Just a few years ago, Wired.com proclaimed data “the new oil of the digital economy.” Big data is indeed transformative and in government it is unleashing a wave of innovative digital services. But more data has also raised the stakes on how to protect what states and localities collect from citizens. That responsibility increasingly falls on the shoulders of a new executive: the chief privacy officer (CPO).
While the role is still evolving, one person has already put her mark on the position and is setting the standard for privacy practices and policies in government. Ginger Armbruster is Seattle’s second CPO, and has moved quickly to strengthen and expand protection of the data collected by the city, while developing strategies that allow for the adoption of new digital services that serve everyone.
“It’s about our commitment to the people we serve and how we will handle their information,” Armbruster told Government Technology in 2018.
To meet this obligation, Armbruster and her staff have worked hard to build awareness about privacy as city workers go about their jobs. Rather than wait and react to problems as they arise, Armbruster has pushed to make privacy an integral part of program development and IT deployments.
Perhaps most challenging has been the growth in smart city applications launched by tech companies that trade free services for data about individuals. Armbruster says it’s important to question this business model. “I’m all for stuff that doesn’t identify people; let’s go for sensors,” she said. But services like bike- and scooter-sharing gather data that identifies individuals, which puts them in a different category. “It’s our responsibility to our citizens to ask about the data they collect.”
It’s Armbruster’s job to proactively address the unintended consequences that result from this kind of data collection. The best way to head off privacy problems before they occur is to institute a solid privacy program in city government, communicate to workers about data management best practices and set sound policy positions about third-party data collection. Her nuanced understanding of and approach to data privacy is showing others how to effectively take on these challenges.