Government Information Brokers Often Fail To Protect Privacy - InformationWeek
05:07 PM

Government Information Brokers Often Fail To Protect Privacy

Information resellers often fail to follow privacy protection guidelines when dealing with the federal government, according to the GAO.

Information resellers often fail to follow privacy protection guidelines when dealing with the federal government, and many do not believe the guidelines should apply when public records are involved.

That's the conclusion of a report the Government Accountability Office released Tuesday. Resellers' adherence to privacy protections was also the topic of a joint oversight hearing Tuesday.

The issue gained the attention of the GAO and members of Congress, in part because of dozens of high-profile data breaches last year, including one by Choicepoint Inc.

The Privacy Rights Clearinghouse, a consumer advocacy organization, reported that more than 52 million Americans have had their personal information jeopardized by data breaches since Feb. 15, 2005, when thieves set up bogus accounts using information obtained from ChoicePoint. The Federal Trade Commission recorded more than 685,000 consumer fraud and identity theft complaints in its database in 2005. Thirty-seven percent of all of the complaints were due to identity theft.

This week's GAO report states that information resellers are in conflict with fair information practices and other rules outlined in the Privacy Act of 1974. Those guidelines state that the collection and use of personal information should be limited.

"Resellers said they believe it is not appropriate for them to fully adhere to these principles because they do not obtain their information directly from individuals," the report stated.

"Resellers also limit the extent to which individuals can gain access to personal information held about themselves as well as the extent to which inaccurate information contained in their databases can be corrected or deleted."

Nevertheless, information resellers have taken steps to adhere to the guidelines, the report stated.

Still, Congress should establish policy to address agency use of personal information from commercial sources, according to the GAO.

During fiscal year 2005, the Department of Justice, Homeland Security, the Department of State and the Social Security Administration reported using personal information from resellers, mainly for law enforcement and counterterrorism. The information helped with criminal investigations, witness and fugitive location, asset identification, prescription drug fraud, immigration fraud and border screening. The agencies spent about $30 million on contracts with resellers. About 69 percent of the spending went toward law enforcement efforts, while 22 percent fell under the anti-terrorism category.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll