Wanted: New DHS privacy officer
Experts laud O'Connor Kelly for balancing security and privacy
When Nuala O'Connor Kelly, the Homeland Security Department's first chief privacy officer, left for the private sector at the end of September, she left behind a lot of good will and thorny issues.
Former DHS Secretary Tom Ridge appointed O'Connor Kelly in April 2003, a month after DHS' creation. She was responsible for ensuring that the new and existing technologies DHS uses to protect the country do not infringe on individuals' privacy.
O'Connor Kelly will be remembered for her steadfastness and for setting up and running a process to ensure that DHS considers privacy with other homeland security issues, said Bruce McConnell, former chief of information policy and technology at the Office of Management and Budget and president of McConnell International, a management and marketing consulting firm. He is also a Federal Computer Week columnist.
Those are major accomplishments, McConnell said, because O'Connor Kelly had little administrative authority and came on after the 2001 terrorist attacks, which created an environment in which sacrificing privacy for security was more acceptable.
She was "the best person for the position because she had clout in the administration and knowledge of the issues," said Ari Schwartz, associate director of the Center for Democracy and Technology, a nonprofit privacy advocacy group.
O'Connor Kelly raised the level of attention that chief privacy officers receive, something that Schwartz said he hopes will stick. She did an excellent job of consulting with as many experts as possible about a variety of difficult issues, he said.
For instance, O'Connor Kelly created DHS' Data Privacy and Integrity Advisory Committee, a 20-member group of privacy experts, to counsel her and DHS Secretary Michael Chertoff on issues that affect privacy, data integrity and data interoperability.
She created new privacy-protection practices and borrowed best practices from government and industry, Schwartz said. DHS now has the best privacy-impact assessments in government, even though they are still not perfect, he said.
DHS' next chief privacy officer will face additional challenges because of the proposed screening and coordination office, said Cathleen Berrick, director of homeland security and justice at the Government Accountability Office.
The new office would integrate DHS' multiple screening programs and eliminate overlapping functions. "When you bring all those programs together, it makes privacy even more important" because the quest for efficiency can threaten privacy, Berrick said.
Starting this month, O'Connor Kelly will be chief privacy officer and senior counsel at General Electric. Her experience in privacy policy and applications attracted GE because the company faces many privacy issues, including protecting customer and health care data, said Russell Wilkerson, GE's director of corporate communications.
Valerie Smith, a DHS spokeswoman, said the department has not started a formal search yet, and Maureen Cooney, O'Connor Kelly's chief of staff, is acting chief privacy officer until DHS finds someone to officially replace O'Connor Kelly.
To be successful, her successor must negotiate honestly, work transparently and gain credibility with the law enforcement and privacy communities, which have different perspectives from DHS, McConnell said. O'Connor Kelly managed to do that, he said, so her tenure was a "pretty big success."
NEXT STORY: Judge again rules against DHS