Thompson: Preliminary Reports Reveal Continued Agency Violations of Administration Privacy Policies

WASHINGTON, DC – Senate Governmental Affairs Committee Chairman Fred Thompson (R-TN) today announced preliminary results of Internet privacy reports revealing that some federal agencies are struggling to manage their Internet sites and data collection practices without violating Administration privacy policies. Although fewer than a third of the reports have been completed, Inspectors General have already found 64 federal agency Internet sites that used unauthorized permanent “cookies,” information-collecting devices whose use was restricted last summer by the Clinton Administration.

“The federal government should be setting the standard for privacy protection in the Information Age,” Thompson said, “One of the Bush Administration?s early priorities should be to address the previous Administration?s failure to comply with their own Internet privacy policy.”

According to Thompson, only a few Inspectors General were able to inspect all of their agency?s Internet pages, but most commented on the need to create and enforce agency-wide procedures for the maintenance of federal Internet sites. Other violations of Administration privacy policies that the IGs found in late 2000 and early 2001 include the following:

    The Education IG revealed that half of the Education Department?s Internet pages that collect personal information lack a posted privacy policy. Nine Internet pages were collecting e-mail addresses without the user?s knowledge.
    The Treasury IG found that 11 of the Treasury Department?s 30 main Internet sites were missing privacy policies. Nineteen major Internet sites weren?t even listed on the Treasury inventory of sites.
    The General Services Administration IG found an Internet site managed by a private contractor on which the contractor used a persistent cookie under an agreement that gave him ownership of all of the data collected by the cookie.

“I want to commend the Inspectors General from these agencies on the work that they?ve done so far. Their efforts are helping us eliminate cookies and bring the websites into compliance with privacy policies,” Thompson said.

The Internet privacy reports were required by the Treasury-Postal title of the Consolidated Appropriations Act of 2000. Thompson worked with Congressman Jay Inslee (D-WA) to promote this privacy provision, which requires each agency IG to report to Congress on how the agency collects and reviews personal information on its Internet site. Sixteen of the IGs had completed the reports by mid-February and the remaining reports are expected in a few months.

The legislation requiring the IG reports followed an audit by Thompson in October of 2000 which found that 13 agencies were using the information-gathering devices despite claiming they weren?t doing so.

Senator Thompson said that when Congress returns from recess he will be introducing bipartisan legislation to establish a commission to look at government privacy practices.

# # #

 Findings of the Report