Strengthening Homeland Innovation to Emphasize Liberty, Democracy, and Privacy Act or SHIELD Privacy Act - Directs the President to designate a senior official within the Office of Management and Budget as the Chief Privacy Officer, who shall have primary responsibility for privacy policy throughout the Federal Government.
Directs the head of each department and independent agency in the executive branch to appoint a senior official of the department or independent agency, respectively, to assure primary responsibility for privacy policy. Requires the official appointed for the department or independent agency to: (1) assess the impact on privacy of each proposed action of the Department or agency that will require collecting, using, or accessing personally identifiable information from ten or more persons; and (2) make the results of such assessments publicly available through the Department's web site.
Establishes the Commission on Privacy, Freedom, and Homeland Security to conduct a legal and factual study relating to U.S. efforts to further homeland security in a manner that protects privacy, civil liberties, and individual freedoms. Requires the Commission to: (1) conduct at least two field hearings in the five geographical regions of the United States; and (2) appoint a Director. Instructs the Commission to arrange with the National Research Council of the National Academy of Sciences for assistance in studying specified matters respecting such study, including the impact of Federal legislation enacted since September 11, 2001, or pending before Congress, on civil liberties.
Terminates the Commission 30 days after the Commission submits a report of its findings, recommendations, and conclusions.
[Congressional Bills 108th Congress]
[From the U.S. Government Publishing Office]
[H.R. 4414 Introduced in House (IH)]
108th CONGRESS
2d Session
H. R. 4414
To require designation of a senior official within the Office of
Management and Budget as the Chief Privacy Officer, and for other
purposes.
_______________________________________________________________________
IN THE HOUSE OF REPRESENTATIVES
May 20, 2004
Mr. Meek of Florida (for himself, Mr. Turner of Texas, Mr. Thompson of
Mississippi, Ms. Loretta Sanchez of California, Mr. Markey, Mr. Dicks,
Mr. Frank of Massachusetts, Mr. Andrews, Ms. Norton, Ms. Lofgren, Ms.
McCarthy of Missouri, Ms. Jackson-Lee of Texas, Mrs. Christensen, Mr.
Langevin, Mr. Sandlin, Mr. Matsui, Mr. Skelton, Mr. Hastings of
Florida, Mr. Green of Texas, Mrs. Capps, Mr. Nadler, Ms. Roybal-Allard,
Ms. Eddie Bernice Johnson of Texas, Mrs. Maloney, Mr. Wynn, and Ms.
Kilpatrick) introduced the following bill; which was referred to the
Committee on Government Reform
_______________________________________________________________________
A BILL
To require designation of a senior official within the Office of
Management and Budget as the Chief Privacy Officer, and for other
purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Strengthening Homeland Innovation to
Emphasize Liberty, Democracy, and Privacy Act'' or the ``SHIELD Privacy
Act''.
SEC. 2. FINDINGS.
The Congress finds the following:
(1) The protection of our Nation's civil liberties and
privacy is fundamental to the American way of life.
(2) Strengthening our homeland security ensures that our
way of life and the rights protected by the Constitution remain
intact.
(3) In developing homeland security initiatives, our
Government must take care to protect fundamental constitutional
rights and strive to minimize unnecessary impositions on the
freedoms and privileges enjoyed in the United States.
(4) As governments develop and employ new technologies and
gather information from the private sector for homeland
security efforts, they must ensure that our society's
constitutional guarantees relating to privacy, due process, and
civil liberties are protected.
SEC. 3. CHIEF PRIVACY OFFICER.
(a) Designation.--The President shall designate a senior official
within the Office of Management and Budget as the Chief Privacy
Officer, who shall have primary responsibility for privacy policy
throughout the Federal Government.
(b) Specific Responsibilities.--The responsibilities of the Chief
Privacy Officer shall include the following:
(1) Assuring that the technologies procured and use of
technologies by the Federal Government sustain, and do not
erode, privacy protections relating to the use, collection, and
disclosure of personally identifiable information.
(2) Assuring that personally identifiable information
contained in systems of records (as that term is defined in
section 552a of title 5, United States Code, popularly known as
the ``Privacy Act of 1974'') is handled in full compliance with
fair information practices required under that section.
(3) Evaluating legislative and regulatory proposals
involving collection, use, and disclosure of personally
identifiable information by the Federal Government.
(4) Exercising responsibility currently vested in the
Director of the Office of Management and Budget with respect to
privacy impact assessment rules, regulations, and oversight
under section 208 of the E-Gov Act of 2002 (44 U.S.C. 3501
note).
(5) Preparing an annual report to the Congress containing
an agency-by-agency analysis of Federal activities that affect
privacy, including complaints of privacy violations,
implementation of section 552a of title 5, United States Code,
internal controls, and other matters.
(c) Agency Information.--The head of each Federal agency shall
provide to the Chief Privacy Officer such information as the Chief
Privacy Officer considers necessary for the completion of the annual
reports under subsection (b)(5).
(d) Report by Secretary of Homeland Security.--Section 222(5) of
the Homeland Security Act of 2002 (6 U.S.C. 142(5)) is amended by
striking ``Congress'' and inserting ``the chief Privacy Officer of the
Office of Management and Budget''.
SEC. 4. PRIVACY POLICY OF DEPARTMENTS AND INDEPENDENT AGENCIES.
(a) Officials Responsible for Privacy Policy.--The head of each
department and each independent agency in the executive branch shall
appoint a senior official of the department or independent agency,
respectively, to assure primary responsibility for privacy policy,
including the following:
(1) Assuring that technologies procured and use of
technologies sustain, and do not erode, privacy protections
relating to the use, collection, and disclosure of personally
identifiable information.
(2) Assuring that personally identifiable information
contained in systems of records (as that term is defined in
section 552a of title 5, United States Code, popularly known as
the ``Privacy Act of 1974'') is handled in full compliance with
fair information practices required under that section.
(3) Evaluating legislative and regulatory proposals
involving collection, use, and disclosure of personally
identifiable information by the Federal Government.
(4) Conducting privacy impact assessments under subsection
(b).
(5) Ensuring that the department or agency protects
personally identifiable information and information systems
from unauthorized access, use, disclosure, disruption,
modification, or destruction in order to provide--
(A) integrity, by--
(i) guarding against improper information
modification or destruction; and
(ii) ensuring information nonrepudiation
and authenticity;
(B) confidentiality, by preserving authorized
restrictions on access and disclosure, including means
for protecting personal privacy and proprietary
information;
(C) availability, by ensuring timely and reliable
access to and use of that information; and
(D) authentication, by utilizing digital
credentials to assure the identity of users and
validate their access.
(6) Submitting an annual report to the Director of the
Office of Management and Budget on activities of their agencies
that affect privacy, including complaints of privacy
violations, implementation of section 552a of title 5, United
States Code, internal controls, and other matters.
(b) Privacy Impact Assessments.--
(1) Requirement.--The official appointed under subsection
(a) for a department or independent agency shall--
(A) assess the impact on privacy of each proposed
action of the Department or agency that will require
collecting, using, or accessing personally identifiable
information from 10 or more persons; and
(B) make the results of such assessments publicly
available through the World Wide Web site of the
Department.
(2) Matters considered.--Each assessment under this
subsection regarding a proposed action shall consider the
following:
(A) The type of any personally identifiable
information to be collected, used, or accessed by the
Department.
(B) Why such information will be collected, used,
or accessed.
(C) The intended use of such information.
(D) The persons with whom such information will be
shared.
(E) What notice or consent will be provided to
individuals regarding such information to be collected
or accessed, and how that information will be shared.
(F) How such information will be secured.
(G) Whether a system of records will be created for
purposes of section 552a of title 5, United States
Code.
(H) The method by which, extent to which, and rate
at which such collected information will be destroyed
or returned.
SEC. 5. COMMISSION ON PRIVACY, FREEDOM, AND HOMELAND SECURITY.
(a) Establishment.--There is established a commission to be known
as the ``Commission on Privacy, Freedom, and Homeland Security''.
(b) Duties of Commission.--
(1) In general.--The Commission shall conduct a
comprehensive legal and factual study relating to United States
efforts to further homeland security in a manner that protects
privacy, civil liberties, and individual freedoms.
(2) Matters to be studied.--The matters studied by the
Commission under paragraph (1) shall at a minimum include the
following:
(A) A review of whether Federal agencies are
properly assessing the privacy implications of new
homeland security technologies before implementing and
deploying such technologies.
(B) The impact of existing Federal and State
privacy statutes and regulations, legislation pending
before the Congress, and privacy protection efforts
undertaken by the Federal Government, State
governments, foreign governments, and international
governing bodies on homeland security.
(C) The impact of Federal legislation enacted since
September 11, 2001, or pending before the Congress, on
civil liberties.
(D) The likely effectiveness of existing
technologies for analyzing public and private sources
of data and information to identify terrorists and
prevent terrorist acts.
(c) Field Hearings.--
(1) In general.--The Commission shall conduct at least 2
field hearings in each of the 5 geographical regions of the
United States.
(2) Determination of regions.--For purposes of this
subsection, the Commission may determine the boundaries of the
5 geographical regions of the United States.
(d) Report.--
(1) In general.--No later than 24 months after the date on
which the Commission first meets, the Commission shall submit
to the President and the Congress a comprehensive report of the
Commission's findings, recommendations, and conclusions. Such
report shall include a summary of the report submitted to the
Commission by the National Research Council under subsection
(g)(9), and a summary of any other material relied on by the
Commission in the preparation of its report.
