Skip banner
HomeHow Do I?Site MapHelp
Return To Search FormFOCUS
Search Terms: personal w/5 information w/5 privacy, House or Senate or Joint

Document ListExpanded ListKWICFULL format currently displayed

Previous Document Document 4 of 261. Next Document

More Like This
Copyright 2000 Federal News Service, Inc.  
Federal News Service

October 11, 2000, Wednesday

SECTION: PREPARED TESTIMONY

LENGTH: 2222 words

HEADLINE: PREPARED TESTIMONY OF SALLY KATZEN DEPUTY DIRECTOR FOR MANAGEMENT OFFICE OF MANAGEMENT AND BUDGET
 
BEFORE THE HOUSE COMMITTEE ON COMMERCE SUBCOMMITTEE ON TELECOMMUNICATIONS, TRADE, AND CONSUMER PROTECTION

BODY:
Mr. Chairman and members of the Committee, I thank you for inviting me here today to discuss the important topic of privacy on government web-sites. As you know, protecting the privacy of American citizens is a very high priority for this Administration. We have worked hard to ensure that fundamental privacy protections are properly safeguarded as our government, and society at large, moves into the Digital Age. Nowhere is this task more important than in the federal government's obligation to continue to protect the privacy and confidentiality of the personal information that it maintains, and, now, to protect the privacy of individuals in their interactions with the government over the Internet. Today the federal government is increasingly becoming an electronic government, full of new opportunities to provide services and information to the public quickly, easily, and when the public wants them. But as you, Mr. Chairman, and so many others here have noted, we must be vigilant to ensure that personal privacy protections remain constant or are improved in the process of this transformation. I am proud to be able to testify today about the success of this Administration in meeting this challenge - in taking major steps to boost the level of privacy afforded to American citizens when they access the government electronically. Without doubt, we have more to learn as a government. In this time of revolutionary changes in technology and information flows, all organizations do, no matter their size. But I am confident that we have achieved significant progress, and are clearly heading in the right direction in this critical area.

To understand the recent General Accounting Office reports on the privacy practices of federal agencies on-line, it is helpful to put them in their proper context and history. First, there is the Privacy Act of 1974, which for over a quarter of a century has afforded Americans strong legal protections for personal information stored in government systems of records -o no matter if they exist in paper or electronic form. These protections include notice, prohibitions on the unauthorized release of your personal information, the ability to access your own records, the ability to change errors in your records, and security safeguards, among other protections.

While this Act provides the bedrock privacy protections for Americans in their relations with the government, changes in technology -- most notably the dramatic increase in Internet access to the government -- have produced a different world than existed in 1974. To keep current with meaningful privacy protections, the Office of Management and Budget has augmented the Privacy Act provisions with policy guidance, and the agencies' response, I believe, has been outstanding.

For example, in April 1999, a study revealed that just over one-third of federal agencies had privacy policies clearly posted on their main web pages. In June 1999, OMB Director Jacob J. Lew issued a memorandum to all agency heads directing them to post clearly labeled and clearly written privacy policies on their web-sites by September 1, 1999. Director Lew told agencies then, "We cannot realize the full potential of the web until people are confident we protect their privacy when they visit our sites."

The message was received by federal agencies. The General Accounting Office confirmed this result in a review conducted in April of 2000 and released on September 5, 2000 ("the first GAO report"). This GAO study found that 69 of 70 principal agency web-sites had a privacy policy posted on their sites -- and all 70 did within days of the report's release. Even more impressive, the GAO identified 2,692 major Web-site points of entry to six federal government agencies. These are sites where the largest number of citizens interact with the Federal government. Of the sites they reviewed, GAO found that only nine lacked privacy policies. This record of progress is impressive, and, I believe, it is an accurate picture of the state of Federal privacy policies on-line. It is a story of working rapidly, across the expansive federal government and across thousands of web-pages, to ensure that citizens' privacy is protected when they choose to visit the federal government over the Internet.

