• Print

Setting White House priorities for electronic privacy: HIT, smart grid and education

Much of the online discussion about electronic privacy over the past week has been dominated by Facebook, particularly a new “instant personalization” feature. Is the age of privacy over? As Bruce Schneier pointed out in his essay on privacy and control, “Google Chief Eric Schmidt [has] expressed a similar sentiment. Add Scott McNealy’s and Larry Ellison’s comments from a few years earlier, and you’ve got a whole lot of tech CEOs proclaiming the death of privacy — especially when it comes to young people.

As Schneier pointed out, it’s not true. For one thing, the attitudes of young adults and older adults regarding information privacy are statistically similar, as recent research shows, differing primarily when it comes to electronic literacy. danah boyd made a compelling argument in this area at this year’s SXSWi festival that made sense of privacy and publicity.

On the larger point, there’s much more to electronic privacy than social networking. And as the White House deputy chief technology officer, Andrew McLaughlin, explained at Privacy Camp in Washington, D.C. this month, improving electronic privacy is crucial to the Obama administration’s agenda for leveraging information technology. Video of McLaughlin, courtesy of Alan Rosenblatt, is embedded below:

McLaughlin said that there is a cluster of three verticals the White House would like input on:

  1. Health information technology (HIT)
  2. smart grid
  3. education and student records

HIT and Electronic Health Records (EHRs)

Gov 2.0 Expo 2010The evolution of government transparency includes how HIT policy is made, as Brian Ahier has explained previously here at Radar. The American Recovery and Reinvestment Act of 2009 included $19 billion for health IT through the HITECH Act. HITECH also created the HIT Standards Committee and the HIT Policy Committee under the auspices of the Federal Advisory Committee Act (FACA).

“The goal is for every American to have an electronic health record by 2015,” said McLaughlin. “The only way we’ll do that is if we do an exceptional job with privacy.” McLaughlin said that includes improved security keys and authentication at both ends of the transaction.

Smart grid privacy

The smart grid may have the potential to be part of a new social nervous system, as Tim O’Reilly has described, but there are also privacy considerations for implementation. The Electronic Communication Privacy Center has smart grid privacy on its radar — and so does the White House. McLaughlin emphasized the need to think through privacy policy and regulation at both the state and federal level at public utility commissions.

State utility commissions currently lack formal privacy policies or standards related to the smart grid. One major challenge is that comprehensive, consistent definitions of personally identifiable information do not typically exist in these institutions.

As a working group of IT security pros reported to NIST last summer, there are significant smart grid privacy concerns to consider.

These considerations can be neatly summarized in the following excerpt from the NIST report:

The major benefit provided by the Smart Grid, i.e. the ability to get richer data to and from customer meters and other electric devices, is also its Achilles’ heel from a privacy viewpoint. Privacy advocates have raised serious concerns about the type and amount of billing and usage information flowing through the various entities of the Smart Grid … that could provide a detailed time-line of activities occurring inside the home.

As privacy expert Rebecca Herold explained on her blog, smart grid privacy needs to be considered as utilities move to a next-generation infrastructure. Those implications were concisely listed by Herold as follows:

  1. Identity theft.
  2. Determining personal behavior patterns.
  3. Determining specific appliances used.
  4. Performing real-time surveillance.
  5. Revealing activities through residual data.
  6. Targeted home invasions.
  7. Providing accidental invasions.
  8. Activity censorship.
  9. Decisions and actions based upon inaccurate data.
  10. Revealing activities when used with data from other utilities.

Education

Privacy, interoperability and portability aren’t just issues with EHRs. McLaughlin said that they want to find a way for student records to be able to move with students from school to school. As with HIT, there are meaningful use issues.There is a need for
standards bodies to make sure privacy is “baked in” from the beginning.

Big data and privacy

Cutting through all of these verticals are the paired issues of deidentification and anonymization, said McLaughlin. “Algorithms need to combine great math with great management,” he said. It’s important to get it right, as in the case of EHRs, as the biggest obvious win is for patients when successful outcomes can be analyzed, he said.

