News

Privacy Concerns About U.S. Database

November 19, 2008

Share This Story

FREE Daily News Alerts

As a general rule, big government databases aren't especially popular, and higher education's recent experiences with them -- be they the relatively new federal database to track foreign students in the wake of September 11, or a proposed "unit records" database to track the academic success of students as they move through the educational system -- have generated controversy.

Little wonder, then, that advocates for colleges and students are more than a little concerned -- okay, freaked out -- by a plan by the U.S. Department of Education's Office of Inspector General to gather personally identifiable information from nine existing databases of grant, loan and contract recipients into one giant "data analytics system" and by the Education Department's decision to waive certain privacy rules for the new records system.

"We are ... quite alarmed by the scale and scope of data collection proposed in [the proposed database], by OIG’s apparent belief that it has an unfettered right to engage in data mining on records of individuals who have had any interaction with the department, and worse still, OIG’s apparent belief that it may disclose individually identifiable information from [the database] to various outside entities, including foreign agencies and private organizations, without the consent of the individual," the American Association of Collegiate Registrars and Admissions Officers wrote to the inspector general on behalf of six other associations of colleges and students.

The groups, who go out of their way to say that they generally support the inspector general's efforts to rein in fraud and abuse, were responding to a notice published in the October 16 Federal Register in which the inspector general's office sought comments on a plan to take information from nine existing databases -- including several major collections about student financial aid recipients -- and store it in a new database. The massive data source will allow the inspector general's office, by analyzing patterns of data, to better identify "internal control weaknesses" and improve its modeling and planning to "predict anomalies indicating fraudulent activity." The inspector general's office in the Education Department is, like its peer offices in all federal agencies, responsible for ferreting out fraud and abuse involving federal programs and funds.

The database will "store individually identifying information" -- Social Security numbers, birth dates, and conceivably financial information about student aid applicants and their parents -- about an enormously wide range of people, the department's notice states: "Employees of the Department; consultants; contractors; grantees; advisory committee members or others who have received funds from the Department for performing services; students who have applied for Federal student financial assistance; Pell Grant recipients; borrowers of William D. Ford Federal Direct Loans, Federal Family Education loans, Federal Insured Student loans or Federal Perkins loans; owners, board members, officials, or authorized agents of postsecondary institutions; and individuals applying to the Department's Office of Federal Student Aid for a personal identification number."

That's the first problem with the department's plan, the college groups say: that it plans to "allow massive amounts of irrelevant, unnecessary, and erroneous information about U.S. citizens to be secretly compiled" in a centralized place.

That problem is exacerbated, they say, by the fact that the department, in a final regulation also published in the Federal Register on October 16, grants numerous waivers to the federal Privacy Act that will allow the inspector general to share information from its new database with other parties -- other federal agencies, state law enforcement agencies, and even foreign governments -- that request it and can persuade the department that they need it. And those disclosures can be permitted without notifying those whose information is being released or giving them a chance to correct flawed information.

"It's troublesome enough that they are seeking to collect this extraordinary amount of information to use for themselves, though it may be acceptable if they use it to fulfill their statutory duties," said Barmak Nassirian, associate executive director of the registrars' group. "But then they take this enormous leap from having the right to access such for themselves to having the right to disclose data on a very loosey-goosey basis, to virtually every Tom, Dick and Harry that strikes their fancy."

The inspector general's office insists that the colleges' concerns are greatly exaggerated. It notes that the data that will populate the new database already exist in the numerous underlying databases, and that the privacy rules that would govern the new database largely mirror the ones that apply to the existing databases. In other words, the Education Department can already provide information from the database that contains financial data submitted by applicants for federal student financial assistance to state or even foreign law enforcement agencies that are investigating possible fraud involving their programs.

Bottom line, the inspector general's office asserts: the new database will not provide any disclosure of this information beyond what is already permitted, and the information will be no less protected in the new database than it is in the underlying databases in which it resides now.

That is likely to prove little comfort to the college groups, given their strong rhetoric. "We do not believe that the Inspector General Act of 1978, as amended, was ever intended by Congress to allow the creation of a Big Brother-like surveillance system by any IG, to permit any IG to set itself up as a data
mart of information on U.S. citizens for domestics and foreign law enforcement agencies, or to
authorize any IG to provide background checks and degree verification on U.S. citizens to
private entities, with or without their permission."

The other groups that signed the letter were the American Association of Community Colleges; the American Association of State Colleges and Universities, the American Council on Education, the Association of American Universities, the National Association of Independent Colleges and Universities, the National Association of State Universities and Land-Grant Colleges, and the United States Student Association.

— Doug Lederman

Go to comments (8) »

Get Hired!

See all postings »

Matching Jobs

Most Popular

Comments on Privacy Concerns About U.S. Database

When are humans not "subjects?"
Posted by Miller on November 19, 2008 at 5:05am EST
Any one who has gone through the pain and suffering necessary to get IRB approval to do a simple survey of individuals can get a real belly laugh out of this latest proposal. The disparity between what is required of legitimate science to study human subjects, and what is required of businesses (not to mention journalists) to protect privacy is astronomical. The message seems to be that the profit motive is a far more important value to protect than progress in basic research on humans.

