Abstract

  


 



PIA Requirements and Privacy Decision-Making in US Government Agencies


Kenneth A. Bamberger


University of California, Berkeley - School of Law

Deirdre K. Mulligan


University of California, Berkeley - School of Information
July 22, 2012

D. Wright, P. DeHert (eds.), Privacy Impact Assessment (2012)
UC Berkeley Public Law Research Paper No. 2222322

Abstract:     
This chapter explores the ways in which the Privacy Impact Assessment requirement of the U.S. E-Government Act might be implemented in government agencies so as to mitigate agency “tunnel vision” and begin to integrate meaningful consideration of privacy concerns into agency structures, cultures and decision-making. It does this by considering the implementation of the PIA requirement by two different federal agencies -- the Department of Homeland Security and the Department of State -- considering the adoption radio frequency identification (RFID) technology, which allows a remotely-accessible data chip to be attached to or inserted into a product, animal or person. The two different approaches reflect the highly inconsistent adherence to the PIA mandate across agencies, and even between programs within a single agency.

An examination of the practices of these two US agencies, interviews with agency decision-makers involved in these processes, and insights from the US experience with the parallel context of environmental impact statements offer a starting point for developing hypotheses about the role of internal agency structure, culture, personnel and professional expertise in whether the PIA process can be meaningfully integrated as an element of bureaucratic decision-making. Specifically, they suggest the importance of continued research into the role of alternate methods of external accountability as a means for strengthening the hand of privacy officers internally, the importance of substantive experts combined with internal processes for insinuating privacy into daily practice, and the need for status and structures that respect the different roles privacy professionals play in protecting privacy during policy-making and integrating privacy into the bureaucracy.

Number of Pages in PDF File: 26

Accepted Paper Series


Download This Paper

Date posted: February 21, 2013  

Suggested Citation

Bamberger, Kenneth A. and Mulligan, Deirdre K., PIA Requirements and Privacy Decision-Making in US Government Agencies (July 22, 2012). D. Wright, P. DeHert (eds.), Privacy Impact Assessment (2012); UC Berkeley Public Law Research Paper No. 2222322. Available at SSRN: http://ssrn.com/abstract=2222322

Contact Information

Kenneth A. Bamberger (Contact Author)
University of California, Berkeley - School of Law ( email )
Boalt Hall
Berkeley, CA 94720-7200
United States
(510) 643-6218 (Phone)
HOME PAGE: http://www.law.berkeley.edu/faculty/profiles/facultyProfile.php?facID=5701
Deirdre K. Mulligan
University of California, Berkeley - School of Information ( email )
102 South Hall
Berkeley, CA 94720-4600
United States
Feedback to SSRN (Beta)


Paper statistics
Abstract Views: 313
Downloads: 26

© 2013 Social Science Electronic Publishing, Inc. All Rights Reserved.  FAQ   Terms of Use   Privacy Policy   Copyright
This page was processed by apollo8 in 0.313 seconds