COMPUTER MATCHING AND PRIVACY PROTECTION ACT OF 1988
Document Type:
Collection:
Document Number (FOIA) /ESDN (CREST):
CIA-RDP91B00390R000200200009-7
Release Decision:
RIFPUB
Original Classification:
K
Document Page Count:
54
Document Creation Date:
December 23, 2016
Document Release Date:
January 17, 2013
Sequence Number:
9
Case Number:
Publication Date:
July 27, 1988
Content Type:
REPORT
File:
Attachment | Size |
---|---|
CIA-RDP91B00390R000200200009-7.pdf | 3.8 MB |
Body:
Declassified and Approved For Release 2013/01/17
CIA-RDP91B00390R000200200009-7
106TH CONGRESS
2d Session HOUSE OF REPRESENTATIVES { REPORT
100-802
COMPUTER MATCHING AND PRIVACY PROTECTION ACT
OF 1988
JULY 27, 1988.?Committed to the Committee of the Whole House on the State of
the Union and ordered to be printed
Mr. BROOKS, from the Committee on Government Operations,
submitted the following
RE
[To accompany H.R. 4699]
[Including cost estima ngressional Budget Office]
The Committee on Government Operations, to whom was re-
ferred the bill (H.R. 4699) to amend title 5, United States Code, to
ensure privacy, integrity, and verification of data disclosed for com-
puter matching, to establish Data Integrity Boards within Federal
agencies, and for other purposes, having considered the same,
report favorably thereon without amendment and recommend that
the bill do pass.
SUMMARY AND PURPOSE
The purpose of H.R. 4699, the Computer Matching and Privacy
Protection Act of 1988, is to regulate the use of computer matching
conducted by Federal agencies or using Federal records subject to
the Privacy Act of 1974.
Computer matching is the computerized comparison of records
for the purpose of (i) establishing or verifying eligibility for a Fed-
eral benefit program, or (ii) recouping payments or delinquent
debts under such programs. Matches performed for statistical, re-
search, law enforcement, tax, and certain other purposes are not
subject to the act.
H.R. 4699 provides that computer matching involving Federal
data can be conducted, only pursuant to matching agreements en-
tered into by the agency providing the data to be matched and the
agency receiving the dkitta. Matching agreememts must specify the
purpose and legal authdrity for the matching Program, describe the
nature of the match and the expected results, include procedures
86-619
Declassified and Approved For Release 2013/01/17
ICIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17: .
CIA-RDP91B00390R000200200009-7
2
for notifying individuals affected by the match and for verifying in-
formation, and describe how the records will be protected.
Information resulting from computer matching programs must
be independently verified before any adverse action can be taken.
Individuals must be given notice and an opportunity to contest any
findings resulting from a computer match.
The act requires each Federal agency involved in a matching
program to establish a Data Integrity Board composed of senior
agency officials. The Board will review and approve matching
agreements, programs, and activities; evaluate compliance of
matching programs with applicable requirements; review the con-
tinued justification for matching; provide guidance; and file an
annual report with OMB.
The Privacy Act responsibilities of the Office of Management and
Budget are consolidated and codified. OMB is required to issue
guidelines and regulations for computer matching; hear appeals
from Data Integrity Board disapprovals of matching program; and
file a consolidated report on computer matching with the Congress.
Existing Privacy Act system reporting requirements are modified
to include computer matching. The reporting requirements for new
and changed system notices are revised. Current requirements for
a report by the President and publication of a compilation by the
Office of Federal Register are changed from annual to biennial.
COMMITTEE ACTION AND VOTE
H.R. 4699 was introduced by Representative Glenn English on
May 26, 1988. The Committee on Government Operations ordered
the bill reported on June 9, 1988, by voice vote.
HEARINGS
On June 23, 1987, the Government Information, Juice, and Ag-
riculture Subcommittee held a hearing on S. 496,1 a computer
matching bill that passed the Senate on May 21, 1987. Witnesses
were Joseph R. Wright, Jr., Deputy Director, Office of Management
and Budget; Eleanor Chelimsky, Director, Program Evaluation and
Methodology Division, General Accounting Office; Ronald L.
Plesser, Nash, Railsback & Plesser, representing the American Bar
Association; and Janlori Goldman, staff attorney, American Civil
Liberties Union.
BACKGROUND
Computer matching has been a controversial matter for more
than 10 years.' Computer matching using Federal agency records
The most recent hearing on computer matching legislatior; was held in 1987. Computer
Matching and Privacy Protection Act of 1987, Hearing before a Subcommittee of the House Com-
mittee on Government Operations, 100th Cong., 1st Sess. (1987) [hereinafter cited as "1987 House
Matching Hearing"].
Other hearings, reports, and documents about computer matching cited throughout this
report are:
House Committee on Government Operations, Who Cares About Privacy? Oversight of the Pri-
vacy Act of 1974 by the Office of Management and Budget and by the Congress, H.R. Rept. No.
98-455, 98th Cong., 1st Sess. (1983) [hereinafter cited as "1983 House Privacy Act Oversight
Report'].
Continued
Declassified and Approved For Release 2013/01/17:
IA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
3
began in 1977 at the Department of Health and Human Services
with a program called Project Match.2 Secretary Joseph Califano
announced a program to compare welfare rolls in selected jurisdic-
tions with Federal payroll records for the same areas. The assump-
tion behind the program was that people on the Federal payroll
would not be eligible to receive welfare payments. The identifica-
tion of these people through computer matching was intended to
reduce fraud, waste, and abuse.3
Matching has been highly touted by inspectors general, the
President's Council on Integrity and Efficiency [PCIE], and the
Congress as an effective weapon in the battle against fraud. The
goals of computer matching programs are admirable. The results
are less certain. Matching has been criticized as unproven and inef-
fective, as well as illegal and violative of privacy rights.
The purpose of H.R. 4699 is to regulate the use of computer
matching by Federal agencies. H.R. 4699 also applies when Federal
records maintained in a system of records as defined in the Privacy
Act of 1974 are used for matching State and local governments.
H.R. 4699 primarily addresses due process, administrative controls,
and cost-effectiveness issues. Other concerns about computer
matching are beyond the scope of this bill.
Oversight of the Privacy Act of 1974: Hearings before a Subcommittee of the House Committee
on Government Operations, 98th Cong., 1st Sess. (1983) [hereinafter cited as "1983 House Privacy
Hearings"].
Kirchner, "Privacy: A History of Computer Matching in Federal Government," Computer-
world (December 14, 1981), reprinted in 1983 Privacy H_earings at Appendix 2 [hereinafter cited
as "Kirchner"].
Oversight of Computer Matching to Detect Fraud and Mismanagement in Government Pro-
grams: Hearings before the Subcommittee on Oversight of Government Management of the
Senate Committee on Governmental Affairs, 97th Congress, 2d Sess. (1982) [hereinafter cited as
"1982 Senate Hearings"].
Computer Matching and Privacy Protection Act of 1986, Hearing before the Subcommittee on
Oversight of Government Management, Senate Committee on Governmental Affairs, 99th Cong.,
2d Sess. (1986) [hereinafter cited as "1986 Senate Hearings"].
Office of Management and Budget, "Guidelines for the Conduct of Matching Programs," 44
Federal Register 23138 (April 18, 1979), reprinted in 1983 House Privacy Hearings, Appendix 1
[hereinafter cited as "1979 OMB Matching Guidelines"].
Office of Management and Budget, "Revised Supplemental Guidance for Conducting Matching
Programs," 47 Federal Register 21656 (May 19, 1982), reprinted in 1983 House Privacy Hearings,
Appendix 1 [hereinafter cited as "1982 OMB Matching Guidelines"].
Office of Technology Assessment, Electronic Record Systems and Individual Privacy (1986)
[hereinafter cited as "OTA Report'].
General Accounting Office, Computer Matching: Assessing Its Costs and Benefits (1986) (GAO/
PEMD-87-2) [hereinafter cited as "GAO Cost Benefit Report"].
General Accounting Office, Computer Matching: Factors Influencing the Agency Decision-
Making Process (1986) (GAO/PEMD-87-3BR) [hereinafter cited as "GAO Decision-Making
Report"].
General Accounting Office, Eligiblity Verification and Privacy in Federal Benefit Programs: A
Delicate Balance (1985) (GAO/HRD-85-22) [hereinafter cited as "GAO Eligibility Verification
Report"].
2 There may have been some earlier computer matching. GAO refers generally to two pre-
1976 computer matches, but provides no description. See GAO Eligibility Verification Report at
11. See also 1982 Senate Hearings at 47 (testimony of Richard Kusserow, Inspector General, De-
partment of Health and Human Services). It appears likely that there was some use of computer
matching before HEW's Project Match. However, the discussion of matching as a policy issue
begins with the HEW announcement.
For an excellent review of the early history of computer matching, see Kirchner.
3 For a review of some of the results of the HEW matching program, see Hendricks, "How
Not to Catch Welfare Cheaters," Washington Post (July 1, 1979). Henricks concluded that
Project Match cost more than it saved and that it subjected innocent welfare recipients to har-
assment and coercion.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
4
A. WHAT IS COMPUTER MATCHING?
Typically, Federal agencies use computer matching to locate an
individual, verify eligibility for benefits, or to develop investigatory
leads. There are several different computer-assisted techniques for
identifying similarities and differences between records. With
"classic" computer matching, a computer compares the records of
two separate data bases looking for individuals (or organizations)
that appear in both files. Typically, the data bases contain informa-
tion on beneficiaries under two different Government programs.
