Congressional Record Statement of Senator Daniel K. Akaka
Mr. President, technology continues to affect both the strengths and the vulnerabilities of Government. Advances over the past decades in computer technology have enabled us to generate and access unprecedented amounts of data , and make information easily accessible to citizens as well as Government employees seeking to assist them. Technology allows information to travel from one coast to the other in the blink of an eye, offering the possibility that as technology improves so will the efficiency of Government.
Unfortunately, the possibilities of the information age include an increased risk of data theft. According to the Identity Theft Resource Center, identity theft is the fastest growing crime in America. As we learned in 2006 with the theft of a Department of Veterans Affairs' laptop, which put into question the security of the personal information of 26.5 million veterans , neither Government Departments nor the people who rely on them are immune to these new and changing risks.
In response to the VA computer theft, I, along with a number of my colleagues in the Senate and the House, requested the Government Accountability Office to conduct a study to determine whether existing privacy laws and guidance were adequate to protect the Federal Government's collection and use of personal information. Last month, GAO reported back to Congress, and recommended we consider revising existing Federal privacy laws. Following a June 18, 2008, Senate Homeland Security and Governmental Affairs Committee hearing on this and other matters related to privacy security , I joined committee Chairman Joe Lieberman and Ranking Member Susan Collins in calling for changes to modernize the Privacy Act.
The Privacy Act of 1974 is the foundation of the Federal Government's privacy protection law. While this act provides a worthwhile basis for the protection of privacy , it was written in a different time when the Government faced different challenges. Mr. President, 1974 does not seem that long ago, but it was well before the emergence of many computer technologies that have changed the demands of data security . At that time, Bill Gates and Steve Jobs were unknown, Apple and Microsoft were little more than ideas, and neither laptops nor the Internet were part of the common American experience. The technological changes that have occurred since 1974, while bringing new opportunities, have also brought new challenges to the security of our privacy and safety of the personal information that is kept by the Federal Government. As technology changes, we need to continue to adapt the framework of Federal data security laws, as we began to do in 2002 with the E-Government Act.
As chairman of the Senate Committee on Veterans' Affairs, I know the Department of Veterans Affairs still has a long way to go towards establishing and securing the personal information of veterans . VA and several other Departments received an ``F'' on this year's Federal Information Security Management Act--FISMA--report card. I do not doubt that VA recognizes this is a problem, and I am pleased by the Department's recent move to streamline its information technology management structure. Still, good intentions provide little comfort or security to a veteran whose identity is potentially placed at risk because VA failed to put adequate policies and procedures in place to protect personal information. I expect VA to rapidly take the steps necessary to achieve a passing FISMA grade, so that veterans can have confidence in the Department's ability to protect their personal information. Technology should serve its intended purpose of helping, not harming, those who rely on the efficiencies it provides. I also look forward to Congress taking action to create privacy laws which meet the demands of 21st century technology.
July 23, 2008