They created policies that could be ignored. That’s on them. They shouldn’t be able to use their position to avoid accountability or to scapegoat their contractors (that they likely hired without due diligence).
Government agencies should never be seen as victims. They hold power and authority that nobody else can hope to enjoy. There is no higher power to hold them to account because the electorate had already been subverted to maintain their position. So they should not be protected from fucking up. In this context, God or the Lord is not a higher power, it is also a scapegoat.
With great power comes everybody else’s responsibility... said only by people in this century.
Edit: to follow this up, CBP is also the agency that sucks up all the data on your phone and laptop. They have treasure troves of license plates, passport photos, and titty and dick pics.
They cannot absolve themselves of liability when they are invading everybody’s privacy. If they say they don’t use the data, and they are acting out of ignorance, then that’s a solid case for not collecting it in the first place.
As it stands, the US needs a GDPR.
Go after CBP for constitutionality of collection, for working outside of borders where they are legally not allowed to work, etc, but in this case I’d say let’s not blow things too out of proportion.
Remember when OMB lost hundreds of thousands of detailed compromising personal background check reports with all the identifying information including biometrics? This sounds like some port of entry data you could get with a camera in public.
Further: they are not absolving themselves. They are probably working their asses off right now to make sure this never happens again but somebody is going to pay for credit protection and insurance, and it should be the contractor that ignored their contract and all sensible security policy. So, there is is in the press release.
Lastly: I don’t think GDPR fixes this. Government (especially intel community and law enforcement) keeps the data as long as their record schedules allow.
Thankfully, laws about breaches required them to reveal this to us within a certain time. Privacy Officers have really hard jobs. To do them well is hard and thankless. Glad this one stuck to the law.
Maybe government agencies shouldn't be allowed to contract out. And if they are, then they should be held ultimately responsible for their choice of contractors.
Historical table: https://www.opm.gov/policy-data-oversight/data-analysis-docu...
A concurrence in my assessment: https://www.nationalreview.com/2017/02/federal-government-gr... ("So, since 1960, federal spending, adjusted for inflation, has quintupled and federal undertakings have multiplied like dandelions, but the federal civilian workforce has expanded only negligibly, to approximately what it was when Dwight Eisenhower was elected in 1952." Note I'm not necessarily agreeing with the sentiments expressed elsewhere in that article.)
AFAIU for over half a century there's been something of a gentlemen's agreement in Congress among Democrats and Republicans that keeps the official headcount fixed while expanding government through contractors--the closest thing to a wide-spread "conspiracy" (tongue-in-cheek) I've ever seen. Of course, lobbyists and the contracting industry play a huge part in maintaining the system, but IMO that overlays the long-term political equilibrium reached in Congress.
One reason I finger Congress, and not lobbyists, as the principal supporters of the system is that Democrats would much rather have full-time federal employees, so they're clearly compromising. It's hard to say what Republicans want, but to many Republicans hiring contractors 1) squares limited government with electoral pressures to "do stuff" at the federal level, and 2) superficially provides better price signaling through competitive bidding (though if we're honest that's... complicated). Note how the numbers remain conspicuously stable across major domestic and international political shifts. It's fascinating.
State and local government workforces have ballooned, and a lot of federal expenditures are administered via state-based programs. But that doesn't conflict with the "conspiracy" noted above, it's arguably just a way for the Democrats and Republicans to jockey around it.
I'd like to believe that this will happen, but I've seen plenty of cause for FSCs to be revoked and almost no FSC revocations.
seems to have worked out very well for the army, and their contractors.
So well in fact, that a senator is on a campaign to pass legislation to specifically address the military case (leaving cases like the CBP which should be as obvious as from the get go, to be dealt individually too). The system is so broken in its lack of accountability that even well intentioned people are driven to insanity as the norm.
This is incorrect. They can absolve themselves of liability an act with impunity.
You and I might not like that, but it is fact.
I think that giving the benefit of objectiveness makes it easier for them to continue down this path.
That's a weird absolute, and that's before the side dish of theology and... Spiderman? You can be powerful or negligent or whatnot and still be a victim.
It's not _the people_ who made the decision to collect this data.