Yesterday, the Senate Homeland Security and Government Affairs Committee’s subcommittee on Oversight of Government Management held a hearing to consider updates to the Privacy Act of 1974. The Privacy Act of 1974 governs federal government agencies’ collection, use, and transfer of individuals’ personal information. In general, the Act limits federal agencies’ disclosure of such information
If the Bill receives Royal Assent and becomes law, the new Commissioner will supersede the current UK Information Commissioner and reflect a more holistic approach of protecting individual privacy in all of its aspects rather than regulating personal data alone.…
Government agencies maintain large quantities of information about individuals, covering everything from physical description to the person’s family life, property, political activity, employment history, criminal records, and health condition. In a light of a recent finding that reports of information-security incidents at federal agencies have increased more than 650 percent over the past five years, it is unsurprising that data-handling requirements for government entities and contractors are a subject of ongoing concern. A roundup of recent developments:
- A recent General Services Administration (“GSA”) cloud computing procurement solicitation attempted to address data security concerns by limiting the foreign countries where vendors’ servers could be located, but this requirement was rejected on October 17 as unduly restrictive. Noting that the GSA had failed to explain its basis for differentiating between acceptable and unacceptable locations, the Government Accountability Office (“GAO”) recommended that the solicitation be revised to reflect the agency’s actual needs.
- On October 18, Sen. Daniel Akaka (D-HI) introduced the Privacy Act Modernization for the Information Age Act of 2011 to strengthen privacy protections for government records. Among other things, the bill would create a federal chief privacy officer position, update penalties for violating the Privacy Act, and establish a centralized website for information about records maintained by individual agencies.