GAO official cites privacy risk in data-mining efforts

Federal agencies are falling short in protecting privacy when performing data mining, according to congressional testimony from a senior Government Accountability Office official.

Both data mining'in which large amounts of data from different sources are aggregated, searched and analyzed'and radio-frequency identification technologies are raising privacy concerns, Linda Koontz, director of information management issues for GAO, said in testimony before the House Judiciary Subcommittee on Commercial and Administrative Law yesterday.

Koontz added that although agencies that use data mining took many necessary steps, including issuing public notices, to protect privacy, none of them followed such key procedures as including in the notices the intended use of the information.

Furthermore, Privacy Impact Assessments performed on federal data-mining efforts are not meeting Office of Management and Budget guidance, Koontz said. Out of five federal data-mining efforts assessed, only three had conducted privacy impact assessments, and none had complied fully with OMB guidance, she said.

As for RFID, while common applications, such as inventory control, are acceptable, the potential use of RFID to track travel movements of people is likely to generate privacy concerns, Koontz said.

Using RFID, a person's movements can be monitored in real time by tracking devices that someone carries. The same RFID can be used to assemble profiles of people, based on their movements and transactions over a period of time, to ascertain information about their habits, Koontz said.

A third concern over RFID is potential mission creep, in which a narrowly defined operation inadvertently expands to a much broader'and potentially invasive'mission.

GAO has previously reported that federal officials are uncertain about how to apply privacy protections to the collection and use of personal information obtained from commercial sources, including information resellers.

Alice Lipowicz is a staff writer for Government Computer News' sister publication, Washington Technology.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

inside gcn

  • health data

    Improving the VA patient journey with data transparency

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group