(2) Recommendations.--The report under paragraph (1) shall
include recommendations regarding the following:
(A) Steps Federal agencies should take when
considering new homeland security technologies to
ensure that privacy implications are adequately
considered before such technologies are implemented.
(B) Whether additional legislation is necessary to
reform or augment current laws and regulations relating
to privacy and homeland security, including specific
reform proposals and an analysis of the financial costs
of any proposed changes.
(C) Safeguards and protection that should be in
place when the Federal Government uses an individual's
personally identifiable information obtained from a
commercial database or a list for counterterrorism and
homeland security purposes.
(3) Additional report.--The Commission shall submit to the
Congress and the President, with the report under paragraph
(1), any additional report of dissenting opinions or minority
views by any member of the Commission.
(4) Interim report.--The Commission may submit to the
Congress and the President interim reports approved by a
majority of the members of the Commission.
(e) Structure of Commission.--
(1) Member and appointment.--The Commission shall be
composed of 10 members appointed as follows:
(A) 1 member appointed by the President, who shall
be the chairperson of the Commission.
(B) 1 member appointed jointly by the minority
leader of the House of Representatives and the minority
leader of the Senate, who shall be the vice chairperson
of the Commission.
(C) 2 members appointed by the majority leader of
the House of Representatives.
(D) 2 members appointed by the minority leader of
the House of Representatives.
(E) 2 members appointed by the majority leader of
the Senate.
(F) 2 members appointed by the minority leader of
the Senate.
(2) Qualifications of members.--The appointing authorities
under subsection (1) shall seek to ensure that the membership
of the Commission has a diversity of views and experiences on
the matters to be studied by the Commission, including views
and knowledge of law, civil rights and liberties, privacy
matters, homeland security, information technology, security,
database integration, and law enforcement.
(3) Date of appointment.--The appointment of the members of
the Commission shall be made not later than 30 days after the
date of the enactment of this Act.
(4) Terms.--Each member of the Commission shall be
appointed for the life of the Commission.
(5) Vacancies.--Any vacancy in the Commission shall be
filled in the same manner in which the original appointment was
made.
(6) Compensation; travel expenses.--Members of the
Commission shall serve without pay, but shall receive travel
expenses, including per diem in lieu of subsistence, in
accordance with sections 5702 and 5703 of title 5, United
States Code.
(7) Quorum.--A majority of the members of the Commission
shall constitute a quorum for purposes of conducting business,
except that 2 members of the Commission shall constitute a
quorum for purposes of conducting a hearing.
(8) Meetings.--
(A) In general.--The Commission shall meet at the
call of the Chairperson or a majority of its members.
(B) Initial meeting.--Not later than 45 days after
the date of the enactment of this Act, the Commission
shall hold its initial meeting.
(f) Director; Staff; Experts and Consultants.--
(1) Director.--
(A) Appointment.--Not later than 60 days after the
date of the enactment of this Act, the Commission shall
appoint a Director, without regard to the provisions of
title 5, United States Code, governing appointments to
the competitive service.
(B) Pay.--The Director shall be paid at the rate
payable for level III of the Executive Schedule
established under section 5314 of such title.
(2) Staff.--
(A) Appointment.--The Director may appoint such
staff as the Director determines appropriate, without
regard to the provisions of title 5, United States
Code, governing appointments in the competitive
service.
(B) Pay.--The staff of the Commission shall be paid
in accordance with the provisions of chapter 51 and
subchapter III of chapter 53 of title 5, United States
Code, relating to classification and General Schedule
pay rates, but at rates not in excess of the maximum
rate for grade GS-15 of the General Schedule under
section 5332 of that title.
(3) Experts and consultants.--The Director may procure
temporary and intermittent services under section 3109(b) of
title 5, United States Code.
(4) Detailees.--
(A) In general.--Upon request of the Director, the
head of any Federal department or agency may detail, on
a reimbursable basis, any of the personnel of that
department or agency to the Commission to assist it in
carrying out this Act.
(B) Notice.--Before making a request under this
paragraph, the Director shall give notice of the
request to each member of the Commission.
(g) Powers of Commission.--
(1) Hearings and sessions.--The Commission may, for the
purpose of carrying out this Act, hold hearings, sit and act at
times and places, take testimony, and receive evidence to carry
out its duties under subsection (b). The Commission may
administer oaths or affirmations to witnesses appearing before
it.
(2) Powers of members and agents.--Any member or agent of
the Commission may, if authorized by the Commission, take any
action which the Commission is authorized to take by this
section.
(3) Obtaining official information.--
(A) Requirement to furnish.--Except as provided in
subparagraph (B), if the Commission submits a request
to a Federal department or agency for information
necessary to enable the Commission to carry out this
Act, the head of that department or agency shall
furnish that information to the Commission.
