The current Chief Privacy Officer of the Department of Homeland security, Sam Kaplan has proved to be effectively carrying out his role since his appointment. The role of a Chief Privacy Officer is a necessity in organizations due to the reliance on technology to store important organizational information. The change of nature of crime shifting to digital crime has seen incidences whereby data falls into the wrong hands. Financial damage occurs when data security is compromised which could lead to a company losing millions of dollars due to the breach of data security. Currently, private companies are investing in hiring a Chief Privacy Officer who is in charge of protecting data and ensuring privacy by securing an organization’s data. The United States first set up the CPO position in 1999. The firm Internet Advertising appointed Ray-Everett Church as the Chief Privacy Officer. This role made its mark in the in November 2000 when IBM appointed Harriet Pearson.
Sam Kaplan was appointed as the Chief Privacy Officer in the department of homeland security on the 24th of July 2017 by White House Chief of Staff John Kelly (“Kaplan named CPO at US Department of Homeland Security,” 2019). Jonathan Cantor had previously occupied the position as the acting CPO. The actual previous CPO was Karen Neuman who vacated the office in June 2016. Before the appointment, Sam Kaplan served as a senior field operations counsel, U.S Bureau of Alcohol, Tobacco, and Explosives. Sam Kaplan was also a counselor and part of the Privacy and Civil Liberties Oversight Board.
Samuel Kaplan has proved to be effective in his role as a Chief Privacy Officer. This is evident in an incident that occurred on May 10, 2017. The incident involved a breach of security of a criminal investigation that was taking place by the Department of Homeland Security in conjunction with the Office of the Attorney General. A copy of the investigation document was found to be in the hands of a former DHS employee. Sam Kaplan took charge to investigate the matter. He took action, and on the 3rd of January 2018, he sent letters to notify employees that the incident may indeed be a breach of privacy by in the DHS office.
After further investigations, Kaplan elaborated that the incidence as not as a result of external cyber-attacks. He further explained that evidence proves that the employees’ who suffered unauthorized entry into their personal information should not worry since that was not the goal of the attack. (Watt 2019) “The privacy incident did not stem from a cyber-attack by external actors, and the evidence indicates that affected individual’s personal information was not the primary target of the unauthorized exfiltration.” He said.
This is an indication that Sam Kaplan is proving to be effective by taking charge of matters of privacy in the Department of Homeland Security and also ordering investigations on matters that affect the privacy of sensitive information. Also, Kaplan offered over one-year free service to the employees who were affected. The employees were given the protection of their identities and credit monitoring.
Under the supervision of Sam Kaplan, the Department of Homeland Security put necessary precautions to put limitations on persons authorized to access information. This is in a bid to identify log in patterns that are peculiar in the system. Sam Kaplan is ensuring that an improvement of data security will be made as he plans of performing regular security checkups on the system and the operations of the Department of Homeland Security. Sam Kaplan gave employees guidelines on techniques that could be used to safeguard one’s identity.
A common question that arose from this investigation is the reason why it took so long to be concluded. Similar to other organizations and businesses are suffering from a cyber-attack (Laufman et al., 2017). Sam Kaplan had to work together with other investigation organizations as a security measure because the investigation was closely related to a criminal investigation. Sam Kaplan effectively investigated with the utmost privacy using forensic tools to analyze the personal data that had been accessed.
Referring to this case that Sam Kaplan handled, it can be depicted that he is effectively executing the role of Chief Privacy Officer by ordering investigations, giving information to the public and the paramount responsibility of ensuring the privacy of the employees’ personal information and the privacy of government operations.
The primary role of the Privacy Office is required to ensure privacy in the programs run in the department. Sam Kaplan is responsible for data security in the department of homeland security. He is in charge of the technologies that the department uses to protect personal information. Sam Kaplan ensures that the technology used does not leak departmental information.
The Chief Privacy Officer should ensure that the department follows the guidelines spelled out in the Privacy Act of 1994. The Privacy Act of 1994 is a guideline that illustrates how personal information should be distributed, maintained and used by the federal government.
Sam Kaplan is tasked with offering consultation services to the department on privacy matters, security measures that the department should uphold to ensure the department’s programs and policies are not made public to non-members of the Homeland Security.
The role of Sam Kaplan as a Chief Privacy Officer is to present an annual report containing departmental activities that could affect security. The Department of Homeland Security is in charge of several activities such as border control, cybersecurity, and emergency response. While performing these operations, it is important that the Chief Privacy Officer is aware of particular operations that may lead to a breach of security.
Authority to investigate is a role and responsibility of the Chief Privacy Officer. If a breach of security in the department occurs, Sam Kaplan has the authority to investigate the source of the threat to the department. Similarly, he oversees measurements set to ensure these kinds of incidences are reduced or eliminated. The following are the illustrations of the Chief Privacy Officer with authority given:
- Direct access to documentation in the department records, reports written and stored evidence of previous operations that are related to the position
- Make decisions based on the good judgment of investigations carried out in the Private Office (Chief Privacy Officer’s Authorities and Responsibilities. (2019).
The Freedom of Information Act of 1966 states that citizens are entitled to knowing the government’s activities. Sam Kaplan ensures that the citizens of the United States of America are aware of the operations of the government. Even though the Chief Privacy Officer should ensure this, knowledge shared to the public should be limited and not entirely given out because of the sensitivity of some information.
Homeland Security Act 2002 gives the Chief Privacy Officer with ensuring that the government and the department operate in transparency. The Department of Homeland security according to the 9/11 Commissions Act 2007 gives new control to the Chief Privacy Officer.
Before Sam Kaplan’s appointment as Chief Privacy Officer, Sam Kaplan has had numerous achievements to his name that have led to his appointment as the Chief Privacy Officer. Aside from being the Chief Privacy Officer of the Department of Homeland Security, Sam Kaplan is also the Chief Freedom Information Act (FOIA). Kaplan is in charge of the operations that are carried out by FOIA.
Mr. Kaplan has learned concerning matters of Homeland Security. (“Sam Kaplan,” 2019) He has a Master of Arts in international studies, and graduate certificate graduated from the University of Denver. Additionally, Kaplan has a graduate of the Metropolitan State College Denver with a Bachelor of Arts degree in economics and history. Kaplan has worked at the United States Department of Justice. He has previously served as a prosecutor in the Office of the Attorney General prosecuting drug-related crimes.
Sam Kaplan as a Chief Privacy Officer is effectively carrying out his duty. He is upholding in the DHS. Also, Kaplan’s education as a Master graduate in Homeland Security and his experience working in the Justice system has proved to be a relevant experience for him in his responsibility of carrying out investigations.
Chief Privacy Officer’s Authorities and Responsibilities. (2019). Retrieved from https://www.dhs.gov/chief-privacy-officers-authorities-and-responsibilities
Kaplan named CPO at US Department of Homeland Security. (2019). Retrieved from https://iapp.org/news/a/kaplan-named-cpo-at-u-s-department-of-homeland-security/
Laufman, D. H., Newell, S., Reynolds, S., & Buchwald, M. (2017). Cyber incidents: How best to work with law enforcement. Cyber Security: A Peer-Reviewed Journal, 1(2), 102-115.
Sam Kaplan. (2019). Retrieved from https://www.dhs.gov/person/sam-kaplan
Waitt, T. (2019). DHS OIG Privacy Incident Involving PII of Employees & Investigative Data – American Security Today. Retrieved from https://americansecuritytoday.com/dhs-oig-privacy-incident-involving-pii-employees-investigative-data/