Government records can also be matched against nongovernmental
records.4
Matching may be used to identify people enrolled in two pro-
grams. For example, a match might attempt to find all Federal em-
ployees who are receiving food stamps. Matching might also be fo-
cused more narrowly. It can identify people in one program who
are also involved in a second program and who have a specific
characteristic. For example, matching was used to compare welfare
records with bank records in order to identify welfare recipients
with bank acounts that exceeded specified amounts.5
The result of a match is a list of so-called raw hits. Anyone iden-
tified as meeting the criteria set for the match will normally be the
subject of additional investigation.6 However, an individual whose
name appears on such a list cannot automatically be assumed to be
in violation of law. There are many reasons the initial results of a
match must be used with caution. For example, the data may be
incorrect, social security numbers may be inaccurate, the records
may cover inconsistent time periods, or the match may be based on
invalid or improbable assumptions.7
Another type of computer matching is "front-end verification."
This technique compares information provided by a program appli-
cant with data in other Government files. This procedure allows
verification of the accuracy of the applicant's information at the
time of application.5
A major difference between front-end verification and classic
matching is in the number of records involved. Classic matching in-
volves all the records in one record system with all the records in a
second system. All records are reviewed without any selectivity or
targeting. Front-end matching is more narrowly focused because it
compares a single record with the contents of a separate record
system.9
B. COMPUTER MATCHING AND THE PRIVACY ACT OF 1974
The Privacy Act of 1974 10 establishes rules governing the collec-
tion, maintenance, use, and disclosure of personal information
4 See OTA Report at 37-66 (1986); GAO Cost Benefit Report at 16.
6 See, for exam*, 1982 Senate Hearings (testimony of 'William T. Hogan, Secretary, Executive
Office of Human Services, State of Massachusetts).
6 GAO Cost Benefit Report at 20-21.
7 Id.
8 OTA Report at 67-86. GAO Cost Benefit Report at 16.
9 There are other related computer-based techniques that are not generally within the scope
. of H.R. 4699. See the discussions of computer profiling and computer screening in OTA Report
at 87-98 and GAO Cost Benefit Report at 16.
'? 5 U.S.C. ? 552a (1982).
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
5
maintained by Federal agencies. The act has no specific provisions
addressing computer matching," but the rules governing systems
of records 12 may apply to matching operations. The rules requir-
ing public notice and restricting disclosure of information are the
most relevant. In 1979 and 1982, the Office of Management and
Budget issued guidance on the conduct of matching programs in-
corporating the Privacy Act requirements:13
Under current law, an agency must provide public notice of
matching activities in two circumstances. First, if a new system of
records is established to support a computer match, the agency
must publish a description of the system in the Federal Register."
Second, if the disclosure of information from a system of records is
required to support a matching activity, the agency must publish a
description of the "routine use" authorizing the disclosure.'
The disclosure limitations of the Privacy Act have not restricted
disclosures for computer matching. There was considerable contro-
versy over the legality of disclosures for matching purposes during
the first few years following HEW's Project Match." These legal
issues are discussed elsewhere." However, it is fair to state that
the disclosure restrictions of the Privacy Act have been interpreted
by OMB and other agencies to permit disclosures necessary to sup-
port computer matching.' 8
As a result, the Privacy Act presents only a few procedural bar-
riers to matching, and those barriers are easily overcome. The com-
mittee is not aware of any computer match that could not be con-
ducted because of Privacy Act disclosure rules.19 The Office of
Technology Assessment found that "the Privacy Act as interpreted
by the courts and OMB guidelines offers little protection to individ-
uals who are the subjects of computer matching." 20
" The congressional findings in the Privacy Act state that the increasing use of computers
and sophisticated information technology, while essential to the efficient operations of the Gov-
ernment, has greatly magnified the harm to individual privacy that can occur from any collec-
tion, maintenance, use, or dissemination of personal information." Public Law 93-579, ? 2(a)(2).
12 A "system of records" is a defined term that means a group of records from which identifia-
ble information is retrieved by the name or other individual identifier assigned to an individual.
5 U.S.C. ? 552a(a)(5) (1982). Most personal information maintained by Federal agencies is kept in
systems of records subject to the Privacy Act.
13 The 1979 guidelines included a requirement for the preparation of a cost-benefit analysis.
The 1982 revision eliminated the cost-benefit requirement. This issue is discussed below in the
general discussion of the costs and benefits of computer matching. See text accompanying notes
55-98.
