Privacy Act II

Some privacy rights advocates cheered the Senate Appropriations Committee for threatening hundreds of millions of dollars in State Department funding if the agency does not improve data protections for a passport record system. However, the debate continues about whether lawmakers need to rewrite privacy rules to accommodate new technologies.

Privacy advocates and some lawmakers were up in arms in March when news broke that that three contractors and a State employee snooped into the passport files of three presidential candidates, which violated the 1974 Privacy Act. That law defines what the government can and cannot do with an individual’s personal information. 

The violations and an ensuing investigation led State’s inspector general to make 22 recommendations this month for how the agency’s Bureau of Consular Affairs should improve security to its passport information database.

Meanwhile, appropriations committee members approved a funding measure this month that threatened to withhold about $400 million from State in fiscal 2009 if the department does not implement all of the IG’s recommendations.

Marc Rotenberg, the executive director of the Electronic Privacy Information Center, said he thought the committee was sending a powerful message and that it was important to hold agencies accountable when breaches occur.

However, Rotenberg and other privacy experts say that the Privacy Act also needs to be updated.  
Peter Swire, a law professor at The Ohio State University who served as a top privacy officer in the Clinton administration, said clarifications are needed as to how the privacy law defines an agency. He said clarifications are also needed regarding “routine use” exceptions, which allow individuals’ information to be shared if the reason is compatible with the purpose for which it was originally collected.

Barry Steinhardt, director of the Technology and Liberty Project at the American Civil Liberties Union, said significant changes are needed to the 1974 law.

“The Privacy Act is a total anachronism,” he said. “It’s almost 35 years old — it needs to be rewritten for the 21st century.”

About the Author

Ben Bain is a reporter for Federal Computer Week.

Featured

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.