DHS Employees Sue TSA over Lost Hard Drive

May 15, 2007

A class action lawsuit claims that the loss of 100,000 records of employees at Department of Homeland Security constitutes a breach of the Privacy Act.

The American Federation of Government Employees is suing the Transportation Security Administration after the TSA lost a hard drive containing employment records for some 100,000 individuals.

The union represents employees throughout the Department of Homeland Security, including the TSA. Its class action lawsuit, filed within a day of the TSA announcing the missing hard drive, calls the loss of data a breach of the Privacy Act.

The hard drive, which the agency announced was missing on May 7, contains names, Social Security numbers, dates of birth, and payroll and bank account information.

In AFGE, et al v. Kip Hawley and TSA, the AFGE claims that by failing to establish safeguards to ensure the security and confidentiality of personnel records, TSA violated both the ATSA (Aviation and Transportation Security Act) and the Privacy Act of 1974 .

The ATSA mandates the TSA administrator to "ensure the adequacy of security measures at airports," and the Privacy Act directs that every federal agency have in place a security system to prevent unauthorized release of personal records.

"TSA's reckless behavior is clearly in violation of the law," AFGE National President John Gage said in the union's statement. "TSA must be held liable for this wanton disregard for employee privacy."

The AFGE is seeking for the TSA to create new security procedures consistent with the ATSA and the Privacy Act, specifically by electronically monitoring any mobile equipment that stores personnel data and by encrypting personnel data.

"The maintenance and safeguarding of personnel data is vital to the protection of security at our nation's airports," Gage said in the statement. "If the stolen information were to fall into the wrong hands, false identity badges easily could be created in order to gain access to secure areas. This is the Department of Homeland Security we are talking about. The American people look to DHS for security and protection. A DHS agency that cannot even shield its own employee data is not reassuring."

The union is also asking that the TSA grant leave to employees - specifically, what it calls transportation security officers - who request it in order to protect against or correct identity theft or financial disruption caused by identity theft.

The TSA discovered that the hard drive was missing on May 3. It contained records of people employed at the agency between January 2002 and August 2005.

The drive was discovered missing from a controlled area at the TSA headquarters' Office of Human Capital. As of last week, the agency still hadn't figured out if the drive is still somewhere within headquarters or in the hands of a thief.

TSA has begun to notify the affected individuals and is providing them with information about how to protect against identity fraud. The agency is also working out a process to purchase credit monitoring services for affected employees for one year.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Taking great ideas from the lab to the fab

add to favorites email to friend print save as pdf

Related Stories

Gov't says full-body scanners at airports are safe

Nov 18, 2010

(AP) -- They look a little like giant refrigerators and pack a radiation dose big enough to peer through clothing for bombs or weapons, yet too minuscule to be harmful, federal officials insist. As the government ...

Unclear what happens to personal info with Clear

Jun 27, 2009

(AP) -- More than a quarter million people are wondering what will happen to their fingerprints, Social Security numbers, home addresses and other personal information now that a company that sped them through ...

Recommended for you

Taking great ideas from the lab to the fab

9 hours ago

A "valley of death" is well-known to entrepreneurs—the lull between government funding for research and industry support for prototypes and products. To confront this problem, in 2013 the National Science ...

SR Labs research to expose BadUSB next week in Vegas

10 hours ago

A Berlin-based security research and consulting company will reveal how USB devices can do damage that can conduct two-way malice, from computer to USB or from USB to computer, and can survive traditional ...

US warns retailers on data-stealing malware

11 hours ago

US government cybersecurity watchdogs warned retailers Thursday about malware being circulated that allows hackers to get into computer networks and steal customer data.

User comments : 0