privacy act

The Intimidation Game: The Secret Service vs. Jason Chaffetz

Most of the controversy over government surveillance programs in the last few years has focused on fears of what the NSA or FBI might do with the personal data they’ve collected on Americans guilty of no crime. But what if you’ve applied for a federal job? Surely that information would not be misused or improperly accessed, particularly since it is protected by the Privacy Act?

That’s probably what now-Congressman Jason Chaffetz (R-UT) thought when he applied for a job with the Secret Service in 2003. But as the chairman of the powerful House Committee on Oversight and Government Reform Committee, Chaffetz earned the hatred of many in the Secret Service for his investigations into the agency’s many recent blunders and scandals. Thanks to a Department of Homeland Security Inspector General investigation into the leak of Chaffetz’ 2003 Secret Service application, we now have an idea of how extensive the leak of his personal information was throughout the agency. As the IG noted:

We were unable to determine with certainty how many of those individuals in turn disclosed this information to others who did not have a need to know, who
may have then told others. However, the disclosure was widespread, and recipients of the information likely numbered in the hundreds. Those agents
we interviewed acknowledged freely sharing it with others in the Secret Service, often contemporaneously with accessing the information. One agent reported
that by the end of the second day, he was sent on a protection assignment in New York City for the visit of the President of Afghanistan, and many of the
approximately 70 agents at the protection briefing were talking about the issue. 

With one exception, the IG also found that senior civil servants in the Secret Service did nothing to stop the propogation of Chaffetz’ personal data:

Connolly: Yes to Privacy Act Liability for Mental and Emotional Distress

A couple of years ago I wrote here about the Supreme Court case denying that a person could collect damages from the government under the Privacy Act based on mental and emotional distress. It’s a narrow point, but an important one, because the harm privacy invasions produce is often only mental and emotional distress. If such injuries aren’t recognized, the Privacy Act doesn’t offer much of a remedy.

Obama Administration Fights Privacy Act Liability

In February 2004, privacy advocates were put off by a Supreme Court case called Doe v. Chao, in which the Court found that the Privacy Act requires a victim of a government privacy violation to show “actual damages” before receiving any compensation. The Act appeared to provide for $1,000 per violation in statutory damages, but the Court interpreted the legislation to require that actual damages be proven, after which the victim would be entitled to a minimum award of $1,000.

Internet Privacy Law Needs an Upgrade

Imagine for a moment that all your computing devices had to run on code that had been written in 1986. Your smartphone is, alas, entirely out of luck, but your laptop or desktop computer might be able to get online using a dial-up modem. But you’d better be happy with a command-line interface to services like e-mail, Usenet, and Telnet, because the only “Web browsers” anyone’s heard of in 1986 are entomologists. Cloud computing? Location based services? Social networking?

E-Verify: The Surveillance Solution

The federal government will keep data about every person submitted to the “E-Verify” background check system for 10 years.

At least that’s my read of the slightly unclear notice describing the “United States Citizenship Immigration Services 009 Compliance Tracking and Monitoring System” in today’s Federal Register. (A second notice exempts this data from many protections of the Privacy Act.)

Subscribe to RSS - privacy act