Will GPO guarantee the privacy of users? Will any guarantees it does make be implemented carefully and accurately? It is important to ask these questions if libraries do not have copies of digital government information and all users must retrieve copies from government managed web servers. If libraries had copies of digital government information, users could retrieve that information from libraries (which have a long tradition and policies of protecting privacy of users) rather than from the government.
I was thinking about these issues and GPO’s commitment to data mining in its “Future Digital System” when I read a story this morning that sheds some light on current implementation of data mining in federal government agencies:
- GAO: Privacy issues remain in data mining programs By Patience Wait, Government Computer News (08/30/05).
The story quotes a new GAO report and says that “implementing privacy and security measures is haphazard…. Of five data mining programs at five different agencies, ‘none followed all key procedures’ for privacy and security measures.” The GAO report:
- Data Mining: Agencies Have Taken Key Steps to Protect Privacy in Selected Efforts, but Significant Compliance Issues Remain, Government Accountability Office, “Report to the Ranking Minority Member, Subcommittee on Oversight of Government Management, Committee on Homeland Security and Governmental Affairs, U.S. Senate.” (GAO-05-866) August 2005.
GPO’s commitment to data mining is spelled out in its Future Digital System requirements document in section 184.108.40.206, pages 92-95. This section specifies that the FDsys will log transactions and be able to extract, analyze and present data from Business Process Information, perform cross tabulations and “clusterization” and categorization, and perform association and link analyses. It will be able to “expose” sequential and temporal relationships and patterns and filter data at different levels of granularity and will have ability to create customizable reports for analysis of search terms. It will be able to send alerts or notifications to GPO users based on defined criteria.
Second there is nothing in the system specification to prevent the kinds of problems found by the GAO. Having procedures and policies in place doesn’t help if the agency doesn’t follow them.
- Will GPO guarantee that it will provide information products for free to the public and that those products will be fully-functional and not encumbered, disabled, controlled or otherwise non-optimal or locked-down versions?
- Will GPO guarantee that it will make available for deposit, without fee, into FDLP libraries that wish to receive them, all fully functional digital government information products within its purview?
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.