By Doug Miller, SafeGov.org Many of us have been following a legal case being fought in California in which 10 plaintiffs are suing Google over its practice of scanning the content of private Gmail messages for the purposes of showing ads related to the content of the user’s email. The plaintiffs and many privacy organizations… Keep reading →
This week, millions of voters will confront not only the decision of who to vote for, but also the more mundane questions of where and when to vote, whether they need to bring identification, and who or what exactly will be on the ballot.
Despite the march of technology that makes that information available online to more and more people, finding the correct information for a given voting district has been a continuing challenge for veteran and prospective voters alike, as well as state and local election officials. Keep reading →
It didn’t take long before discussion about technology and national security Wednesday turned to this week’s Taliban violence on a Pakistani teenager.
“When reached by cell phone the Taliban claimed credit,” said Google Chairman Eric Schmidt referring to critically-injured Malala Yousufzai. “We know their phone number? Hmm. Why don’t we know where they are?” Keep reading →
For those who follow government computing trends, the biggest story of 2012 in the U.S. has been the accelerating adoption of cloud services by federal agencies as well as by state and local governments. This growth has been fostered in large part by the admirably proactive stance in favor of cloud taken by the White House’s Office of Management and Budget (OMB).
It has also been propelled by the FedRAMP program, which streamlines the procedures used to vet the security features of commercial cloud solutions. At SafeGov we enthusiastically endorse this trend and look forward to the cost savings and improvements in citizen services it will bring to all levels of government.
This article originally appeared on SafeGov.org and is republished by permission. For more news and insights on innovations at work in government, please sign up for the AOL Gov newsletter. For the quickest updates, like us on Facebook.
But while U.S. government use of cloud services surges, U.S. regulators have paid relatively little attention to the emerging issue of data confidentiality in the cloud. The focus of Federal cloud standardization efforts such as the NIST requirements built into FedRAMP has been data security, not privacy and confidentiality.
In Europe, however, the picture looks very different. The European public sector is approaching the cloud with caution: governments are keenly interested in the potential benefits, but have not yet issued the kind of top-down mandate for rapid migration that we’ve seen in the U.S.
At the same time, European regulators are much further along the path toward a modernized regulatory regime for cloud computing. The key development looming on the horizon in Europe is the proposed new EU Data Protection Regulation. This draft legislation represents a sweeping revision of the 1995 EU Privacy Directive and is currently the subject of intense scrutiny by interested stakeholders.
Before we assess the impact of European privacy regulations on government cloud computing, let’s take a step back to review the recent debate over online privacy in the U.S. As visitors to this forum may know, SafeGov contributors were among the first to identify the mismatch between the privacy policies of giant web advertising companies like Google and the requirements of safe cloud computing in a government or educational environment.
Scaled up to tens and even hundreds of millions of users, this profiling technique yields an extraordinarily profitable business model that has made Google the most successful advertising firm in history.
Privacy advocates on both sides of the Atlantic have objected to Google’s business model on the grounds that web users are not informed that they are being tracked in this manner and are not given an obvious opportunity to opt out. We also note that the European DPAs asked Google to delay implementation of the policy until it could be investigated, but Google declined.
SafeGov itself does not take a position on business models deployed by consumer advertising firms. We recognize that opinions on this difficult and sensitive question will differ. Web advertising (which does not necessarily require hidden user tracking) can be a healthy form of technological innovation that offers significant benefits to consumers.
However, our contributing experts have pointed out on many occasions that the kind of stealthy user profiling and systematic data mining of user content that has become the norm on the consumer web is absolutely unacceptable when performed in cloud services provided under contract to governments or schools.
I believe that our experts who have spoken out on this issue are on solid ground. Imagine for example that a cloud provider decided to apply the same data mining algorithms it uses for consumer ad targeting to the email traffic of tens or hundreds of thousands of government users or school children.
Even if no personal information of individual users was disclosed to advertisers, the power of these algorithms to identify trending topics and keywords in user content could be of immense economic value. In the case of sensitive government information, it could also represent a grave threat to the security of nations. It is for these reasons that SafeGov has called on all cloud service providers to create separate privacy policies for public sector users that expressly ban these practices.