14 5 U.S.C. ? 552a(e)(4).
16 A "routine use" is a disclosure of information from a system of records that is compatible
with the purpose for which the information was collected. 5 U.S.C. ? 552a(aX7). An agency may
establish routine uses for each system of records in order to authorize necessary disclosures. 5
U.S.C. ? 552a(b)(3). Routine uses must be published to allow for public comment. 5 U.S.C.
? 552a(e)(11).
The Privacy Act also requires that an agency inform each individual asked to supply informa-
tion about the routine uses that will be made of the information. 5 U.S.C. ? 552a(e)(3). The disclo-
sure is supposed to be made on the form used to collect the data or on a separate form that can
be retained. Compliance with this requirement is an unresolved problem with matching. No per-
sonal notice is likely to be provided if a match is conducted after the "source" information has
been collected.
16 See generally Kirchner.
17 See text accompanying notes 109-116.
18 See 1987 Housing Matching Hearings at 31 (statement of Joseph Wright, Deputy Director,
Office of Management and Budget) (the Privacy Act is not interfering with the fight against
fraud, waste, and abuse).
"See also 1,987 House Matching Hearing at 123 (testimony of Ronald L. Plesser, American
Bar Association).
20 OTA Report at 57. Other Privacy Act provisions requiring accounting for disclosures, main-
tenance of accurate records, and safeguarding of information are applicable to information used
in matching activities.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
6
C. DUE PROCESS
The need for due process procedures in computer matching was
highlighted by a match conducted in Massachusetts in 1982. The
State matched welfare records against the account records of pri-
vate banks. The purpose was to identify welfare recipients who had
more assets than allowed by law."
Over 1,600 welfare recipients found to have excess assets were
automatically sent immediate termination notices. The Massachu-
setts Welfare Department did not take any action to verify or con-
firm the information used in the match nor did it seek an explana-
tion from the affected individuals before sending the termination
notices.22
The appeal rate of those who received the termination notices
was six times higher than the usual rate. Of those who appealed,
half of the errors involved mistakes in social security numbers. In
other words, 15 percent of all those sent termination notices re-
ceived them because of social security number errors." In some
cases, money was in joint accounts and did not belong entirely to
the welfare recipient. Money was sometimes held in trust for
others. Other funds were held for legal purposes such as paying fu-
neral expenses.2 4
This episode illustrates a problem with relying on raw results
from computer matches. Computer data cannot automatically be
assumed to be accurate, complete, or timely. Data should be veri-
fied before a Government agency takes any adverse action against
an individual. Due process also requires that the individual receive
notice of any proposed action and an opportunity to contest the
action.
Providing due process for people who become targets of investiga-
tion as a result of computer matching is not generally controver-
sial. For example, matching programs authorized under the Deficit
Reduction Act of 1984 must provide for verification of data and for
notice to individuals and an opportunity to contest adverse ac-
tions.25
OTA found that front-end verification raises similar due process
issues. OTA questioned whether applicants were receiving useful
notice of what types of records will be searched.26 OTA also ques-
tioned whether front-end verification conflicts with the require-
ment of the Privacy Act that information should be collected di-
rectly from the individual."
21 The Massachusetts bank match is discussed in 1982 Senate Hearings, passim. See also OTA
Report at 43.
22 See 1982 Senate Hearings at 129-139 (Affidavit of Allan G. Rogers, Director, Massachusetts
Law Reform Institute). There is also evidence that the termination notices were sent in violation
of the agency's standard practices. Id.
23 Id.
24 Id. See also 1982 Senate Hearings at 117-120 (testimony of John Shattuck, National Legisla-
tive Director, American Civil Liberties Union).
25 42 U.S.C.A. ? 1320b-7(cX2) (Supp. 1987). For a more detailed description of the mechanics of
verification and notification, see also the conference report on the Deficit Reduction Act, HR.
Rept. No. 98-861, 98th Cong., 2d Sess. at 1411-12, reprinted in 1984 U.S. Code Cong & Adm.
News at 1445, 2099-2100.
26 OTA Report at 78-80.
27 OTA Report at 80. See also 5 U.S.C. ? 552a(e)(2) (Each agency shall "collect information to
the greatest extent practicable directly from the subject individual when the information may
result in adverse determinations about an individual's rights, benefits, and privileges under Fed-
eral programs").
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
7
There is broad support for statutory due process standards. In
testimony about S. 496, Deputy OMB Director Joseph Wright said:
The provisions of this bill, especially those that provide
due process steps to ensure citizen rights, are the keys to
creating the kind of balance that is necessary to keep im-
portant government programs working efficiently and to
reassure a sometimes skeptical public that the government
is sensitive to their concerns about automation.28
The American Bar Association 29 and the American Civil Liberties
Union 30 also support statutory due process procedures for comput-
er matching.
