DHS privacy office grapples with RFID, biometrics

Congress has given the Homeland Security Department's Privacy Office a fivefold budget increase for fiscal 2005, to $35 million, DHS chief privacy office Nuala O'Connor Kelly said today at the Inside ID Conference and Expo in Washington.

With a staff of more than 450, Kelly said she is trying to establish a framework for evaluating new data collection technologies and information sharing with other agencies and jurisdictions. "We are very grateful for Congress' sign of commitment to privacy and transparency" of the government's collection and use of individuals' personal information, she said.

As head of the first statutorily mandated privacy office, Kelly said she and her staff ask DHS program managers the time-honored questions of why, what, when, who, where and how to assess the impact under the Privacy and Freedom of Information acts.

"Our first question is, 'Why are you doing this?'"she said. "Is there a legitimate policy purpose? That forces program managers to home in on the business case and refine it so it is not being burdened by extraneous information collection. Is each data element really necessary?"

There are real costs in having too much data and keeping it too long, Kelly said.

In evaluating new technologies, she said, "we are looking very hard at biometric initiatives in DHS" as well as at other U.S. agencies and foreign governments, especially use of radio frequency identification tags. "Baggage tags out in the world contain personal information," she said.

Another focus is adequate provision for redress if personal information held by the government is incorrect. "Where is the data kept, and who can access it for accountability?" she asked.

Setting up toll-free numbers and call centers with full-time employees to answer questions "strikes fear in the hearts of government budget managers," she said, but she is challenging the department to make redress possible through 800 numbers and Web sites.