Introducing the Chief Privacy Officer


As perhaps my readers may have heard, I’m assuming a new role at Wayne State—Information Privacy Officer. If you’re an avid reader of my posts you will probably realized that privacy, particularly internet privacy, has been an interest of mine for several years. As privacy becomes an increasingly important concern around the world, universities are appointing a Chief Privacy Officer (CPO) whose ‘portfolio’ is ensuring that the personal data entrusted to the university is properly protected, and who is an evangelist for the importance of safeguarding our privacy not only at work but in our lives in general.

I will continue to write this blog, occasionally commenting on other, non-privacy-related topics. These will include C&IT initiatives that will impact your work at Wayne and ways in which the new electronic world have affected various aspects of scholarship (such as copyright and open source publishing). However,  I will be increasingly focusing my interest on the problem of our identity data and the forces that threaten to steal it or profit from it without our consent.

So what are privacy issues? At a university it includes such simple issues as having controls in place covering which employees are able to view social security numbers (there is, just to set your mind at ease, a ‘mask’ in the relevant field in Banner for everyone other than those who actually need to see SSN’s in order to do their jobs), but also making sure that the websites that accept credit cards have the correct legally-required controls on what machines they run on and how they are connected to the bank (a set of rules known as PCI-DSS, in case you’re interested).

But it also includes ways of keeping us safe as individuals, such as giving guidance on privacy settings on Facebook and other social networking sites, as well as reminding folks not to tweet that they’re on a riverboat on the Zambezi, especially if there’s no one staying in their house.

And it also means keeping track of national privacy issues (such as whether our federal government is, or ought to be, vacuuming up all our phone call records, and what happens to EZ-Pass records) and even international ones, such as the fact that the European Court of Justice has told European countries they may not store European citizens’ data in American-owned websites because of the Snowden revelations. Here’s a recent story about how this has impacted Facebook.

I will be blogging about several of these issues over the coming months. In addition, look for a couple of campus-wide events highlighting some of these issues in the coming months. One, on protecting privacy while doing ‘big data’ research on student performance at universities is tentatively scheduled for January 26.