Agencies, data resellers skirt privacy rules: GAO

Several federal departments'notably Homeland Security and Justice'regularly buy access to personal information databases that do not comply with federal rules for protecting privacy, according to a new report from the Government Accountability Office.

The federal government spends about $30 million a year on contracts with data resellers that compile huge databases of personal information including names, phone numbers, addresses, Social Security numbers, financial records, assets and relatives' names.

About 91 percent of the federal purchases of such data in 2005 were for law enforcement and counterterrorism, primarily by the Justice and Homeland Security departments. The data was used for criminal investigations, locating witnesses, fraud detection and border screenings.

However, the resellers that sell the information to the government do not comply consistently with Fair Information Practices, the GAO said. As for the handling of that information, the agencies complied with privacy rules in half the cases examined, and did not comply in the other half.

Lack of guidelines on how to apply the privacy rules is also a problem.

'Contributing to the uneven application of the Fair Information Practices are ambiguities in guidance from the Office of Management and Budget regarding the applicability of privacy requirements to federal agency uses of reseller information,' the GAO said. 'In addition, agencies generally lack policies that specifically address those issues.'

The federal agencies 'lack robust audit mechanisms to ensure that use of personal information from information resellers is for permissible purposes,' the report said.

Alice Lipowicz is a staff writer for Government Computer News' sister publication, Washington Technology.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected