Keeping it private

Related Links

"Shopping for data"

The federal government currently can't depend on commercial data to authenticate personal information for electronic transactions, a General Services Administration official said this week.

"If we're going to accept information that we’re going to rely on, it has to be based on the same structure for verifying claimed information," said David Temoshok, director of identity policy and management for GSA's Office of Governmentwide Policy. "Frankly, we're not there today."

Temoshok spoke June 1 at FCW Events’ Web-Enabled Government Conference. FCW Events is a unit of FCW Media Group, which owns Federal Computer Week.

Commercial information could be convenient for verifying transactions such as changes of address, but private sector data collection often falls short of federal privacy standards, Temoshok said.

"Is there sharing of information that is potentially beyond your control as the end user? Yeah, there is,” he said.

Federal agencies must follow the Privacy Act, which requires them to say they will disclose information to other agencies and give reasons for doing so, typically through publicized privacy impact assessments.

Government officials have taken years simply to verify citizens' own credentials online, Temoshok said.

Meanwhile, lawmakers appear ready to impose restrictions on the fast-growing and largely unregulated commercial database market, following a series of high-profile security breaches of late. The incidents revealed security and privacy holes at ChoicePoint and LexisNexis Group, two of the nation’s largest data aggregators.

The FBI buys information from data aggregators ChoicePoint, credit bureau reporting companies, Dun and Bradstreet, LexisNexis, the National Insurance Crime Bureau and Westlaw, which agents use mainly for convenience, FBI officials previously have said.

Recently, lawmakers asked the Government Accountability Office to investigate privacy concerns involving ChoicePoint and other database companies involved with federal contracts.

At the FCW conference, Charles Armstrong, chief information officer for Homeland Security Department Border and Transportation Security, said he could not comment on the government's use of information from specific vendors because of the GAO review. However, federal agencies generally have much more awareness of security than of privacy, Armstrong said.

Some privacy advocates said they support the government's use of commercial information for national security if it is controlled.

Nancy Libin, staff counsel for the Center for Democracy and Technology, said her group is particularly concerned about querying private sector databases for individuals' behavioral patterns.

"You have no reason to believe that they are engaged in terrorist activities except for that they fit a pattern of someone who might be engaged with that," Libin said. "Many people who aren't suspicious at all become suspicious because of the activities they are in engaged in."

Privacy is not just about keeping information secret, but also covers information that individuals disclose to others, Libin said. Privacy is about control, fairness and consequences, she said.


  • Acquisition
    Shutterstock ID 169474442 By Maxx-Studio

    The growing importance of GWACs

    One of the government's most popular methods for buying emerging technologies and critical IT services faces significant challenges in an ever-changing marketplace

  • Workforce
    Shutterstock image 1658927440 By Deliris masks in office coronavirus covid19

    White House orders federal contractors vaccinated by Dec. 8

    New COVID-19 guidance directs federal contractors and subcontractors to make sure their employees are vaccinated — the latest in a series of new vaccine requirements the White House has been rolling out in recent weeks.

Stay Connected