Privacy & Information Security Law Blog

On February 9, 2016, President Obama signed an Executive Order establishing a permanent Federal Privacy Council (“Privacy Council”) that will serve as the principal interagency support structure to improve the privacy practices of government agencies and entities working on their behalf. The Privacy Council is charged with building on existing interagency efforts to protect privacy and provide expertise and assistance to government agencies, expand the skill and career development opportunities of agency privacy professionals, improve the management of agency privacy programs, and promote collaboration between and among agency privacy professionals.

Below is a summary of the key components of the Executive Order:

• Within 120 days of the date of the Executive Order, the Director of the Office of Management and Budget (“OMB”) shall issue a revised policy that contains guidance on the roles and responsibilities, and appropriate expertise and resource levels, of Senior Agency Officials for Privacy.
• The Privacy Council will be established as the principal interagency forum to help Senior Agency Officials for Privacy “better coordinate and collaborate, educate the federal workforce, and exchange best practices.” The Privacy Council will be chaired by the Deputy Director for Management of the OMB and will include Senior Agency Officials from numerous agencies such as the Departments of State, Treasury, Commerce, Defense and Justice.
• The head of each agency will designate (or re-designate) a Senior Agency Official for Privacy “with the experience and skills necessary to manage an agency-wide privacy program” who will work with the Privacy Council.
• The Privacy Council will (1) develop recommendations for OMB on federal government privacy policies and requirements; (2) coordinate and share best practices for protecting privacy and implementing appropriate safeguards; (3) help address hiring, training and professional development needs of the federal government from a privacy perspective; and (4) perform other privacy-related functions designated by the Chair.
• The Chair and the Federal Privacy Council will coordinate with the Federal Chief Information Officers Council to promote consistency and efficiency across the executive branch in addressing data privacy and security issues.

In parallel with the Executive Order, the White House issued a fact sheet regarding the Administration’s Cybersecurity National Action Plan (“CNAP”) which “takes near-term actions and puts in place a long-term strategy to enhance cybersecurity awareness and protections, protect privacy, maintain public safety as well as economic and national security, and empower Americans to take better control of their digital security.” The CNAP includes an action to modernize government information technology and transform how the government manages cybersecurity through the proposal of a $3.1 billion Information Technology Modernization Fund, which will include the formation of a Federal Chief Information Security Officer position. The fact sheet also details the establishment of the Commission on Enhancing National Security, which will be comprised of top U.S. strategic, business and technical thinkers from outside the government who will be tasked with studying and reporting on how to better enhance cybersecurity awareness and protect privacy. To fund the implementation of the proposed actions, the 2017 budget allocates more than $19 billion for cybersecurity, which represents a 35% increase over the 2016 enacted level.

Read more about the Administration’s proposed cybersecurity and data privacy initiatives.