Feds hire privacy czar

In the “let’s hire a fox to watch the hen house” variety of news stories, the U.S. Department of Homeland Security has hired a “privacy czar.” Nuala O’Connor Kelly will be responsible for vetting proposals or programs that involve collecting and using U.S. citizens’ personal information.

While she is currently with the Department of Commerce, O’Connor Kelly was previously privacy chief (official title: vice president, data protection and chief privacy officer for emerging technologies) at DoubleClick, the often controversial advertising/pop-up/cookie-placing Web company. Go to https://www.washingtonpost.com/wp-dyn/articles/A39211-2003Apr16.html to read about the appointment and you’re first greeted by a DoubleClick pop-up ad before you can read the story.

O’Connor Kelly was hired by DoubleClick in mid-2000 after the company was sued by numerous state attorneys general for allegedly improperly storing and sharing private user data. She generally enjoyed a good relationship with privacy advocates – certainly a better relationship than anyone else at DoubleClick. But really, wouldn’t you be skeptical, if say, an ex-Microsoft exec was hired to oversee the Open Source community? This strikes me as being exactly the same thing.

On a separate note, there were quite a few announcements in the identity management arena at last week’s RSA conference (see the press releases at https://www.rsasecurity.com/ for starters). I’m trying to digest all that was announced by the RSA as well as other participants, and hopefully by next week I’ll be able to point out the most interesting items.

This week, I’m at the Emerging Technology conference put on by Tim O’Reilly and his gang (https://conferences.oreillynet.com/etcon/) which is always a hotbed of privacy and identity discussions. Talk to me if you’re there and read about the goings on in next week’s newsletters.

Novell’s BrainShare conference last week was surprisingly light on identity issues, although there were one or two interesting developments. Although announced and previewed last July, the actual releases of the Liberty identity provider for Novell eDirectory and the SAML extension for Novell iChain are just happening now, and only as prerelease versions for early adopters. Head to https://www.novell.com/liberty for the Liberty enabler and https://www.novell.com/products/ichain for the SAML extension (but not until after June 1).

Novell also announced a freely available server that makes Web services registries more secure and easier to manage by adding identity management capabilities to the Universal Description, Discovery and Integration (UDDI) standard. It’s the first product to be available through a new Novell sponsored Open Source Web site, https://forge.novell.com/ , which should be online when you read this.

That’s the current roundup of interesting news in the identity/privacy/security space. But if you know of anything else, let me know!