Last Tuesday, President Barack Obama directed his administration to implement a Cybersecurity National Action Plan (CNAP), that in the White House’s words, “takes near-term actions and puts in place a long-term strategy to enhance Cybersecurity awareness and protections, protect privacy, maintain public safety as well as economic and national security, and empower Americans to take better control of their digital security.”  The action by President Obama comes on the heels of the recent publishing of thousands of FBI and Homeland Security employees’ contact information by hackers.

A Commission on Enhancing National Cybersecurity is being formed as part of CNAP.  According to the White House, the Commission will be comprised of top “strategic, business, and technical thinkers from outside of Government – including members to be designated by the bi-partisan Congressional leadership.” 

As part of the CNAP, President Obama also issued Executive Order 13719, which created the Federal Privacy Council.  According to the Executive Order, the Privacy Council will be the “principal interagency forum to improve the Government privacy practices of agencies and entities acting on their behalf.”  The intent is to have the Privacy Council help “Senior Agency Officials for Privacy at the various governmental agencies to better collaborate and coordinate activities as well as to educate the federal workforce.”  The Executive Order established the Deputy Director for Management of the Office of Management and Budget as the Chair of the Privacy Council.  Along with the Chair, the Privacy Council will be comprised of the Senior Agency Officials for Privacy for multiple departments and agencies, including the Department of State, Treasury, Defense, Justice, Interior, Commerce, Agriculture, Health and Human Services, Homeland Security, Transportation, Energy and Education.  As such, the Privacy Council will be comprised of the Senior Privacy Officials from each of the largest and most significant federal agencies.

The Privacy Council will be charged with tasks, including developing recommendations for the Office of Management and Budget on Federal Government privacy policies and requirements; coordinating and sharing best practices for protecting privacy and implementing privacy safeguards; and assessing and recommending how to best approach the hiring and training needs of the Federal Government with respect to privacy matters.

While the implementation of the Privacy Council provides hope for the coordination on privacy matters across the Federal Government, the Executive Order will only be implemented subject to the availability of appropriations.  To that end, the President’s budget requests $19 Billion for Cybersecurity funding, with $3.1 Billion of that amount set-aside to replace outdated information technology systems.

The message to all businesses is that the Federal Government is responding to the reality that it has to do more to protect not only its own information, but also to lead as a resource for businesses and individuals on Cybersecurity and privacy issues.  We will continue to provide updates as these initiatives progress.