Report calls for privacy safeguards on sensitive info
- By Heather Harreld
- May 11, 1997
Balancing personal privacy without stifling the free flow of information in the digital environment may require the creation of a federal privacy entity according to an Office of Management and Budget report released late last month.
The report released by OMB on behalf of the Information Policy Committee of the National Information Infrastructure Task Force details federal options to heighten privacy safeguards to protect government databases that contain sensitive data including medical records tax documents and financial records.
While Congress has enacted legislation such as the Privacy Act and the Freedom of Information Act designed to protect widespread public access of sensitive data the report criticizes the current federal system of data protection as a " 'paper tiger ' with significant enforcement and remedial deficiencies."
OMB officials could not be reached for comment by press time.
Establishing a dedicated federal entity to promote privacy protection would likely create an agency whose mandate would be proactive and which would be armed with adequate tools to enforce regulations according to the report. The report also notes that creating a new agency could produce a duplication of efforts now performed by other agencies such as the Federal Trade Commission's regulatory authority to protect consumers and the Federal Reserve's authority with respect to banking.
'Keystone' to Privacy Protection
Marc Rotenberg director of the Electronic Privacy Information Center said a federal privacy coordinating office is the "keystone" to privacy protection. "For the most part the White House has been kicking this issue around and not taking it seriously " Rotenberg said. "They were fairly realistic [in this report] about the fact that there are significant holes in the U.S. privacy realm today."
Rotenberg noted however that the report's major weakness is the lack of mention of encryption technology which could be used as a privacy safeguard. Encryption technology is a hotly debated topic among law enforcement authorities who want the ability to decrypt data for criminal investigations and privacy advocates who object to this access.
The report also offers other options. Agencies could follow the lead of the Department of Health and Human Services and the Internal Revenue Service and establish their own privacy offices with formal privacy advocates to consider the privacy implications of agency practices the report suggests.
Other options presented include:
* Formal adoption by the government of privacy rules designed to foster privacy protection.
* OMB direction for agencies to incorporate privacy rules into information management and procurement practices.
* Creation of a nonfederal privacy entity.
* Creation of a federal entity with no regulatory authorization.