GAO official cites privacy risk in data-mining efforts

Federal agencies are falling short in protecting privacy when performing data mining, according to congressional testimony from a senior Government Accountability Office official.

Both data mining'in which large amounts of data from different sources are aggregated, searched and analyzed'and radio-frequency identification technologies are raising privacy concerns, Linda Koontz, director of information management issues for GAO, said in testimony before the House Judiciary Subcommittee on Commercial and Administrative Law yesterday.

Koontz added that although agencies that use data mining took many necessary steps, including issuing public notices, to protect privacy, none of them followed such key procedures as including in the notices the intended use of the information.

Furthermore, Privacy Impact Assessments performed on federal data-mining efforts are not meeting Office of Management and Budget guidance, Koontz said. Out of five federal data-mining efforts assessed, only three had conducted privacy impact assessments, and none had complied fully with OMB guidance, she said.

As for RFID, while common applications, such as inventory control, are acceptable, the potential use of RFID to track travel movements of people is likely to generate privacy concerns, Koontz said.

Using RFID, a person's movements can be monitored in real time by tracking devices that someone carries. The same RFID can be used to assemble profiles of people, based on their movements and transactions over a period of time, to ascertain information about their habits, Koontz said.

A third concern over RFID is potential mission creep, in which a narrowly defined operation inadvertently expands to a much broader'and potentially invasive'mission.

GAO has previously reported that federal officials are uncertain about how to apply privacy protections to the collection and use of personal information obtained from commercial sources, including information resellers.

Alice Lipowicz is a staff writer for Government Computer News' sister publication, Washington Technology.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected