Privacy: Federal Law Should Be Updated to Address Changing Technology Landscape

Citation
Government Accountability Office, Privacy: Federal Law Should Be Updated to Address Changing Technology Landscape (GAO-12-961T) (July 31, 2012) (full-text).

Overview
The federal government collects and uses personal information on individuals in increasingly sophisticated ways, and its reliance on information technology (IT) to collect, store, and transmit this information has also grown. While this enables federal agencies to carry out many of the government's critical functions, concerns have been raised that the existing laws for protecting individuals' personal information may no longer be sufficient given current practices. Moreover, vulnerabilities arising from agencies' increased dependence on IT can result in the compromise of sensitive personal information, such as inappropriate use, modification, or disclosure.

The GAO was asked to provide a statement describing (1) the impact of recent technology developments on existing laws for privacy protection in the federal government and (2) actions agencies can take to protect against and respond to breaches involving [personal information.

The GAO previously suggested that Congress consider amending applicable privacy laws to address identified issues. GAO has also made numerous recommendations to agencies over the last several years to address weaknesses in policies and procedures related to privacy and to strengthen their information security programs.