An Examination of Global Municipal Government Privacy and Security Policies

Introduction

During the early stages of e-government, many public administrators, theorists and web-developers commonly subscribed to the belief that, “if it is built they will come.” This phrase simply suggests that well-designed and sophisticated e-government platforms will attract more users and increase citizen engagement and participation with government. It has become clear, however, that there are still barriers prohibiting citizen use of government websites. It is therefore important, that a careful examination of issues that inhibit e-government adoption by municipalities and use by their constituents are analyzed. The focus of this chapter is to examine privacy and security practices and policies within municipal governments around the world between the years 2005 and 2007. Specifically, what have been the trends, in terms of Internet privacy and security policy, among municipalities throughout the world? What privacy and security features have increased or decreased during this time period? Have municipal websites increased their focus on these issues to improve citizen engagement or monitor their behavior?

Our analysis examines the security and privacy of municipal websites in two key areas, privacy policies and authentication of users. In examining municipal privacy policies, we determine whether such a policy is available on every page that accepts data, and whether or not the word “privacy” is used in the link to such a statement. We are also interested if privacy policies identify the agencies collecting the information, and whether the policy identifies exactly what data is being collected on the site.

Next we check whether the website explicitly explains the intended use of data collected on the site, whether the privacy policy addresses its use by or sale to outside or third-party organizations, and if the site offers a user option to decline disclosure of personal information to third parties, including other municipal agencies, state and local government offices, or private sector businesses. We also examine privacy policies to determine whether third party agencies or organizations are governed by the same privacy policies as the municipal website and if users have the ability to review personal data records and contest inaccurate or incomplete information. Finally, we address managerial measures that limit access of data and assure that it is not used for unauthorized purposes. The use of encryption in the transmission of data, as well as the storage of personal information on secure servers, is also examined. In assessing how or whether municipalities use their websites to authenticate users, we examine whether public or private information is accessible through a restricted area that requires a password and or registration.

This chapter will utilize data compiled from the 2005 and 2007 Digital Governance in Municipalities Worldwide Surveys. The survey examines cities throughout the world based upon their population size, the total number of individuals using the Internet and the percentage of individuals using the Internet. The survey has been conducted every two years since 2003 and measures a total of 98 performance indicators including 20 privacy and security indicators. Privacy and security questions include whether the website has a privacy or security policy, does the website utilize digital signatures and if the website has a policy addressing the use of “cookies” to track users.