Departing DHS privacy officer says she had support from top

After 20 years of federal service, Maureen Cooney, acting chief privacy officer at the Homeland Security Department, is departing for a private sector law firm.

Cooney is leaving DHS Friday for Hunton and Williams in New York City, where she will be a senior policy adviser for global privacy strategies in the law firm's Center for Information Policy Leadership. She had previously signaled that she would leave federal service on her 20th anniversary.

In an interview with Government Executive, Cooney said senior officials in the DHS, including Secretary Michael Chertoff, supported her in advocating for privacy compliance across the department and that the DHS privacy office is becoming a model for other federal agencies.

"With any compliance function, people push back a lot," Cooney said. "My experience has really been support from the top -- which any entity would need, but for this office to work, you must have support from the top."

Cooney said since she joined the privacy office in January 2004, it has grown from a staff of three to more than 30. DHS officials have started following the office's guidance for conducting privacy impact assessments, and it has received cooperation in publishing easily understood notices regarding the creation of systems containing individuals' records, she said.

Through holding public forums on the government's use of information, the department has a better idea of the public's privacy expectations, Cooney said. Public meetings held by the data privacy and integrity advisory committee, which guides Chertoff on privacy issues, have helped elevate privacy issues within the department, she said.

"We try to be as transparent as possible," Cooney said. "When the government uses information, we want to know what it's for and how it's being taken care of."

Though Chertoff never named her as the chief privacy officer on a permanent basis, Cooney said she "always thought that [Chertoff] had a lot of confidence" in her.

"He has been nothing but supportive of me," Cooney said. "It's really the secretary's prerogative in filling this position … I think he wanted to look at both internal and external candidates."

Cooney, who stepped into the job after the first DHS chief privacy officer, Nuala O'Connor Kelly, left the department in late September 2005, previously was the privacy office's chief of staff and director of international privacy policy.

O'Connor Kelly, now the chief privacy leader at General Electric, said Cooney will be a tough act to follow and the nominee must be a respected privacy practitioner.

"She's really one of the upper echelons in the civil service," O'Connor Kelly said. Cooney's replacement must have a clear vision of DHS' ability to do its job effectively and also take privacy into account, O'Connor Kelley said.

Privacy experts contacted by Government Executive were nearly unanimous in their praise for Cooney, who worked previously for three years as legal adviser for international consumer protection and information privacy and security at the Federal Trade Commission. But they noted she held a very difficult position, especially since she had to follow in the footsteps of the highly regarded O'Connor Kelly.

The Transportation Security Administration's Registered Traveler and Secure Flight programs and Homeland Security's US-VISIT initiative for tracking visitors, among others, have raised privacy concerns that have yet to be resolved, experts said.

Marc Rotenberg, executive director of the Electronic Privacy Information Center, said Chertoff needs to make a clear statement on privacy issues and their place in agency decision-making.

Jim Harper, director of Information Policy Studies at the Cato Institute, said the new DHS privacy chief must be willing to offend colleagues. "The average privacy officer is going to be an apologist for an agency … the government has access to too much information because the government has too many responsibilities."

Jim Dempsey, policy director of the Center for Democracy and Technology, a Washington-based privacy advocacy organization, said while O'Connor Kelly had a direct relationship with then-DHS Secretary Tom Ridge, Cooney did not have that type of relationship with Chertoff.

Former Clinton administration officials were critical of Chertoff for failing to appoint a permanent chief privacy officer.

Peter Swire, former chief counselor for privacy under Clinton, said the fact that the position has not been filled on a permanent basis is evidence that "the Bush administration values surveillance more than privacy." Sally Katzen, a Clinton-appointed administrator of the Office of Information and Regulatory Affairs in the Office of Management and Budget, said the job is "virtually impossible for an acting official to perform."