The ho-hum response from the Hill concerning private contractor employees accessing the passport files of Sens. Barack Obama, D-Ill., Hillary Clinton, D-N.Y., and John McCain, R-Ariz., is a bit surprising -- or on second thought, is it?

As Ari Schwartz, deputy director of the Center for Democracy and Technology, pointed out in his Nextgov blog and in a Nextgov article, the point here is the lax attitude many agencies have taken in developing privacy impact assessments, which are required by the 2002 E-Government Act. In the assessments, agencies are supposed to analyze how they collect, store, share and manage personal information in federal networks. The idea is for agencies to develop policies that limit access to information before setting up a database.

State, Schwartz says, has done only cursory assessments. And a State agency official says the department believes they "have seen the last of this."

None of the congressmen in the Congress Daily article (link above) mentioned the privacy impact assessments or the E-Government Act. This may be an opportune time to investigate how well agencies have complied with the law's requirement to properly protect the private information they have stored on databases.