Postal Service simplifying privacy

The U.S. Postal Service has reorganized how it collects and shares information on customers and is working to make its privacy notices more clear.

In keeping with the obligations of the Privacy Act of 1974, USPS has streamlined the collection of customer information by ensuring that each of its programs gathers the appropriate personal information, according to Zoe Strickland, USPS' chief privacy officer.

Previously, there was no consistency as to how USPS collected and used personal data. With improved data collection practices, Strickland said USPS officials have now turned their attention to translating the service's practices to customers in a detailed notice.

Ari Schwartz, associate director at the Center for Democracy and Technology, applauded the reorganization of what he called "haphazard collection." But the Postal Service's move raises a larger concern, he said: The Privacy Act simply needs to be updated.

With little policy guidance, agencies are left to individually interpret the outdated act and decide the best way to collect customer information and relay the privacy safeguards in notices.

"[The Postal Service] is doing the best they can, however there should be a larger discussion," Schwartz said.

USPS took a "big picture approach" in re-examining the collection of private information that is maintained in its records system, Strickland said. After determining what personal data USPS has and where it is maintained, Postal Service officials mapped its collection. From there, they were able to look at each customer practice and bring consistency to the data collection for each program.

For example, a customer may register for several products and services on the Postal Service's Web site. Instead of having to provide personal information for each, USPS' universal registration simplifies the process and ensures information is obtained and used correctly. A pop-up window will appear on the site to notify customers of USPS' data collection process.

"You need to review them to keep them up to date," Strickland said of the data sets. "You've really got to take a look at current trends in privacy and reflect that, and you've got to keep it current."

The Privacy Act requires federal agencies to publish notices describing the safeguards that keep personal information private. While there weren't major problems in the Postal Service's previous notices, Strickland said they needed improvement.

"You have to understand both the facts and the law," she said. "Some [notices] were fragmented and not as clear and standardized as they could be."

USPS is now in the process of clearly defining the Privacy Act and the core requirements around securing information.


  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected