The Government Accountability Office (GAO) is suggesting in a new report that Congress designate an agency to issue government-wide guidance or regulations to help protect Americans’ civil rights and civil liberties while using personal data.
The Nov. 19 GAO Q&A report notes that there are no government-wide laws or guidance regarding data security. However, emerging technologies such as AI or facial recognition have rapidly increased the amount of personally identifiable information (PII) that Federal agencies collect, share, and use.
GAO conducted a deep dive into the efforts of the 24 Chief Financial Officers Act of 1990 (CFO Act) agencies to protect the public’s civil rights and civil liberties when collecting, sharing, and using data. The government watchdog found that all 24 had designated an official to oversee the protection of civil rights, while seven designated an official for civil liberties.
Additionally, 16 of the 24 agencies reported addressing civil rights and civil liberties protections either in separate policies and procedures or in privacy compliance activities.
Through a questionnaire sent to the agencies, GAO found that they ran into challenges when it came to protecting Americans’ civil rights and liberties. Twelve agencies cited “complexities in handling protections associated with new and emerging technologies,” while 11 reported “a lack of qualified staff possessing needed skills in civil rights, civil liberties, and emerging technologies.”
Eight of the 24 agencies said a government-wide law or guidance would “strengthen consistency in addressing civil rights and civil liberties protections.” Notably, one agency said such guidance could “eliminate the hodge-podge approach to the governance of data and technology.”
“Agencies pointed out that emerging technologies pose new questions and concerns with protecting civil rights and civil liberties,” the report says. “Therefore, it is important for Congress to direct an appropriate Federal entity to issue government-wide guidance or regulations that address a broad approach to considering civil rights and civil liberties protections.”
“Until such guidance or regulations are issued, there is an increased risk of agencies’ collection, sharing, and use of data potentially violating the public’s civil rights and civil liberties,” it adds.
GAO said it provided a draft of this report to the Office of Management and Budget and the 24 CFO Act agencies. As the report only offered a suggestion for Congress, the agencies did not agree or disagree with the report.
