|
Today's Three P's: Privacy, Public Access and Policy-making
BACKGROUND
Millions of Americans live in fear that someone will misappropriate their identity. In a Zogby poll released in April 2007, most Americans said they worry about identity theft. In fact, 91% said that they worry about their identity being stolen.
The public’s fears are not without foundation, as several recent news items have announced stolen government laptops, security breaches, family trust violations, and other criminal conduct. Public administrators live in even greater fear, knowing records, public records, have many of the necessary pieces of identifying information to do serious criminal damage by identity fraud.
Publicly searchable records have been available for decades. Enter the information age, where knowledge is the commodity and ease-of-use is the gold standard. Technology has allowed public administrators to do more in handling the growth and demands of the 21st century, especially when funding sources are willing to invest in technology and not willing to invest in staffing.
For example, in the commercial loan area, on-line filing of a Security Agreement describing the collateral for the loan allows a lender to self-file and include multiple elements of identifying information, even though such information is surplus. Now under some state laws, the public administrator who oversees such databases is held to a standard of strict liability or personal liability for the misuse of data the administrator doesn’t want, doesn’t need, and never uses. Worse yet, the public is outraged at the public record keeper for somehow being “at fault” in the process. The plot thickens when the law authorizing the public record keeper to hold such documents specifically prohibits alteration of the filed document, no matter how much surplus offending identifying information is contained in the filing.
TARGET AUDIENCE
Secretaries of State and Senior Staff
Federal Agency Program Directors
Information Technology Solution Providers
Banks and other lenders
Academia
THE PROPOSAL
The National Association of Secretaries of State (NASS) will sponsor a forum, hosted by Maine Secretary of State Matthew Dunlap, for thought leaders to explore and publish a white paper on the following:
The Problem:
• Is the problem the same in every jurisdiction? Are social security numbers and tax identification numbers the only problematic information?
• Do freedom of information acts or public access laws conflict with identity protection laws? If so, what balance needs to be reached? How is that balance achieved?
• Will redaction of certain identifying information render certain functions useless? (e.g. Federal tax liens)
• If a statute requires public agencies to “research” records, how does the records administrator distinguish legitimate business interests from other motivations?
• What’s the priority ladder? Can incoming filings be rejected? Active filings next – What about inactive filings?
• What is meant by personal information - is it only SSNs, FEINs, and collateral or does it include phone numbers and addresses? What about address confidentiality states?
• What is meant by redaction – manual, semi-manual, or automated?'
Process Issues:
• What is the process to “fix the problem”?
• What’s it take to do redaction in-house? Cost, personnel, management, political capital, public (dis)satisfaction?
• Is there an acceptable error rate?
• What is needed in an RFP or contract with a vendor? What do you need to know to talk intelligently on the topic?
• Who are the public administrators’ allies? Going forward – is all the responsibility going to be on the public administrator to “fix the problem”? What about preventing it in the first place?
Case Studies:
• Who has undertaken this task?
• What are the key elements of success?
• Experiences to date
• What lessons have been learned?
GETTING THERE
NASS has set August 14-15, 2007, as the dates for an invitation-only one and one-half day symposium in Portland, Maine. A draft report will be prepared by the fall with a final release of the white paper at the eC3 2007 Annual Meeting in Austin, Texas, December 3-5, 2007. The white paper will be presented at that meeting through appropriate plenary and breakout sessions. The paper will also be reviewed at the NASS 2008 Winter Conference in Washington, D C. from February 7-10, 2008.
Sponsorship fees will be the basis for funding this symposium. The total number of sponsors will be limited to ten. Last year’s NASS/eC3 Digital Archiving sponsors will have priority for this year’s sponsorship. NASS will invite selected individuals with experience on the issues to attend and contribute to the symposium. Dan Combs, President of Global Identity Solutions and former Director of Digital Government of Iowa, a recognized authority in identity management, will be the lead facilitator for the symposium. Pre-symposium, an organization and research outline of discussion topics and a preliminary scope document for the white paper will be prepared by NASS eC3 Board Members, Maine Secretary of State Matthew Dunlap, Montana Secretary of State Brad Johnson, and North Carolina Secretary of State Elaine F. Marshall.
The white paper will be written by John Smith of the Maine Secretary of State’s Office. All symposium participants will be expected to review and comment on the draft document during the fall of 2007. Symposium sponsors are expected to participate in symposium discussion and contribute to content development without specific product promotion. Sponsors will also receive credit for their support in the white paper itself and on the eC3 website as a part of the document. The white paper will also be featured on the NASS website and distributed to all the Secretaries of State.
As of June 28, 2007
|
