navigationTo Federal Internet Guide Home Page

Federal Sites on Web Gather Personal Data

By Robert O'Harrow Jr.
Washington Post Staff Writer
Thursday, August 28, 1997; Page E01

Internet sites operated by federal agencies routinely collect data about visitors without saying how the information will be used, a practice that clashes with the Clinton administration's call for safeguarding privacy on the global computer network, according to a study released yesterday.

Thirty-one of 70 government sites in the survey retrieved details, including names, ages and work histories, from the public. But only 11 of the sites provided statements about how the information was collected and used, according to the report by OMB Watch, a private research group based in the District.

Although the study did not uncover any abuses of the information, it concluded that at least four agencies probably violated provisions of the Privacy Act of 1974, which restricts how federal agencies gather and use personal records, said Ari Schwartz, an information issues specialist at OMB Watch.

"What we found is that the new medium has blurred the lines created by the Privacy Act of 1974 and subsequent laws," Schwartz said. "We feel that guidance clarifying the application of these laws to the Internet would ease tensions of both agencies who are reluctant to supply new information over the Web and users who are concerned about their privacy."

The Clinton administration has repeatedly called on Internet users to bolster confidence in the network by disclosing how personal information is collected and used.

That confidence was severely shaken in April when, under pressure from Congress, the Social Security Administration shut down a service on its World Wide Web page that allowed people to access their "personal earnings and benefits estimate statements," records commonly used in retirement planning.

Critics said users might be able to get access to personal information that was not their own. The SSA intends to release a report on the episode in the coming weeks, and it may restart the service with stronger security and a clearer statement to the public.

Yesterday, privacy specialists joined OMB Watch in concluding that the government needs to do a lot more work in developing clear policies on how it uses the Web.

If people don't know how information about them is going to be used, they will be less likely to retrieve information from the Internet and government agencies will be more reluctant to make that information available, the specialists said.

"All Web sites should have a privacy notice that is one click away from the home page," said Mary J. Culnan, a Georgetown University professor who is a member of the president's Commission on Critical Infrastructure Protection. "The government should lead by example."

"This is just part of the deal of surfing the Web," Culnan said. "You have a right to know what's going on."

Among the other the findings, the OMB Watch study noted that the Smithsonian Institution, the Peace Corps, the Federal Emergency Management Agency and the National Technology Transfer Center collected from job applicants personal information that was covered by the Privacy Act.

The report also said only four agencies in the study had consistent notices about what data was collected and how.

All the Web sites were surveyed this summer and all were linked to a Web site operated by the White House, Schwartz said.

© Copyright 1997 The Washington Post Company

Back to the top

Go to Federal Page | Go to Government | Go to Politics Section

Home page Site Index Search Help! Home page Site Index Search Help!