The real benefit to the system will come from being able to do analyses of huge piles of millions of patients’ data comparative effectiveness. That’s a point that Aneesh Chopra, the White House CTO, has also made regarding using health data to improve treatment and other elements of healthcare.

That can only happen, however, with significant advances in electronic privacy protections. Some of that will come through math, said McLaughlin, some with practices, and others with policy in terms of how data is handled. “The goal is well-justified trust and confidence,” said McLaughlin, from consumer, law enforcement, civil rights and civil liberties perspectives.

Request for Input

There are for areas where McLaughlin said they need help, broadly speaking.

1. Government use of social media

McLaughlin said that they need to do more to respect “peculiar privacy concerns” and uses of social media data. “Cookies are one of the avatars of this problem,” he said.

In particular, the Office of Management and Budget is revisiting a decade-old cookie policy. In general, McLaughlin said they have to help government webmasters anticipate issues raised by social media use. That’s particularly true if social media breaches enter the lexicon soon.

2. Location and time data

If smart grid privacy is a future concern, location and time data from telecommunication providers is an electronic privacy issue of the moment. McLaughlin pointed out that constantly-pinging towers cell towers make elaborate de-identification of customer proprietary network information (CPNI) about where you were and when you were uniquely susceptible to re-identification. “It’s very easy to make a guess, even when thoroughly de-identified,” he said. Figuring out how to deal with that issue when data is shared though third party providers is immensely challenging.

3. Actions the White House can take

McLaughlin said that the White House is particularly interested in the kinds of executive action a President can take to protect electronic privacy.

4. Anonymizing technologies

McLaughlin said that the Obama administration — particularly the State Department — has been putting a lot of effort into Internet freedom, specifically the ability for people to communicate over the Internet with one another. Part of the solution will be technologies for secure private communications within trusted groups and anonymization, he said.

The knotty problem is that the same technologies can be used for copyright infringement, to share child pornography, or to plan terrorist actions. What are the right ways to push forward for dissident or minority communications within a closed society while at the same time being sensitive to law enforcement?

There are no easy answers to any of those questions. With feedback from a digitally-enabled citizenry, however, it’s possible that the White House’s technologists will make some progress in addressing them in a way that allows HIT, smart grid and e-education initiatives to move forward.

tags: , , ,
  • Steven Mandzik

    Alex – I wonder about the smart grid and health data becoming digitized. I really can’t get my head around it.

    The most I have heard is about health data. There are companies who say that anonymizing the data and then aggregating it is extremely helpful. Like it can recognize trends in sickness, surgery success, best practices, etc.

    Then there is google health trends which is more peripheral but to the same end. Gathering data about people’s searches then identifying trends.

    I see the same thing happening with the smart grid connection. With all this data comes new privacy concerns but what else? How will the data be used. What are some parallel industries to learn from.

    The 10 privacy concerns seem more theoretical and maybe someone should look into this. I have a sneaking suspicion we dont need to invent new ground. Like this is a known process that has happened a million times in the credit card industry, banking, social security, irs, etc.

    So why is this so weird or such an issue…

    Like i said I just dont get it…

  • BobbyG

    I recently wrote a bit about this here:

    http://bgladd.blogspot.com

    I will add more to the current post soon, including some of the views of Dr. Deborah C. Peel, who some view as unduly alarmist with respect to medical privacy.

  • Military Strategist

    The push toward a “social nervous system” translates into a push toward Open Intelligence (OPINT) across the entire public infrastructure with sensors on the edge, all feeding a large feedback control system that employs OPINT from the edge in order to manage the feedback and controls.

    To date, no one has demonstrated how this network centric social system design is commensurate with individual liberty or democratic systems. In fact, everything that I know about network centric system design indicates that such a social system is dystopian at best, resulting in centrally managed society by whoever the algorithm designers are.

    The issue, therefore, is not necessarily the security of an individual asset within the system, say my cookie, but the overall system design and how that resulting system design changes society, and whether those changes provide for more or less liberty.

    No one is addressing the big picture and answering these critical questions. Hence, I’d really like to see O’Reilly make a case that supports this direction that he is pushing society.