Opening Statement: House Committee On Oversight And Government Reform
Statement
Opening Statement: House Committee On Oversight And Government Reform
I want to thank you again for this hearing today, Mr. Chairman. Four years ago, this committee undertook a detailed examination of peer-to-peer file-sharing programs. Since then, technology has advanced, legal actions have been initiated, and the landscape of companies and programs has changed. But the risk to sensitive personal information and confidential records still exists.
I'm pleased the committee is continuing an effort we began four years ago.
At that hearing, we examined the growing problem of pornography, including child pornography, on these networks. The testimony was surprising and shocking.
At the second hearing we examined issues similar to those we're focusing on today. We ask why highly personal information could be found on these networks. We looked at the prevalence of spyware or adware hidden within these programs, and we examined the growing risk of downloading computer viruses from files shared on these programs. Under my direction, the committee prepared and released a staff report highlighting the types of sensitive personal information available on these networks.
Four years later, it appears these problems persist. As I said then, users of these programs may accidentally share information because of incorrect program information. We'll learn today exactly what people are sharing, whether they know it or not.
As I've noted before, secure information is the lifeblood of effective government policy and management. Yet sensitive personal and classified information continues to be placed at risk. The examples we'll hear today will illustrate how far we have to go to reach the goal of strong, uniform governmentwide information security policies and procedures. At this hearing, we'll show the unique risks that we face.
I've focused on governmentwide information, management and security for a long time. The Privacy Act and the E-Government Act of 2002 outlined the parameters for the protection of personal information.
The incidents we'll examine today highlight the importance of establishing and following good security practices for safeguarding personal information whether at home or at work. They highlight the need for proactive security breach notification requirements for organizations, including federal agencies, dealing with sensitive personal information. And they demonstrate the need for personal vigilance and responsibility when online.
Federal agencies present unique data security requirements and challenges, and this has been our focus. These incidents demonstrate the importance of strengthening the laws and rules protecting personal information held by federal agencies. We need to do this quickly.
As we've seen, our computers hold sensitive personal and classified information on every citizen and on every subject. We need to ensure this information remains where it should and the public knows when its sensitive personal information has been lost or compromised. Public confidence in government in this area is essential.
It's important for us to recognize that file-sharing programs can be beneficial. As file size increases and demands for bandwidth expands, these programs can move huge amounts of data efficiently among a large number of users. But I think the volume and type of sensitive information out there will surprise people. And if this information is being harvested and shared through deceptive practices or manipulative programs, then it must stop.
For the past several years, we've focused on improving and enhancing the information security posture of federal agencies, because in the end, the public demands effective government, and effective government depends on secure information. So this is an issue that must remain a priority for all of us.
Mr. Chairman, thank you for continuing the committee's work in this important area. I want to welcome our witnesses and thank them for appearing today.
Source