Privacy concerns
Posted by Katherine on November 19, 2008 at 7:45am EST
If the database information is already available, the need for another database would be unnecessary. In fact, it opens another avenue for the information to be hacked or mismanaged. The Education Department's minimizing the concern as an exaggeration is testament to the minimizing concern of the privacy and respect of students.

Fraud, Greed and Deceit, Oh My!
Posted by R.F. on November 19, 2008 at 9:41am EST
"And those disclosures can be permitted without notifying those whose information is being released or giving them a chance to correct flawed information."
...and there is a lot of flawed information, not to mention fraud and the "legal but unethical" gaming that goes on. It is true that there are some very wealthy folks who are getting Pell Grants.
Normally, I wholeheartedly support any effort to reduce fraud, waste and abuse, but I think that we should not be trampling individuals rights to do so. I support the OIG's initiative in principal, but I think that some basic protections should remain.
As far as the information being flawed, well it has been allowed to be flawed for a long time. It appears this effort would begin to make the data less flawed, and I think that is a goal we should support.

not alone
Posted by Theron on November 19, 2008 at 11:00am EST
Keep in mind that this mega data base will not exist alone, nor will it exist in a neutral system.
It would join numerous other data bases and on-going data collecting processes run publically and not so publically by various agencies of the Federal Government. Add it to the REAL ID Act, the Patriot Act and other acts that have eroded the right of privacy on one hand and the right to be notified of being collected on the other hand.
In yesterday's Federal Register, Homeland Security exenmpted itself from privacy discloures for data required from private aircraft based on such discloures' possible effect on investigations.
At the same time, Homeland Security and other agencies use data mining to troll for people on their radar screens..and we know how many people were arrested, detained and for how long with no charges filed.
This is not paranoia. It is a reflection on what has been done and the place a new mega data base may play in such a total system. OIG has already noted that people will not be notified of such collection or trolling.

I get it
Posted by Joe on November 19, 2008 at 11:55am EST
I understand the privacy issue involved here but i also know how frustrating it is dealing with silo'd data sources.
If WE told our auditors that we can't do process control checks because the data is in in 5 different systems that may be enough to fail an audit. I'm not sure why the government should be shackled to the point where the left hand has no idea what the right hand is doing.
IF we're going to trust the government to fund as much of education as they do then we also have to let them implement reasonable process and audit control mechanisms. The argument that all this data has already been willingly provided to the government is a powerful one. I don't support having students in this database who have never accepted Department funds. But if a student HAS accepted funds then isn't tracking part of the price that needs to be payed? I'm not sure it makes sense to say "gimme taxpayer money" and "get out of my business" at the same time.

Posted by Glen S. McGhee at FHEAP on November 19, 2008 at 4:45pm EST
I agree with Joe:
" IF we’re going to trust the government to fund as much of education as they do then we also have to let them implement reasonable process and audit control mechanisms."
The massive reaction against this by the HE associations shows how invisible this Federal funding is to them, and just how deep the institutional blind-spots can be.
Higher ed has been indiscriminate and promiscuous in her acceptance of "favors" from state and federal governments, as well as from corporations and anyone else that has wanted a piece of her. But, as Joe points out, there are strings attached.

Compiling Data Base - Private?
Posted by concerned about it all on November 21, 2008 at 3:55pm EST
Who do you trust? Well, after seeing all the corruption in Washington and various states at the upper level of "management" why should any of us trust this new scheme?
I have personally been unable to get one of the three credit reporting agencies to remove something that wasn't mine in the first place.
How can you believe that the "stuff" in those files are accurate? And, if they are not, how can they be fixed?
What arrogance to think that we would not find this to be troubling at the least!

Posted by Only somewhat paranoid on November 21, 2008 at 6:30pm EST
While the current proposal is disturbing and the Department dismisses critics by maintaining that sharing the data in the individual data bases are already available to law enforcement, it puts the call for a national "student unit record" system in a whole new light. The privacy advocates were dismissed as paranoid when they opposed Secretary Spellings' and Grover Whitehurst's proposal out of fear that the data would be available for all government agencies to peruse at will and share with foreign governments.
The IG's proposal proves the privacy advocates correct and anyone who does not see the inherent threats to individual privacy of turning over millions of records, including those who have not received financial aid, to the federal government for "data mining" should think again. While the incoming administration will undoubtedly respect individual rights more than the last and there is little reason to believe that an Obama administration would permit the domestic spying the last administration conducted, the imperial executive could rise again and government would be authorized to snoop at will.
I hope this proposal will provide a dose of reality for those enamored with national data systems and longitudinal analysis. In the hands of a government willing to agencies and other governments to snoop into personal data , such "benefits" are too costly.

Search News