Data Divulgers

By IAIN MURRAY & DAVID BIER

The investigative journalists at the Carolina Journal recentlydiscovered that North Carolina governor Bev Perdue had been receiving confidential employment data from the Department of Labor possibly days in advance of its official relief. As they pointed out, this was "quite likely in violation of federal law," the Confidential Information Protection and Statistical Efficiency Act of 2002. What makes this disclosure worse is that the governor's press office often rewrote the federal press release "and added a positive spin, even if the data did not support Perdue's talking points." If politicians and bureaucrats treat official data this cavalierly for their own ends, what are they likely to do with your personal data?

According to a new Government Accountability Office (GAO) report,the Internal Revenue Service (IRS) has consistently failed to properly secure sensitive tax and financial information. GAO "testing showed that systems used to process tax and financial information did not effectively prevent access from unauthorized users
or excessive levels of access for authorized users."

Worse, the GAO found that even though the IRS conducted regular system checks, it failed to detect the problems. "These vulnerabilities were not known to IRS despite those systems being in compliance with the agency's policies on periodic control reviews and testing," says the GAO report. Identity information is required to pay our taxes, register property, and get government benefits -- but that information is not secure and the government doesn't know why.

The GAO report was prompted by a spate of government security failures. In 2006, the personal information of 26.5 million veterans was stolen from the home of a Department of Veterans Affairs employee. In 2007, the State of Georgia lost Medicaid records for 2.9 million people. California and Pennsylvania have lost thousands of Medicaid records as
well.

The problem is about to become much worse. The Department of Health and Human Services (HHS) has proposed a rule under Obamacare that would centralize everyone's patient and hospital records. Yet an HHS contractor recently lost health care information for nearly 50,000 Medicare recipients. Individual health care records are some of the most private papers Americans have. If a bank lost your personal account information, you'd probably want to find another bank. If a store lost your loyalty card information you probably wouldn't be loyal to them anymore. But the government doesn't give you a choice, and requires your loyalty.

These mistakes haven't slowed down the government's desire for more information and power. Rep. Lamar Smith (R-TX) pushed to mandate E-Verify for every U.S. employee and business through the Legal Workforce Act (H.R. 2885). E-Verify is an electronic employment eligibility verification system designed to check an employee's immigration status and identity information against a government database before approving him for work. Whatever you think about immigration, that Americans have to ask government permission to be employed is outrageous. E-Verify takes us one step closer to a "papers please" state.

Moreover, the centralized database that E-Verify would require would make for a tempting target for identity thieves, as it would include a new hire's name, Social Security number, address, age, picture, maiden name for women, and often a driver's license number.

Worse, the federal government's effort to centralize all worker information comes on top of its failure to secure its own employees' confidentiality. In 2006, for example, the Transportation and Security Administration accidentally mailed nearly 1,200 of its employees' Social Security numbers and birth dates to the wrong addresses. The same year, the U.S. Department of Agriculture lost the personal information of nearly 26,000 employees.

Obamacare and E-Verify's "on-the-books" databases aren't the only ones Americans should fear. In 2006, a USA Today investigation revealed that the National Security Agency (NSA) maintained a database of nearly 2 trillion calls provided by the four largest telephone carriers (AT&T, Verizon, SBC, and BellSouth). The year before, NBC News uncovered a Pentagon database of information on peaceful protesters -- the so-called TALON program. Although both programs were officially closed, the information is still out there -- the NSA retained its call files and TALON's data was handed over to the FBI's Guardian database.

Almost 4.2 million Americans have access to "classified" information. No wonder the government leaks like a colander. Of course, leaks are not unique to the government, but consumers have recourse against firms that mishandle their information. They can withhold their business, switch to a competitor, or file a lawsuit. Taxpayers can't go elsewhere and no federal bureaucracy has ever filed bankruptcy. All they have is a supposed right "to be secure in their persons, houses, papers, and effects." Until government is downsized and declawed, that right will continue to look paper thin.