Washington's Chief Privacy Officer Tackles Issues In 3 Broad Categories

Alex Alben views himself as more of an innovator than a watchdog.

by / October 27, 2016
Colin Wood/Government Technology

Midway through a discussion about data sharing, Washington state’s chief privacy officer (CPO) was asked if he finds himself having to put up a proverbial stop sign for new projects. “I don’t say ‘no,’ but ask ‘how?’” he replied.

Alex Alben’s nuanced view of a vexing issue in government IT circles reflects both his experience with data and privacy and the level of intelligence needed to steer IT policy in today’s digitally rich world. Protecting privacy can’t involve knee-jerk reactions to what may seem like a potential conflict involving data. Too many of government’s digital services and operations require data that may touch in some way on a person’s identity. Rather than just say no, Alben tries to take a holistic view of the problem. “I want to enable new services that use data,” he said, “and I want to enable them in a way that is respectful of privacy.”

Alben was appointed the state’s first CPO in April 2015, and in January 2016 an executive order was issued by Gov. Jay Inslee announcing the creation of a new Office of Privacy and Data Protection, which sits within the Office of the Chief Information Officer. While the CPO position is relatively new and is only one of a handful among states — four at last count — Alben is no stranger to privacy and technology.

Alben has more than 20 years of experience working with tech firms, and was the general counsel of Starwave Corp. and served in senior management at RealNetworks Inc., where he also held the position of chief privacy officer, one of the first CPO jobs in the country. He has lectured on intellectual property, entrepreneurship and technology issues, and wrote a book, Analog Days — How Technology Rewrote Our Future. Alben is a graduate of Stanford University and Stanford Law School.

State CIO Michael Cockrill calls Alben his unicorn. “How often can you find a Stanford Law graduate, with executive experience in private-sector IT, a published author, and [who will] come to do public service? It was a huge win for us.”

Alben’s decision to come to work with Cockrill may be a huge win for Washington, but he arrives at a time when the conflicts between privacy and technology are escalating. In a report issued earlier this year, the Pew Research Center found 91 percent of adults agree or strongly agree that consumers have lost control of how personal information is collected and used by companies. Americans also express a consistent lack of confidence about the security of everyday communications and the organizations that control them. These concerns come as state and local CIOs implement more sophisticated data sharing and analytics projects that continually raise questions about when and how data should be collected from citizens.


Washington CIO Michael Cockrill (left) urged the governor to create the role of chief privacy officer in the state. Cockrill calls Alben his “unicorn.” Photo by Colin Wood

While many states have had people involved with privacy issues for years, having a CPO reflects a new mindset within state government, according to Alben. “Washington is a tech leader among states in many respects, and the way to foster that kind of innovation means you need a point person on privacy,” he said.

Alben said his role and responsibilities fall into three broad categories.

First, there’s the internal focus, in which he looks at what state agencies are doing in respect to their privacy practices. This may involve Alben conducting privacy training for employees and annual reviews of privacy practices to get a baseline on what the state is doing overall, defining best practices and then advocating for them. “I see myself as a resource and a consultant to the people who work in the different agencies in areas that touch privacy,” he said.

Second, Alben focuses on the new technologies that the state wants to deploy and looks at any privacy implications they may raise. These range from telematics in fleet vehicles, which can precisely track their location, to drones, police body cameras and other types of geo-located devices. “My role is to develop policy guidelines for state use of new technologies,” he explained. Alben also looks at consumer-facing bills and gives the governor and state Legislature advice on the privacy aspects of the legislation.

Third, the CPO educates consumers on privacy. “People have very broad concerns, not just with the state, but with their own security and privacy, especially online privacy,” he said. One result has been the publication of a privacy guide for Washington state residents.

Data and Privacy Are Global Issues

Cockrill, who urged the governor to create a CPO position within the state, believes the high-level importance of privacy justifies having a C-level officer in charge of it. He pointed out that not only is privacy a state issue, but it also is a national and global issue as well. Washington also happens to have an advanced, tech-driven economy, whether it’s Microsoft, Amazon or Boeing, which builds some of the most technologically advanced jets in the world. Cockrill wants to be sure that the state government stays ahead on privacy and when it comes to policy. “Washington needs to take a leadership role [on this issue],” he said.

To ensure everyone is on the same page, Alben works closely with the state CIO and Chief Information Security Officer Agnes Kirk. “I engage with all the issues; when it comes to security, we don’t view it as a separate discipline,” said Alben. “We view privacy as advancing security and security advancing the cause of privacy.”

One of the advantages of having a CPO is the ability to look beyond the horizon. Privacy is an international topic, and Alben spends time looking at how privacy is playing out at the federal and global level. “Having to understand privacy on this scale is becoming more of a reality as data flows across state and national borders, thanks to cloud computing,” he said. “Having someone in the state aware of national and international law around privacy is important to the role of CPO.”

Cockrill acknowledges that having a CPO at the table has tended to raise more issues than would have been discussed before. But the extra scrutiny by Alben is a big benefit in the long run. “In the past, when we weren’t dealing with those issues, they were problems that hadn’t risen to the surface yet,” he said. Eventually the problems that Alben spots early on would be dealt with. “But it’s better to have an opportunity to deal with them early in the process, rather than later when they could be more of a problem.”

Having a seasoned executive with lots of experience dealing with privacy issues in the private sector means the issues he raises are significant. “But Alex can handle them,” added Cockrill.

Alben prefers to view his position more as an innovator than privacy watchdog. He mentions the good that comes out of analytics, making it important that he help agencies navigate their way into these new areas of technology while ensuring privacy practices and policies are followed.

“We really live in a new world, and the solutions that worked in the filing-cabinet era are not working today,” said Alben. “They are not scaling to the volume of data we are collecting and processing. It’s this kind of challenge that makes it such an exciting time to be working in this space.”

Tod Newcombe Senior Editor

With more than 20 years of experience covering state and local government, Tod previously was the editor of Public CIO, e.Republic’s award-winning publication for information technology executives in the public sector. He is now a senior editor for Government Technology and a columnist at Governing magazine.