D. NEED FOR ADMINISTRATIVE CONTROLS
1. Extent of Computer Matching.?No one know how much com-
puter matching is being done by Federal agencies. According to the
Office of Technology Assessment:
It is difficult to determine how much computer matching
is being done by Federal agencies, for what purposes, and
with what results. However, OTA estimates that, in the
five years from 1980 to 1984, the number of computer
matches nearly tripled.3
Any attempt to compile a list of computer matches will face sev-
eral complex problems. First, there are no clear definitions of what
constitutes a "computer match." 32 Second, there has been no accu-
rate accounting of the number of Federal matches.33 Third, docu-
mentation for past matching activities is hard to find.34
The exact number of matches taking place is not significant. The
limited information available shows clearly that computer match-
ing has been a growth industry during the 1980's. If counted, the
number of matches would be in the thousands; the number of
records matched would be in the billions.35
There is a similar lack of information about front-end verifica-
tion. There has been an increase in the use of front-end verification
in Federal and State programs. But OTA found that there is no
comprehensive information on the use of front-end verification by
Federal agencies.36
2. Legally Required Matching.?Some matching is mandated by
law. A 1986 OTA report identifies seven Federal statutes that au-
thorize the use of computer matching.37 Other laws support front-
28 1987 House Matching Hearings at 23.
29 Id. at 117-139 (testimony of Ronald Plesser).
30 Id. at 94-113 (testimony of Janlori Goldman, staff attorney, American Civil Liberties
Union).
31 OTA Report at 46.
32 Id.
33 Id.
34 Id. See generally GAO Decisionmaking Report at 5-6 (limited documentation available for
many computer matches reviewed).
35 OTA Report at 49 ("the total number of records matched was reported to be over 7 billion
due to multiple matches of the same records.").
36 OTA Report at 74-75.
37 Tax Reform Act of 1976 (Public Law 94-455); Social Security Amendments of 1977 (Public
Law 95-216); Food Stamp Act Amendments of 1977 (Public Law 96-58);-Food Stamp Amend-
ments of 1980 (Public Law 96-249); Food Stamp and Commodity Distribution Amendments of
Continued
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
, Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
8
end verification and other matching-like and data sharing activi-
ties.38
OTA concluded that congressional actions "appear to be contra-
dictory." 3 9 While Congress has directed or acquiesced in computer
matching by Federal agencies, OTA found that Congress also im-
posed restrictions on agency disclosure of personal information.
The most important restrictions are in the Privacy Act of 1974,4?
which establishes controls on the collection, maintenance, and dis-
closure of personal information.
But it would be more accurate to describe Federal law in this
area as disjointed rather than contradictory. The Privacy Act pre-
dates the computer matching era, and some of its substantive dis-
closure restrictions have been ignored or avoided by the agencies.'"
3. Agency Initiated Matching.?Much computer matching has
been undertaken without specific legislative direction. The PCIE
has encouraged agencies to use computer matching. PCIE programs
included a long-term matching project; Project Clean Data (stand-
ardization of data elements; improved data accuracy and reliabil-
ity); and an inventory of State matching software packages.'" Com-
puter matching has also been promoted by the General Accounting
Office.43
But despite some central direction within the executive branch
in later years, a considerable amount of computer matching was
undertaken by agencies without any criteria, planning, or docu-
mentation. A 1986 GAO report prepared at the request of Repre-
sentative Ted Weiss described the shortcomings in the decision-
making process:
In general, for many of the matches we discussed with
agency officials, little written documentation was available
on the development of a match between its initial concep-
tion and its actual implementation. Written descriptions of
the criteria or factors considered in the decision to perform
a match were lacking.44
In testimony before the Subcommittee on Government Informa-
tion, Justice, and Agriculture, Eleanor Chelimsky, Director of
GAO's Program Evaluation and Methodology Division, elaborated
on the informality of the process by which decisions to conduct
computer matches were made:
[I]n examining how decisions about computer matches
have been made in federal agencies, we noted a generally
1981 (Public Law 97-98); Department of Defense Authorization Act of 1983 (Public Law 97-252);
Deficit Reduction Act of 1984 (Public Law 98-369). OTA Report at 46. This list is not necessarily
current or complete. Additional matching may have been authorized in later legislation.
38 OTA Report at 43-46,74-78.
39 Id. at 43.
49 5 U.S.C. ? 552a (1982).
4 See text accompanying notes 109-116.
42 OTA Report at 43. See also 1986 Senate Hearings at 56-61 (testimony of Joseph R. Wright,
Jr., Deputy Director, Office of Management and Budget).