(B) Exception for national security.--If the head
of a Federal department or agency determines that it is
necessary to withhold requested information from
disclosure to protect the national security interests
of the United States, the department or agency head
shall not furnish that information to the Commission.
(4) Mails.--The Commission may use the United States mails
in the same manner and under the same conditions as other
departments and agencies of the United States.
(5) Administrative support services.--Upon the request of
the Director, the Administrator of General Services shall
provide to the Commission, on a reimbursable basis, the
administrative support services necessary for the Commission to
carry out this section.
(6) Gifts and donations.--The Commission may accept, use,
and dispose of gifts or donations of services or property to
carry out this Act, but only to the extent or in the amounts
provided in advance in appropriation Acts.
(7) Contracts.--The Commission may contract with and
compensate persons and government agencies for supplies and
services, without regard to section 3709 of the Revised
Statutes (41 U.S.C. 5).
(8) Subpoena power.--
(A) In general.--If a Federal department or agency
or any other person fails to supply information
requested by the Commission, the Commission may require
by subpoena the production of the information. The
Commission shall transmit to the Attorney General a
written notice at least 10 days in advance of the
issuance of any such subpoena. A subpoena under this
paragraph may require the production of materials from
any place within the United States.
(B) Interrogatories.--The Commission may, with
respect only to information necessary to understand any
materials obtained through a subpoena under paragraph
(A), issue a subpoena requiring the person producing
such materials to answer, either through a sworn
deposition or through written answers provided under
oath (at the election of the person upon whom the
subpoena is served), interrogatories from the
Commission regarding such information. A complete
recording or transcription shall be made of any
deposition made under this paragraph.
(C) Certification.--Each person who submits
materials or information to the Commission pursuant to
a subpoena issued under subparagraph (A) or (B) shall
certify to the Commission the authenticity and
completeness of all materials or information submitted.
(D) Treatment of subpoenas.--Any subpoena issued by
the Commission under subparagraph (A) or (B) shall
comply with requirements for subpoenas issued by a
United States district court under the Federal Rules of
Civil Procedure.
(E) Failure to obey a subpoena.--If a person
refuses to obey a subpoena issued by the Commission
under subparagraph (A) or (B), the Commission may apply
to a United States district court for an order
requiring that person to comply with such subpoena. The
application may be made within the judicial district in
which that person is found, resides, or transacts
business. Any failure to obey the order of the court
may be punished by the court as civil contempt.
(9) Arrangements with national research council.--
(A) In general.--In carrying out its duties under
subsection (b), the Commission shall arrange with the
National Research Council of the National Academy of
Sciences for assistance in conducting the studies
required by the Commission under subsection (b)(2),
including performance of the analysis required under
subsection (b)(2)(C).
(B) Report.--The arrangements entered into under
(A) shall require that the National Research Council
submit a report to the Commission detailing the results
of its efforts no later than 15 months after the date
on which the Commission first meets.
(C) Use of funds.--Of amounts appropriated to carry
out this section, up to $750,000 shall be available to
the Commission to carry out this paragraph.
(h) Budget Act Compliance.--Any new contract authority authorized
by this section shall be effective only to the extent or in the amounts
provided in advance in appropriation Acts.
(i) Privacy Protections.--
(1) Destruction or return of information required.--Upon
the conclusion of the matter or need for which individually
identifiable information was disclosed to the Commission, the
Commission shall either destroy the individually identifiable
information or return it to the person or entity from which it
was obtained, unless the individual that is the subject of the
individually identifiable information has authorized its
disclosure.
(2) Disclosure of information prohibited.--Any individual
employed by an individual, entity, or organization under
contract to the Commission shall be considered an employee of
the Commission for the purposes of section 1905 of title 18,
United States Code.
(3) Proprietary business information and financial
information.--The Commission shall protect from improper use,
and may not disclose to any person, proprietary business
information and proprietary financial information that may be
viewed or obtained by the Commission in the course of carrying
out its duties under this section.
(4) Individually identifiable information defined.--For the
purposes of this section, the term ``individually identifiable
information'' means any information, whether oral or recorded
in any form or medium, that identifies an individual, or with
respect to which there is a reasonable basis to believe that
the information can be used to identify an individual.
(j) Termination of Commission.--The Commission shall terminate 30
days after submitting a report under subsection (d)(1).
(k) Authorization of Appropriations.--
(1) In general.--There is authorized to be appropriated to
the Commission $4,750,000 to carry out this Act.
(2) Availability.--Any sums appropriated pursuant to the
authorization in subsection (a) shall remain available until
expended.
<all>
Introduced in House
Introduced in House
Referred to the House Committee on Government Reform.
Referred to the Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census.
Llama 3.2 · runs locally in your browser
Ask anything about this bill. The AI reads the full text to answer.
Enter to send · Shift+Enter for new line