Report calls for privacy safeguards on sensitive info

Balancing personal privacy without stifling the free flow of information in the digital environment may require the creation of a federal privacy entity according to an Office of Management and Budget report released late last month.

The report released by OMB on behalf of the Information Policy Committee of the National Information Infrastructure Task Force details federal options to heighten privacy safeguards to protect government databases that contain sensitive data including medical records tax documents and financial records.

While Congress has enacted legislation such as the Privacy Act and the Freedom of Information Act designed to protect widespread public access of sensitive data the report criticizes the current federal system of data protection as a " 'paper tiger ' with significant enforcement and remedial deficiencies."

OMB officials could not be reached for comment by press time.

As a result information privacy protection efforts in the public and the private sector are sporadic and tend to be reactive rather than proactive the report concludes. It also notes that the United States lacks a centralized entity to drive the development of federal data privacy policy or direct traffic for the various policy initiatives now under way.

Establishing a dedicated federal entity to promote privacy protection would likely create an agency whose mandate would be proactive and which would be armed with adequate tools to enforce regulations according to the report. The report also notes that creating a new agency could produce a duplication of efforts now performed by other agencies such as the Federal Trade Commission's regulatory authority to protect consumers and the Federal Reserve's authority with respect to banking.

'Keystone' to Privacy Protection

Privacy advocates who are critical of the government's privacy policies said the report is significant because it recognizes the need for a federal entity to coordinate and design privacy policy.

Marc Rotenberg director of the Electronic Privacy Information Center said a federal privacy coordinating office is the "keystone" to privacy protection. "For the most part the White House has been kicking this issue around and not taking it seriously " Rotenberg said. "They were fairly realistic [in this report] about the fact that there are significant holes in the U.S. privacy realm today."

Rotenberg noted however that the report's major weakness is the lack of mention of encryption technology which could be used as a privacy safeguard. Encryption technology is a hotly debated topic among law enforcement authorities who want the ability to decrypt data for criminal investigations and privacy advocates who object to this access.

The report also offers other options. Agencies could follow the lead of the Department of Health and Human Services and the Internal Revenue Service and establish their own privacy offices with formal privacy advocates to consider the privacy implications of agency practices the report suggests.

Other options presented include:

* Formal adoption by the government of privacy rules designed to foster privacy protection.

* OMB direction for agencies to incorporate privacy rules into information management and procurement practices.

* Creation of a nonfederal privacy entity.

* Creation of a federal entity with no regulatory authorization.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.