When news broke several weeks back about the Census Bureau and the decision to scrap plans for the use of handheld devices and a so-called “high-tech count” in 2010 I can’t say I was “shocked.” I held off commenting because it brought back so many memories from 1980, from 1990 and from 2000. In fact, if I unearthed meeting notes, memos, and briefings from then, I likely could produce an account that mirrored what is swirling now: One of those “ripped from today’s headlines” accounts.

But it saddens me in so many ways:

After years of calling for an alternative to the Federal Information Security Management Act of 2002, one may have been proposed -- or at least the start of one. As Nextgov reported today, Rep. Jim Langevin, D-R.I., introduced the 2008 Homeland Security Network Defense and Accountability Act. generally, the knock against FISMA is that it measures processes not results. For example, good FISMA compliance requires providing training for "employees with significant security responsibilities," but nowhere does it require the agency to test how much the employees learned or retained form the training. With FISMA, agencies aren't sure how good or bad their security vulnerabilities are because FISMA doesn't test for them.

Langevin's bill takes a stab at measuring actual security results, at least for the Homeland Security Department, and, for what some security experts hope, could be governmentwide. The key to the bill is requiring DHS to test if it can successfully defend its networks against known cyberattacks and to conduct vulnerability testing. The bill would have DHS measure what is actually happening on the ground and defending itself against what are real threats.

The ho-hum response from the Hill concerning private contractor employees accessing the passport files of Sens. Barack Obama, D-Ill., Hillary Clinton, D-N.Y., and John McCain, R-Ariz., is a bit surprising -- or on second thought, is it?

As Ari Schwartz, deputy director of the Center for Democracy and Technology, pointed out in his Nextgov blog and in a Nextgov article, the point here is the lax attitude many agencies have taken in developing privacy impact assessments, which are required by the 2002 E-Government Act. In the assessments, agencies are supposed to analyze how they collect, store, share and manage personal information in federal networks. The idea is for agencies to develop policies that limit access to information before setting up a database.

State, Schwartz says, has done only cursory assessments. And a State agency official says the department believes they "have seen the last of this."

None of the congressmen in the Congress Daily article (link above) mentioned the privacy impact assessments or the E-Government Act. This may be an opportune time to investigate how well agencies have complied with the law's requirement to properly protect the private information they have stored on databases.

In a positive step for those of us who support greater public release of Congressional Research Service (CRS) reports, Sen. Joe Lieberman, I-Conn., has shown that he is committed to making it easier for senators to release them.

Following up on his resolution (S. Res 401) to provide the public with greater access to CRS reports, Lieberman called on Senate Rules Committee Chair Sen. Dianne Feinstein, D-Calif., to ensure that a complete system be crafted that allows members to make many reports accessible to the public rather than one that takes detailed effort from congressional staff to make individual reports available.

CRS provides important in-depth, non-partisan research to Congress on a wide range of issues. These taxpayer funded, unclassified documents have never been made readily accessible to the public by Congress. Despite being created with taxpayer funding and not copyrighted, they are regularly sold by information brokers.

Meanwhile, the best way for non-Hill staff to get access to these documents for free is OpenCRS an interactive project that provides the public with access to a portion of the CRS reports that have been released by various members of Congress through the cooperation of groups and individuals who have requested the reports release via members of Congress.

On a scale of importance, where would you rank the following: taxpayer personal information, plans for weapons systems, pre-decisional legal or enforcement deliberations, names of informants in this or other countries, results of drug trials, pre-award procurement information, blueprints of government facilities, schedules of surprise enforcement actions (immigration, food safety, etc.), unpublished minutes of the Federal Reserve Board Open Market Committee, and official travel schedules of government officials in countries with active terrorist cells?

Because I am a government annuitant and a participant in various federal health benefit programs, you can bet I am concerned that the Office of Personnel Management and its contractors maintain the highest standards in protecting personal, banking, and health information about me and my family. But it is clear to me that other government information is worthy of even higher standards of protection.

Apparently, in FedWorld, personal information must be far more important than any other type of data, because protection of personal information appears to be the sole focus of attempts to “fix” the Federal Information Security management Act (FISMA).

Then I remember that none of the other information types vote, so every elected official is elbowing others on the way to the microphone to proclaim his dedication to privacy principles … and the Office of Management and Budget is standing in line at the microphone to announce a new reporting requirement.

Billy Graham used to have a fellow who traveled everywhere with him whose sole responsibility was to detect when the Rev. Graham was getting carried away with himself or his mission and yell "bullsh**." I believe the U.S. government needs just such a person to keep the legislative and executive branches focused on protecting our most precious assets (including information). I would volunteer but the ceaseless shouting would be more than my aged body could stand.