1 / 7

Citizen Privacy Service: An OSERA Reference Implementation

Citizen Privacy Service ensures privacy in information sharing and data mining by applying technologies used in those fields. This implementation includes a technical architecture, an ontology of the U.S. Privacy Act of 1974, and policy decision and enforcement points. For more information, please read "Information Flow in the Federal Enterprise Redux: Governing Federations, Sharing Information and Ensuring Privacy."

sorrentino
Download Presentation

Citizen Privacy Service: An OSERA Reference Implementation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Citizen Privacy Service: An OSERA Reference Implementation

  2. Why a Citizen Privacy Service ? • National security requires an information sharing environment • An effective information sharing environment requires the same commitment to privacy as it does information sharing and data mining • Evidence: TIA shutdown due to public perception • Citizen Privacy Service ensures privacy by applying same technologies to privacy that are used in information sharing and data mining

  3. Pending Legislation … • S. 236 Federal Agency Data Mining Reporting Act of 2007 • S. 239 Notification of Risk to Personal Data Act of 2007 • S. 495 Personal Data Privacy and Security Act of 2007 • H.R. 516 Federal Agency Data Privacy Protection Act • H.R.958 Data Accountability and Trust Act

  4. CBO says … • On May 17, 2007 CBO reported to the Senate Judiciary a Congressional Budget Office Cost Estimate, that implementing the provisions of S. 495 would cost: • 2008 - $30m • 2008 – 2012 - $335m • S. 495 contains intergovernmental mandates as defined in the UMRA , but the cost of compliance would not exceed the threshold of $66m in 2007 • CBO could not estimate the incremental cost of complying with S. 295

  5. What’s GSA’s Role in S. 495 ? • (a) In General- In considering contract awards totaling more than $500,000 and entered into after the date of enactment of this Act with data brokers, the Administrator of the General Services Administration shall evaluate-- • (1) the data privacy and security program of a data broker to ensure the privacy and security of data containing personally identifiable information, including whether such program adequately addresses privacy and security threats created by malicious software or code, or the use of peer-to-peer file sharing software; • (2) the compliance of a data broker with such program; • (3) the extent to which the databases and systems containing personally identifiable information of a data broker have been compromised by security breaches; and • (4) the response by a data broker to such breaches, including the efforts by such data broker to mitigate the impact of such security breaches.

  6. What is the Citizen Privacy Service ? • An open source work in progress that includes … • A technical architecture • An OWL-DL ontology of the U.S. Privacy Act of 1974 • A policy decision point that checks the satisfiability of a request for the disclosure of personally identifiable information • A policy enforcement point that returns to the service requestor information provenance that increases assurance of privacy enforcement in an information sharing environment

  7. For more information … • Please read Information Flow in the Federal Enterprise Redux: Governing Federations, Sharing Information and Ensuring Privacy

More Related