DHS to Reassess Privacy and Information Sharing
The Department of Homeland Security is tasked with not only keeping the country safe from many different kinds of threats, but also presumably to do so while honoring the individual rights of the people.
That means that the line between invasion of privacy and securing against imminent danger is still in place, and therefore must be considered in every action the agency takes. That said, the DHS has announced that there will be changes to the way it disseminates information among its stakeholders so that personal identifiable information and vital privacy issues are still safeguarded.
In order for the agency to be effective it has to have a way to monitor for suspected threats and then share vital information with other agencies, and that’s something that privacy advocates have opposed throughout the process due to a lack of transparency in what information will be shared, and how.
For its part, the DHS says it’s working to make that transfer of information as safe as possible, meaning it has to find a way to effectively do its job without exposing individuals’ data to unnecessary risk.
That kind of information sharing and risk assessment is something that’s already made headlines this year. A man in Wisconsin reported receiving an email from the Veterans Administration that contained an attached spreadsheet with hundreds of US veterans’ Social Security numbers included. The error came to down to the method by which emails get shared from the VA; there’s a technological protocol in place that requires the sender to input a password before mailing off any document that contains a series of patterned numbers separated by hyphens. In this case, that would be something like “123-45-6789.”
Unfortunately, the VA stored the Social Security numbers without those hyphens, or in other words, “123456789.” That meant the information was shared without triggering the password requirement, unleashing those veterans’ information to an unintended recipient. As a result, a Wisconsin Congresswoman has already introduced legislation to require the VA to stop using SSNs as veterans’ identification numbers.
That’s the kind of step the DHS is working towards. A recent privacy assessment conducted by the agency took a long look at the risks to individuals when compared to the benefits of this kind of monitoring and information sharing. Further automated and manual privacy impact assessments will be conducted from time to time in order to make changes as they’re needed.
Anyone can be a victim of identity theft, anyone can use our services and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.