February 10, 2004
Remarks as Prepared

Chairman Cannon, Congressman Watt, and Members of the subcommittee, it is a great honor to testify before you today on the activities of the United States Department of Homeland Security's Privacy Office, which I am privileged to lead as the first Chief Privacy Officer of the Department of Homeland Security.

The creation of the Department of Homeland Security and its many programs raise no shortage of important privacy and civil liberties issues for this nation to address.   This Department, led by Secretary Tom Ridge, and this Administration, led by President Bush, are committed to addressing these critical issues as they seek to strengthen our homeland.  A crucial part of this commitment is the mission of the Privacy Office at the Department of Homeland Security.  

Before our office officially opened its doors, Secretary Ridge articulated his vision for this office, stating that the privacy office "will be involved from the very beginning with every policy initiative and every program initiative that we consider," to ensure that our strategy and our actions are consistent with not only the federal privacy safeguards already on the books, but also "with the individual rights and civil liberties protected by our laws and our Constitution."  

As Members of this subcommittee are uniquely aware, the enabling statute for the Department of Homeland Security directs the Secretary to appoint a senior official in the Department to assume primary responsibility for privacy policy.  That legislation reflects, I believe, a growing sensitivity and awareness on the part of our citizens regarding personal data flow in the public and private sectors, and the particular concerns surrounding the melding of 22 former agencies -- along with the unique mission and data collection activities that each of those agencies brings.

The DHS Privacy Office works to promote best practices with respect to privacy and infuse fair information practices and principles into the DHS culture.  A major goal for my tenure as Chief Privacy Officer is to 'operationalize' privacy throughout DHS.  We are doing this by working closely not only with Secretary Ridge and our senior policy leadership of the various agencies and directorates of the department, but also with our Privacy Act and FOIA teams, and operational, policy, and program staff across the Department.

Through internal educational outreach and the establishment of internal clearance procedures and milestones for program development, we are helping DHS components to consider privacy whenever developing new programs or revising existing ones.  We are evaluating the use of new technologies to ensure that privacy protections are given primary consideration in the development and implementation of these new systems.  In this process, DHS professionals have become educated about the need to consider--and the framework for considering--the privacy impact of their technology decisions.  We are reviewing Privacy Act systems notices before they are sent forward and ensuring that we collect only those records that are necessary to support our mission.  We also guide DHS agencies in developing appropriate privacy policies for their programs and serve as a resource for any questions that may arise concerning privacy, information collection or disclosure.  And the Privacy Office of course works closely with various DHS policy teams, the Office of the General Counsel, and the Chief Information Officers to ensure that the mission of the Privacy Office is reflected in all DHS initiatives.

The Privacy Office also seeks to anticipate and satisfy public needs and expectations by providing a crucial link between those outside DHS who are concerned about the privacy impact of the Department's initiatives, and those inside the Department who are diligently working to achieve the Department's mission.  Our role is not only to inform, educate, and lead privacy practice within the Department, but also to serve as a receptive audience to those outside the Department who have questions or concerns about the Department's operations.  To that end, the Privacy Office has engaged in consistent and substantial outreach efforts to members of the advocacy community, industry representatives, other U.S. agencies, foreign governments, and most importantly, the American public.  

Our government and our agency are grounded on principles of openness and accountability, tempered, of course, by the need to preserve the confidentiality of the most sensitive personal, commercial, and governmental information.  Our work at the DHS Privacy Office is proving that it is, in fact, possible to achieve both responsible privacy practices and the critical mission of the Department of Homeland Security.  Issues of privacy and civil liberties are most successfully navigated when the necessary legal, policy, and technological protections are built in to the systems or programs from the very beginning.  

I am often asked whether I view my job as a privacy advocate and thus at odds with the activities of the Department.  The answer is, without hesitation, "No."  As Secretary Ridge has articulated on many occasions, the Department of Homeland Security's mission is more than just counter-terrorism, more than just the protection of people and places and things.  It is also the protection of our liberties and our way of life.  That way of life includes the ability to engage in public life with dignity, autonomy, and a general expectation of the respect for personal privacy.  Thus, the protection of privacy is neither an adjunct nor the antithesis to the mission of the Department of Homeland Security.   Privacy protection, in fact, is at the core of that mission.  

I thank you for your time and for the opportunity to testify before this important committee today.  I look forward to hearing the other witnesses' testimony and to answering your questions.

###