As part of our continuing efforts in the area, OMB Director Lew issued another memorandum this June to further enhance privacy protections on federal web-sites. Director Lew directed that cookies will not be used on Federal web-sites, except under very limited conditions. He also made clear, as a matter of Federal policy, that agencies are to comply with the standards of the Children's Online Privacy Protection Act, even though Congress did not include the Federal Government within the scope of that law. In addition, he directed each agency to describe its privacy practices and the steps taken to comply with Administration privacy policies in its budget submissions this fall to OMB. In this way, good privacy protection gets built into the budget process, emphasizing to everyone in the Government the importance of assuring citizen privacy.

These efforts to boost privacy safeguards have extended to areas beyond the federal government's practices on-line, as the Administration has supported strengthening citizens' legal privacy protections in such areas as medical information, financial records, genetic information, and Social Security numbers. These are categories of sensitive data that require protection in both the public and private sectors.

In light of this record of significant achievement, you may well ask why GAO reached the conclusions that it did about the Federal agencies' compliance with the fair information practices written by the Federal Trade Commission for commercial web-sites (the second GAO report). The answer, I believe, has more to do with the questions that were asked than the practices reported. Specifically, the Administration pointed out to GAO staff in the course of that study that the study was misdirected and that the answers to the study's questions would be misleading.

GAO also has reported that the FTC independently expressed concern that its methodology was "inappropriate for use in evaluating federal web site privacy policies."

The central premise of this particular study was apparently that the FTC formulation of fair information practices for commercial web-sites could appropriately be used to measure the privacy protections of government web-sites. We think it cannot. As noted, the FTC practices were designed for the private sector, where the Privacy Act and OMB policy do not apply. This is an important difference between commercial companies and federal agencies, even though both the government and businesses often use web-sites for the same core purposes: to provide information to consumers and to provide services to the public. The fact that there is no law establishing privacy protections for individuals in the commercial arena led the FTC to stress the need for those web-sites to make clear statements as to their privacy protections. The FTC does the same -- that is, require clear statements -- about commercial web-site policies with respect to access and security practices. It is through these statements that these companies can be held accountable.

Government web-sites, by contrast, do not have to make any representations to be held accountable. The Privacy Act establishes - in the most public way possible - the standards to which citizens can hold federal agencies accountable and exactly how they can hold agencies accountable. Thus, the test of whether a federal web-site provides privacy protection is not whether it includes statements that make it compatible with commercial practices, but rather whether good privacy protections are in place. The first GAO report confirmed that they are:

When government web-sites were measured against government privacy standards, the results were impressive.

In this Information Age, it is critical that the federal government continues to use technology to keep the public informed and to provide services for the public. The launch of the Federal government's FirstGov web-site on September 22 was a major step to enable easy access to government resources on-line. In this and many other ways, the need for privacy protection on-line - and the need for public confidence in the Federal government's on-line privacy standards - is expected to only increase in the years ahead. It would be most unfortunate if any misleading conclusions as to the state of privacy on federal web-sites interfered with our common goal of achieving an electronic government with full public participation.

As I said before, the federal government can, and should, continue to improve in its protection of the privacy of those individuals who access government web-sites. The first GAO report pointed out that we could do a better job of posting privacy policies at specific Federal web pages where a substantial amount of personal information is collected. That report also made recommendations about how OMB might provide clearer guidance to agencies, and we are working with the Federal CIO Council to respond to those recommendations. Beyond that, I think that we will learn much from the privacy materials included with the agency FY 2002 budget submissions to OMB. At the same time, I would again emphasize that the Administration's record on privacy protection in this area is strong, with a resolute commitment to safeguard personal privacy.

I thank you, Mr. Chairman, for holding this hearing today and for inviting me to testify. I look forward to continuing to work with you and the other members of this committee in making the federal government a model of good privacy practices.

END

LOAD-DATE: October 21, 2000




Previous Document Document 4 of 261. Next Document


FOCUS

Search Terms: personal w/5 information w/5 privacy, House or Senate or Joint
To narrow your search, please enter a word or phrase:
   
About LEXIS-NEXIS® Congressional Universe Terms and Conditions Top of Page
Copyright © 2002, LEXIS-NEXIS®, a division of Reed Elsevier Inc. All Rights Reserved.