Can the federal government keep your personal information secure?

Secure information

The average citizen has very little faith in the federal government.  Approval ratings for our elected officials are at historic lows.  It is ironic then that people seem to have “selective blindness” when it comes to being willing to trust the government with their personal information and data online.

Lack of technology proficiency

Uncle Sam is one of the least qualified organizations in the world when it comes to protecting personal data.  Technology projects are often far more expensive and far less functional than those implemented in the private sector.  The primary reasons for this void of information technology competency are “low compensation” and “lack of motivation”.

More on government accountability:

An inescapable fact of life applies to U.S. federal agencies that are trying to hire the best and brightest technology graduates.  The government simply can’t compete with the high starting pay and lucrative stock options that private firms offer young computer science majors years before they even graduate from college.  This results in having to turn to employees with lower competency levels and contractors.  The end result is that there is much to be desired when it comes to technology expertise at the federal government.

Additionally, the technology workers that government employs have a serious motivation problem.  This is not due to any fault of their own, but rather due to the way projects are handled at the federal level.  Government employees enjoy one of the highest levels of job security in the world.  It is extremely rare that they are ever fired or laid off.  Pretty much the only ways government employees lose their jobs is due to retirement or death.

This creates an environment of complacency.  In the private sector, when you fail on a technology project you are held accountable.  If it’s a big project you are almost guaranteed to be fired.  If it’s a small project, it has an impact on your performance review and pay.  This accountability simply doesn’t exist for government employees.

IRS data

Should you trust the IRS with your private financial information?  That question depicts the exact predicament of several million taxpayers after identity thieves infiltrated TurboTax and perpetrated mass tax fraud in 19 states that led to the launch of a full-blown FBI investigation.  While TurboTax and other e-file affiliated sites are independent, the IRS has ultimate liability and must keep vigilant watch to prevent such catastrophes.  Hackers are often able to file fraudulent returns on behalf of other people and take their money long before the victims are notified.

Office of Personnel Management

The Office of Personnel Management (OPM) has responsibility for the U.S. federal government’s civil service system.  OPM also quite literally came under brute force attack from all directions back in June 2015 right after the feds announced the agency’s then recent data breach.  The breach was from Chinese hackers who sought valuable intelligence like security clearance data, SSNs, and DOBs.  OPM officials claimed the affected data was limited to subjects who’d worked at other agencies, as its local hub contains those files exclusively and allegedly excludes a vast majority of federal workers and retirees.

OPM initially reported to the general public that an estimated 4 million files were affected by the data breach.  Soon after, FBI Director James Comey claimed that 18 million files were affected which amounted to more than four times what OPM had originally stated.  But troubling discoveries continued as the count rose to almost 22 million confirmed files that were accessed by hackers in the data breach. 

The rising tally seems peculiar and showcases how inept the government is when it comes to technology expertise.  This makes you wonder just how many files were accessed in the data breach.  If we trust OPM’s 22 million number, it would clearly be the largest data file breach of its kind in U.S. history.

OPM’s data breach reportedly began in March 2014 and “may have started earlier”, per at least one reliable source.  But federal bureaucrats failed to notice until the earliest reported date in April 2015 – long after it was too late to prevent a catastrophic event well underway.

It is possible that the OPM’s administration knew what was about to occur but were powerless to act because their political ambitions came before any other consideration.  It is also possible that OPM’s disaster might have been an inside job by its own employees that were seeking economic benefit at the expense of public interests. At the end of the day, these data breaches clearly showcase how vulnerable the federal government databases are to hackers and identity thieves.  The inability of the government to hire the best and brightest technology professionals and the complete lack of accountability create an environment where your personal information is not very secure.  For these reasons, you should be very careful if you plan on trusting a government website with your personal data.