Gore calls for top-down electronic privacy review

The Clinton administration last week announced a new plan that requires federal agencies to conduct a top-down review of their organizations' handling of electronic information that is protected by the Privacy Act.

Vice President Al Gore, speaking at New York University's commencement ceremony, unveiled the new plan, calling it an "electronic bill of rights for the Information Age."

Gore told the crowd that Clinton is requiring the entire federal government "to make sure we are doing everything possible to protect your personal information and to make it a priority across government."

The spawning of the "network-centric" world and the wider use of the Internet have made it easier to obtain private information that is collected by government agencies— such as medical records, driving records and credit information— without the knowledge or consent of the individual. "Today there is greater protection for your video rental receipts than for your most intimate medical information," Gore said.

Clinton last week signed a memorandum that directs agencies to appoint a senior official to assume responsibility for privacy policy review and to ensure that new information technologies "sustain, and do not erode, protections provided in all statutes relating to agency use, collection and disclosure of personal information."

The memorandum directs agency heads to pay "special attention to Internet and other electronic communications activities that may involve the collection, use or disclosure of personal information." It also calls for agencies to pay "special attention to changes in technology" to ensure that databases remain accurate, complete and up-to-date.

An administration official said agencies should be following the guidelines set forth in Clinton's memorandum regardless of whether the information is protected under the Privacy Act. "Privacy issues will crop up in virtually all agencies," the official said. But when sensitive information is shared with state and local governments and then is sold to the highest bidder, "that's a problem," he said.

David Banisar, staff council for the Electronic Privacy Information Center, criticized the plan, saying the administration's efforts amount to "about three steps from doing anything." Banisar said the administration should have created an independent organization that has more autonomy to conduct inspections and studies of how agencies manage private information that is stored electronically.

Gary Bass, executive director of the government watchdog group OMB Watch, said federal agencies have yet to work out the details of how they manage private information in the Electronic Age, and how they will interpret the review is not yet clear. "OMB has been absent on this issue," Bass said.

For example, Bass said, "agencies have done a miserable job" of complying with the 1996 Electronic Freedom of Information Act amendments, which required agencies to provide by last year online information about how to file Freedom of Information Act requests, copies of policy decisions, frequently requested materials, descriptions of agency information systems and other document locators. "There's a danger in solely approaching this from a privacy aspect. It's also an issue of public access," he said.