GAO official cites privacy risk in data-mining efforts

Federal agencies are falling short in protecting privacy when performing data mining, according to congressional testimony from a senior Government Accountability Office official.

Both data mining'in which large amounts of data from different sources are aggregated, searched and analyzed'and radio-frequency identification technologies are raising privacy concerns, Linda Koontz, director of information management issues for GAO, said in testimony before the House Judiciary Subcommittee on Commercial and Administrative Law yesterday.

Koontz added that although agencies that use data mining took many necessary steps, including issuing public notices, to protect privacy, none of them followed such key procedures as including in the notices the intended use of the information.

Furthermore, Privacy Impact Assessments performed on federal data-mining efforts are not meeting Office of Management and Budget guidance, Koontz said. Out of five federal data-mining efforts assessed, only three had conducted privacy impact assessments, and none had complied fully with OMB guidance, she said.

As for RFID, while common applications, such as inventory control, are acceptable, the potential use of RFID to track travel movements of people is likely to generate privacy concerns, Koontz said.

Using RFID, a person's movements can be monitored in real time by tracking devices that someone carries. The same RFID can be used to assemble profiles of people, based on their movements and transactions over a period of time, to ascertain information about their habits, Koontz said.

A third concern over RFID is potential mission creep, in which a narrowly defined operation inadvertently expands to a much broader'and potentially invasive'mission.

GAO has previously reported that federal officials are uncertain about how to apply privacy protections to the collection and use of personal information obtained from commercial sources, including information resellers.

Alice Lipowicz is a staff writer for Government Computer News' sister publication, Washington Technology.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected