[Congressional Record (Bound Edition), Volume 154 (2008), Part 11]
[Senate]
[Page 15801]
[From the U.S. Government Publishing Office, www.gpo.gov]




                   VETERANS PRIVACY AND DATA SECURITY

  Mr. AKAKA. Mr. President, technology continues to affect both the 
strengths and the vulnerabilities of Government. Advances over the past 
decades in computer technology have enabled us to generate and access 
unprecedented amounts of data, and make information easily accessible 
to citizens as well as Government employees seeking to assist them. 
Technology allows information to travel from one coast to the other in 
the blink of an eye, offering the possibility that as technology 
improves so will the efficiency of Government.
  Unfortunately, the possibilities of the information age include an 
increased risk of data theft. According to the Identity Theft Resource 
Center, identity theft is the fastest growing crime in America. As we 
learned in 2006 with the theft of a Department of Veterans Affairs' 
laptop, which put into question the security of the personal 
information of 26.5 million veterans, neither Government Departments 
nor the people who rely on them are immune to these new and changing 
risks.
  In response to the VA computer theft, I, along with a number of my 
colleagues in the Senate and the House, requested the Government 
Accountability Office to conduct a study to determine whether existing 
privacy laws and guidance were adequate to protect the Federal 
Government's collection and use of personal information. Last month, 
GAO reported back to Congress, and recommended we consider revising 
existing Federal privacy laws. Following a June 18, 2008, Senate 
Homeland Security and Governmental Affairs Committee hearing on this 
and other matters related to privacy security, I joined committee 
Chairman Joe Lieberman and Ranking Member Susan Collins in calling for 
changes to modernize the Privacy Act.
  The Privacy Act of 1974 is the foundation of the Federal Government's 
privacy protection law. While this act provides a worthwhile basis for 
the protection of privacy, it was written in a different time when the 
Government faced different challenges. Mr. President, 1974 does not 
seem that long ago, but it was well before the emergence of many 
computer technologies that have changed the demands of data security. 
At that time, Bill Gates and Steve Jobs were unknown, Apple and 
Microsoft were little more than ideas, and neither laptops nor the 
Internet were part of the common American experience. The technological 
changes that have occurred since 1974, while bringing new 
opportunities, have also brought new challenges to the security of our 
privacy and safety of the personal information that is kept by the 
Federal Government. As technology changes, we need to continue to adapt 
the framework of Federal data security laws, as we began to do in 2002 
with the E-Government Act.
  As chairman of the Senate Committee on Veterans' Affairs, I know the 
Department of Veterans Affairs still has a long way to go towards 
establishing and securing the personal information of veterans. VA and 
several other Departments received an ``F'' on this year's Federal 
Information Security Management Act--FISMA--report card. I do not doubt 
that VA recognizes this is a problem, and I am pleased by the 
Department's recent move to streamline its information technology 
management structure. Still, good intentions provide little comfort or 
security to a veteran whose identity is potentially placed at risk 
because VA failed to put adequate policies and procedures in place to 
protect personal information. I expect VA to rapidly take the steps 
necessary to achieve a passing FISMA grade, so that veterans can have 
confidence in the Department's ability to protect their personal 
information. Technology should serve its intended purpose of helping, 
not harming, those who rely on the efficiencies it provides. I also 
look forward to Congress taking action to create privacy laws which 
meet the demands of 21st century technology.

                          ____________________