Skip to main content

Privacy: Congress Should Consider Alternatives for Strengthening Protection of Personally Identifiable Information

GAO-08-795T Published: Jun 18, 2008. Publicly Released: Jun 18, 2008.
Jump To:
Skip to Highlights


Concerns have been raised about the privacy and security of personal information in light of advances in information technology and the increasingly sophisticated ways in which the government obtains and uses information. Federal agencies' use of personal information is governed by the Privacy Act of 1974 and the E-Government Act of 2002, while the Office of Management and Budget (OMB) provides implementation guidance and oversight. These laws and guidance are based on the Fair Information Practices, a set of widely accepted principles for protecting privacy. GAO was asked to testify on its report, being released today, concerning the sufficiency of privacy protections afforded by existing laws and guidance. To do this, GAO analyzed privacy laws and guidance, compared them with the Fair Information Practices, and obtained perspectives from federal agencies as well as an expert forum.

Full Report

Office of Public Affairs


Classified informationComputer securityConfidential informationE-governmentGovernment informationGovernment information disseminationInformation accessInformation disclosureInformation managementInformation securityInformation security managementInformation security regulationsInformation systemsInformation technologyPersonal securityPrivacy lawPrivacy policiesPrivacy policy violationProgram evaluationProgram managementRecordsRecords managementReporting requirementsRight of privacyRisk assessmentRisk managementSecurity policiesSecurity regulationsStrategic planningSystems analysisTechnologyPersonal informationProgram goals or objectives