It is important to understand that although the CNIL is a French institution, it is not acting on behalf of the French government, but on that of the association of European DPAs (the Article 29 Working Party). These DPAs are national regulatory bodies whose members are appointed by their national governments, but which operate as independent authorities (in much the same way that the FTC and the FCC do in the U.S.). Their mandate is to enforce European and national laws concerning data protection and online privacy.
While nothing has yet leaked to the press regarding the CNIL’s findings (the contrast on this point with the American FTC is noteworthy), past statements of the CNIL and the Article 29 Working Party allow us to anticipate the likely direction the regulator will take.
In recent months many web sites in Europe have begun to implement the new EU cookie rules that require increased disclosure and express consent prior to the serving of web cookies to user browsers. We might expect similar requirements to be imposed on Google and its web advertising peers (Facebook, Yahoo, Hotmail and Bing, etc.).
In any case, observers can be confident that the debate on the topic of the confidentiality and safety of government data in the cloud is only just beginning.
The CNIL’s findings on behalf of the Article 29 Working Party, whatever they are, will be only the first step in a long road. As Europe prepares a fundamental revision of its data protection and online privacy law, that road will ultimately lead to significant changes in the privacy practices and perhaps even in the business models of all web advertising firms that wish to do business in Europe.
These changes will inevitably encompass the rules that govern the cloud services provided to European governments and schools.
We hope that Europe’s Data Protection Authorities will recognize the need for dedicated privacy policies that guarantee users in these critical sectors of the European economy protection from the user profiling and data mining practices of the online consumer advertising industry.Jeff Gould is CEO and Director of Research, Peerstone Research, and a regular contributor to SafeGov.org, a forum for IT providers and industry experts dedicated to promoting trusted and responsible cloud computing. Keep reading →
The U.S. Army is expected to open a new mobile applications store as part of a pilot program designed to offer a more flexible way to develop and buy software for the government. The online store will provide a space where users can request specific tools and where participating developers can quickly provide or create a product to fill respective needs without getting bogged down in a complex and time consuming acquisitions process.
The new pilot will be a six-month effort that will support the Army’s intelligence service and the potentially intelligence agencies. Keep reading →
For all the progress federal agencies have made toward mobile technology, CIOs still long for industry innovation that leads to a secure, virtual solution for devices other than BlackBerries.
The sentiment came through at a panel discussion Tuesday moderated by Rick Holgate at the Telework Exchange’s Fall 2012 Town Hall Meeting in Washington, D.C. Holgate is chief information officer at the Bureau of Alchohol, Tobacco, Firearms and Explosives. Keep reading →
Fueled by the widespread adoption of increasingly powerful mobile devices, we are in the midst of one of the most exciting technology eras ever. Half of American adults now own smartphones and over 20% are already using tablets. This pace of adoption is unprecedented as the first Apple iPhone was only introduced five years ago with the Apple iPad arriving in just the past two years.
The rapid emergence of this mass market has shattered the cost constraints for going mobile for every organization, including government agencies. For a technology geek like myself, what’s most exciting is the opportunity this creates to untether knowledge workers from the desktop so that they can be equally effective in the field. Keep reading →
Nathaniel Manning was selected as a Presidential Innovation Fellow for Project OpenData as part of the new White House Presidential Innovation Fellows program. The program pairs top innovators from the private sector, nonprofits, and academia with top innovators in government to collaborate on solutions that aim to deliver significant results in six months.
The Open Data Initiatives program aims to “liberate” government data and voluntarily-contributed corporate data to fuel entrepreneurship, improve the lives of Americans in many tangible ways, and create jobs.
This is one in a series introducing 18 Fellows working on five initiatives that are part of the White House Presidential Innovation Fellows program.
Manning is the Director of Business Development and Strategy at Ushahidi, a nonprofit tech company from Kenya that specializes in developing free and open source software for information collection, visualization, and interactive mapping. Keep reading →