43 See, for example, 1982 Senate Hearings at 176 (testimony of Wilbur D. Campbell, Director,
Accounting and Financial Management Division, General Accounting Office) ("[W]e believe that
computer matching can be a very cost-effective tool for detecting error and fraud in Government
entitlement programs and for identifying actions needed to strengthen program controls."). But
see note 64.
44 GAO Decisionmaking Report at 6.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
9
informal approach. The agencies presently have only gen-
eral guidance for documentation and for what should be
considered and how it should be considered in the match
decision process. We found no specific written criteria for
determining whether or not a proposed match should be
implemented, little documentation of what has been con-
sidered, and wide variation in the use of systematic plan-
ning procedures for developing and implementing matches.
We found that the existence of improved technological ca-
pacity, legislative requirements, the extent and magnitude
of the problems that were experienced (for example, over-
payments being made because of unreported deaths), and
concern for detecting and preventing waste, fraud, and
abuse were more prominent in the agency decisionmaking
than the quantification of costs or benefits. Indeed, our
work clearly shows that decisions to perform or continue a
computer match are often made without systematic consid-
eration of those costs and benefits.45
Another GAO report discussed the lack of an effective compli-
ance enforcement mechanism for the Privacy Act:
The Office of Management and Budget [OMB] has issued
matching guidelines applicable to all Federal agencies
under the Privacy Act who are doing matches or providing
data for nonfederal matches and a checklist to help agen-
cies comply with the guidelines. OMB also has issued a
"Model Control System and Resource Document" for com-
puter matching. Moreover, HHS' inspector general has
published guidelines for State managers of the AFDC,
Food Stamp, and Medicaid programs to aid in decisions on
state matches. However, existing Federal guidance appears
to lack an effective compliance enforcement mechanism.46
OTA also found that, despite procedural guidelines for matching,
there is little oversight or followup:
Program personnel appear to have substantial discretion
in deciding whether or not to use computer matching as
an audit technique or means to detect fraud, waste, and
abuse. There are few internal agency checks. The Inspec-
tor General's Office may be involved in planning a com-
puter match; and the General Counsel's Office and the Pri-
vacy Act officer may be involved. But it appears that there
are no agency or general policy guidelines regarding what
types of information should be matched, against which
records of what other agencies, and for what purposes.
These substantive issues are rarely addressed.47
A 1983 oversight report on the Privacy Act of 1974 by this com-
mittee reviewed OMB's oversight of matching activities." The
46 1987 House Matching Hearing at 70.
46 GAO Eligibility Verification Report at 12. (Footnote omitted.) (Emphasis supplied.)
"OTA Report at 53. (Emphasis supplied.)
48 1983 House Privacy Act Oversight Report at 36.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17
CIA-RDP91B00390R000200200009-7
10
committee concluded that OMB does not monitor agency compli-
ance with its own matching guidelines:
OMB's oversight record for computer matching oper-
ations also leaves something to be desired. Under the 1979
matching guidelines, agencies conducting matches were
obliged to file matching reports with OMB in advance of
the conduct of a matching operation. In the 1982 revisions,
this was changed to require the filing with OMB of a brief
description of a match and the publication of the descrip-
tion. . . in the Federal Register "as close to the initiation
of the matching program as possible."
It is not apparent what OMB did with the notices or
matching reports that it required agencies to file. Al-
though hundreds of matches have been conducted, the
Senate Subcommittee on Oversight of Government Man-
agement was unable to find any record of OMB ever reject-
ing any matching proposal.
OMB has made no effort to enforce the minimal notice
and publication requirements of its 1982 guidelines. In
August, 1982, the Department of Education initiated a
computer match of records for purposes of identifying fed-
eral employees who had defaulted on student loans. Under
the applicable guidelines, the Department was required to
publish a Federal Register notice before starting the
match. The notice was not published until December 7,
1982.
When questioned about the Education Department's dis-
regard of the matching guidelines, OMB responded by stat-
ing that its guidance is not binding on agencies, that OMB
does not routinely monitor the operation of matching pro-
grams to ensure compliance with the guidelines, that the
OMB did not correspond with the Education Department
regarding this incident.49
The lack of OMB oversight and enforcement of its own guidelines
is well illustrated by a problem encountered by the GAO during a
study of matching. GAO needed to select a scientific sample of
matches for its study. But GAO was unable to draw its sample
using the OMB matching reports because OMB did not receive re-
ports on all matches.5?
