporations and technology as a whole.

The first interesting decision was when the committee membership was announced in February and it included D. Reed Freeman, chief privacy officer at Claria, which was formerly known as Gator. Of course, this caused a great deal of consternation in the privacy community because Claria/Gator is one of the biggest players in spyware—I mean adware, PUPs, um, "super-keen-ware that you may have unknowingly installed." Many were surprised that a group meant to advise on privacy would include someone from an industry that is all about breaking down individual privacy on the Web.

Then this month, the chairman of this committee was named, and it turned out to be a Heritage Foundation fellow named Paul Rosenzweig, who, in privacy and government circles, is well-known for his advocacy of the proposed Total Information Awareness program, which was shot down in Congress because of its many potential privacy abuses.

/zimages/7/28571.gifClick here to read about Congress efforts to create broader privacy policies.

Of course, the Data Privacy and Integrity Advisory Committee is an advisory group, and advisory committees shouldnt exclude people with extreme viewpoints. But when I look at the list of committee members (at editorial/editorial_0598.xml), I dont see the extreme pro-privacy counterparts to some of these committee members.

There is a good number of clear moderates from the corporate and government sectors, even some who are clearly privacy advocates. But there are no hard-core consumer privacy advocates—say, on the Richard Smith level—to balance the committee.

And when the chairman is a person who has been described as seeing privacy as something to be worked around, rather than someone more from the center, it is easy to understand why some have said that the committees goal is not to prevent invasions of privacy but to prevent privacy from invading government policies.

Im not ready to get my tinfoil hat out just yet, but I am concerned about the potential effects on technology and the Internet.

When we as IT administrators are spending serious time and money to rid our companies of adware and other unwanted programs that track users and slow our systems, how much influence do we want the companies that make these programs to have over government privacy policy?

When we go to extreme lengths to protect our customer and business data from prying eyes, shouldnt we worry about the power of people who advocate for programs designed to capture all Internet traffic, transactions and data into central government databases?

I may be overreacting to the possible influence of an advisory committee. But having spent way too much time in recent years either dealing with the fallout of bad government policies or lobbying regularly against new policies that will adversely affect the way I use and manage technology, I dont take anything for granted.

eWEEK Labs Director Jim Rapoza can be reached at

/zimages/7/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.