Skip to main content

U.S. SENATOR PATRICK LEAHY

CONTACT: Office of Senator Leahy, 202-224-4242

VERMONT

Remarks Of Sen. Patrick Leahy
On The Bush Administration’s Poor Record On Data Security
News Conference, Capitol Hill
Thursday, July 13, 2006

It is becoming an all-too familiar story in the lives of Americans: the escalating reports of the unauthorized disclosure or theft of sensitive, personal information.  And in too many of these cases, the breaches are occurring within the federal government, highlighting the Bush-Cheney Administration’s abysmal record on combating and protecting Americans from identity theft.

Because of this Administration’s recklessness and incompetence when it comes to data security and its refusal to admit and learn from its mistakes, millions of Americans – including our veterans and our active-duty service members who, at this very moment, are risking their lives in Iraq, Afghanistan and elsewhere – now have to worry about whether their personal information and the personal information of their loved ones is safe in the hands of the Bush-Cheney Administration. That is not something they should have to worry about.

Last year alone, there were 151 incidents of identity theft, affecting more than 57 million people, according to a study by the non-partisan Identity Theft Resource Center, whose representatives join us here today.  And, since the beginning of 2005, there have been at least 93 data breaches – many involving our governmental or military agencies – potentially affecting more than 32 million individuals.  That is unacceptable, and it is wrong.    

Just yesterday, news outlets were reporting a security breach at the State Department.  Regrettably, it comes on the heels of other government breaches including –
 

Ø     The posting of sensitive personal records for more than 100,000 Navy and Marine Corps aviators and air crew members – including names and Social Security numbers –on the Navy’s Safety Center website – a website that is available to the general public, according to reports in the Washington Post.  

Ø     The posting on another public web site of the personal information of at least 28,000 U.S. sailors and their family members.

Ø     The report by the Agriculture Department that a contractor for its Farm Service Agency inadvertently released the Social Security and tax identification numbers of about 350,000 tobacco farmers and landowners.
 

All of these unfortunate disclosures follow the theft of the personal data of 26.5 million of our veterans and active duty personnel at the Veterans Administration.  Fortunately, the FBI was able to recover the stolen laptop, but we cannot be certain that the sensitive information stored on this lap top was not compromised. 

A report issued by the VA Inspector General this week also found that the VA has still not done enough to protect the agency's data or to hold officials responsible for its data breach accountable.

While it may be impossible to stop all breaches of personal data, most if not all of these breaches could have been avoided if the Administration had simply followed safe and well-established information handling practices.

These data security breaches illustrate why we need strong federal data privacy and security laws.  Last year, Senator Specter and I introduced the Personal Data Privacy and Security Act, which requires federal agencies and private data brokers to give prompt notice when sensitive personal information has been breached or stolen.  The Judiciary Committee overwhelmingly approved this bill last fall, but almost a year later, the Senate has still not acted on this legislation. 

Had this bill been in enacted, it would have required the VA and other federal agencies to promptly notify the millions of Veterans and service members now at risk of identity theft about the theft or disclosure of their personal data.

Our bill also addresses the government’s use of personal data by putting privacy and security front and center in evaluating whether data brokers can be trusted with government contracts that involve sensitive information about the American people.

For the sake of all Americans – and especially our veterans and men and women in uniform – Congress needs to make data security and privacy a priority in the remaining weeks of this session and act now to pass comprehensive data privacy and security legislation.

The Republican leadership of Congress so far has chosen not to make this bill a high priority.  The American people have had enough of this recklessness with their personal information.  It’s past time to put the public’s concerns about data security on Congress’s to-do list for the few remaining weeks left in this session.

# # # #

 

 Return to Home Page Senator Leahy's Biography For Vermonters Major Issues Press Releases and Statements Senator Leahy's Office Constituent Services Search this site