Similar problems exist for front-end verification as well. OTA
found that there are no general Federal guidelines, statutory or ad-
ministrative, governing the use of front-end verification. The OMB
matching guidelines specifically exclude record searches that are
conducted at the application stage.5'
Finally, even OMB has recognized that there are shortcomings
with existing administrative controls. In testifying before the
House on S. 496, Joseph Wright, Deputy Director of OMB, said:
4? 1983 House Privacy Act Oversight Report at 23-4 (footnotes omitted). The reference in the
quote to the conclusions of the Senate Subcommittee can be found in 1982 Senate Hearings at 81
(Statement of Senator William Cohen).
5? 1987 GAO Cost Benefit Report at 13.
51 OTA Report at 81.
Declassified and Approved For Release 2013/01/17
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
11
But, even with this kind of public support, the problem
remains that citizens are worried that the power the Gov-
ernment has over their lives can be amplified in possibly
harmful ways by computers. After all, that concern was
one of the forces that brought about the Privacy Act of
1984. Matching contributes to this perception, and admin-
istrative procedures like those prescribed by OMB guide-
lines, can only go so far to allay public concern. Although
we think that the Matching Guidelines have worked very
well to control the problem, we in the Administration have
supported the development of a comprehensive legislative
solution that will ensure that the government's legitimate
need to use this technology and the privacy and other
rights of record subjects are put in balance.52
It is apparent from these studies and reports that, over the
course of a few years, computer matching has burgeoned into a
major Federal activity. Both the executive and legislative branches
have encouraged the growth of matching. However, few adminis-
trative controls, procedures, or guidelines are in place." Guidance
issued by OMB has been largely ignored by agencies and unen-
forced by OMB. There is no meaningful oversight of computer
matching in the Executive Branch.54
E. THE COSTS AND BENEFITS OF COMPUTER MATCHING
1. The Importance of Cost-Benefit Analysis.?Those who promote
the use of computer matching contend that a principal is savings to
the Government through reductions in fraud, waste, and abuse in
Government benefit programs.55 There is little doubt that match-
ing is one of several management techniques that can be useful in
identifying and limiting program losses.
However, it is equally apparent that computer matching raises
serious concerns about fourth amendment rights, privacy rights,
and computer linkage.56 Given the existence of these substantial
concerns, matching should be restricted to those circumstances
where it is demonstrably beneficial and where less intrusive tech-
niques are clearly inadequate.
52 1987 House Matching Hearing at 22.
53 The committee is aware that OMB and the PCIE have developed a model control system for
conducting computer matching projects. See, for example, 1987 House Matching Hearings at 31
(testimony of Joseph Wright, Deputy Director, Office of Management and Budget); OTA Report
at 54-55. See also 1986 Senate Hearings at 154-176. There is some evidence that more recent
computer matches have been more formally planned. See GAO Decisionmaking Report. Never-
theless, there is no evidence that there is any oversight or followup any of the procedural guide-
lines issued by OMB. See, e.g., OTA Report at 53.
54 Computer matching has become a public policy concern in Canada in recent years. A
March 1987 report by a committee of the Canadian Parliament found shortcomings in the Cana-
dian privacy laws similar to those in American law. The committee recommended increased
oversight and controls as a response to computer matching. See Standing Committee on Justice
and Solicitor General, Open and Shut: Enhancing the Right to Know and the Right to Privacy,
33rd Pan., 2d Sess. 43-4 (1987) (Report on the Review of the Access to Information Act and the
Privacy Act) [hereinafter cited as "Canadian Parliament Report"].
55 See, for example, OTA Report 50-51.
56 See, for example, American Bar Association, Section of Individual Rights and Responsibil-
ities, Report to the House of Delegates (1986), reprinted in 1987 House Matching Hearing at 130.
For a discussion of computer linkage, see text accompanying notes 99-109.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
r
Declassified and Approved For Release 2013/91/17:
CIA-RDP91B00390R000200200009-7
12
One useful measure of the value of an audit and management
technique like computer matching is its cost effectiveness. The
GAO elaborated on the purpose and value of cost-benefit analysis:
One purpose of cost-benefit analysis is to provide deci-
sionmakers with information that will help them deter-
mine whether to implement or continue a program. The
most apparent value of the cost-benefit analysis is that it
summarizes a variety of information in a single number
that gives a clear message, as long as the measurement as-
sumptions underlying the analysis are satisfactory. It also
has some secondary benefits, one of which is that it pro-
vides information on the magnitude of individual cost and
benefit elements that can, in turn, provide insights con-
cerning correctable process inefficiencies.
Cost-benefit analyses, if conducted properly, can deter-
mine the value of matching operations for achieving effi-
ciency improvements and cost savings in programs whose
beneficiaries are being matched. Information about the
magnitude of match benefits may be especially relevant in
consideration of the costs that matching might pose to in-
dividual privacy and the right to due process. Also, the
very process of examining match activities carefully and
measuring their costs and benefits may indicate areas in
which changes should be considered in match operations.57
An emphasis on cost effectiveness for matching is important be-
cause resources for programs to detect fraud, waste, and abuse are
limited. If scarce dollars are spent on programs that are more visi-
ble but less effective, then the results will be a smaller reduction in
Government expenditures than might otherwise occur.
