Feds flunk Web privacy, GAO says

The federal government could do a better job of practicing the privacy habits that the Federal Trade Commission preaches for commercial Web sites, according to a General Accounting Office report released Tuesday.

The report, which three Republican lawmakers commissioned in June, applied the FTC's "fair information practices" recommendations to 65 federal government Web sites, including the FTC's own site. According to the report, only 3 percent of the sites contained "elements" of all four of the fair-information practices decreed by the FTC.

The FTC wants a law requiring e-commerce companies to give consumers "conspicuous" notice when personal information is collected, options on how their personal information can be used, a chance to see what the company has collected on them and assurances that their information will be kept secure.

The FTC's May report said that while commercial sites had made some progress, the four criteria were far from standard practice and needed to be codified by Congress.

"People with glass Web sites should not throw stones," said Rep. Richard Armey (R-Texas), the House majority leader, in a statement. In June, Armey and Reps. Billy Tauzin (R-La.) and Bob Goodlatte (R-Va.) wrote a letter to President Clinton and Vice President Al Gore charging that it would be "hypocritical for the federal government to mandate a standard on the private sector that it cannot itself meet."

The Clinton administration is dismissing the report as an invalid comparison of government and commercial Web sites. The administration says that use of personal information by federal Web sites is governed by the Privacy Act of 1974, a much tougher legal standard than the voluntary self-regulation employed by commercial sites.

"We believe that the statistics in this report are seriously misleading," said Peter Swire, the administration's chief privacy counselor.

Swire pointed to another GAO report released last week that found that 69 of 70 federal Web sites surveyed posted privacy notices. Swire said that the Privacy Act mandates that, with some exceptions, the federal government can't share personal data without the explicit consent of the individual, a stronger standard than that recommended by the FTC. Furthermore, Swire said, citizens have unfettered access to their data in government files.

For more Internet economy news, visit TheStandard.com. Story copyright 2000 The Industry Standard. All rights reserved. Distributed by IDG News Service.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.