A recent OTA report expands on the value of determining cost
effectiveness:
Computer matching is a technique that has been used
primarily to detect client fraud, which is only one compo-
nent of fraud, waste, and abuse. In order to accurately de-
termine the cost effectiveness of computer matching, the
extent of client fraud must first be documented. If client
fraud accounts for only a small percentage of total fraud,
waste, and abuse, then other techniques to detect other
types of fraud, waste, and abuse may be more cost effective
overall. In this respect, one author cited the 1978 Annual
Report of the HEW inspector general, which estimated
that the Department lost between $5.5 and $6.5 billion
through management inefficiencies, program misuse, and
fraud. In this instance, management inefficiencies and pro-
gram misuse accounted for 97 percent of the inspector gen-
eral's estimate of losses, while client fraud accounted for
only 3 percent.58
57 GAO Cost Benefit Report at 22.
58 OTA Report at 40. (Footnote omitted.)
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
13
The OTA report suggests that an undue emphasis on computer
matching may allow larger program losses to go undetected while
relatively smaller amounts of fraud are pursued vigorously.
2. Is Computer Matching Cost Effective??The cost effectiveness
of computer matching has yet to be clearly demonstrated. This is
the conclusion that can be drawn from recent, studies by GAO and
OTA.
OTA found no firm evidence on the costs and benefits of match-
ing:
As yet, no firm evidence is available to determine the
costs and benefits of computer matching and to document
claims made by OMB, the inspectors general, and others
that computer matching is cost effective.59
A GAO study requested by Representative Ted Weiss took a
broad look at the problem of determining' the cost effectiveness of
computer matching. GAO was not asked to determine if matching
was cost effective.6?
GAO found that there was no well-developed methodology for as-
sessing cost effectiveness of computer matching:
[W]e did not discover a well established methodology for
performing cost-benefit analysis of computer matching. In-
stead, although cost-benefit analysis has had a venerable
development and application in other areas, we found this
has not been the case in the particular area of computer
matching, rather research in this field is still quite imma-
ture.6'
In other words, despite a 10-year history of matching and despite
repeated reference to the importance of cost-benefit analysis by
OMB, the PCIE, and inspectors general, no one has developed a re-
alistic methodology for conducting a cost-benefit analysis of match-
ing. It is apparent that the physical matching of records can be
done more efficiently by computer rather than manually. The pur-
pose of cost-benefit analysis of computer matching is to determine
if the entire matching operation is cost effective.
GAO selected for detailed examination a sample of matches, in-
cluding a few for which some type of cost-benefit information was
available.62 GAO found serious deficiencies in all cost-benefit re-
ports that had been done. The deficiencies included:
Reports varied considerably in terms of when and how they
were prepared.
Most reports were incomplete or not reported in monetary
terms or both.
Reports included analyses of benefits much more often than
costs.
Deterrence was often claimed as a benefit but not measured.
59 OTA Report at 50.
60 GAO Cost Benefit Report at appendix 1.
61 1987 House Matching Hearing at 65 (testimony of Eleanor Chelimsky, Director, Program
Evaluation and Methodology Division, General Accounting Office).
62 GAO was unable to draw a statistically valid sample of computer matches. "We did not use
a rigorous sampling approach to select matches, because we could not for sampling purposes
confidently delineate a population of matches for which some form of cost-benefit analysis had
been performed." 1987 GAO Cost Benefit Report at 13.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17
CIA-RDP91B00390R000200200009-7
14
Some benefits measurements were inadequately or inappro-
priately presented. For example, overpayments were often re-
ported, as the maximum amount possible rather than the
actual or expected amount.
None of the match analyses made use of discounting the
present value of future revenues, a technique GAO described
as the "most hallowed and conventional of cost benefit tech-
niques." 33
Based on GAO's work, it is apparent that none of the few cost-
benefit analyses done by Federal agencies is significant or useful."
This supports the conclusion of OTA that the cost effectiveness of
matching has not been established.
There is a similar lack of information on the cost of front-end
verification. OTA found that there has been no comprehensive
study of how to conduct front-end verification in the most cost-ef-
fective manner. Front-end verification may be cheaper than com-
puter matching, but there are some high initial overhead costs.
Also, costs are directly tied to data quality.65
3. The Need for Legislation. ?H.R. 4699 makes the preparation of
a cost-benefit analysis a requirement in the approval process for a
computer match. A Data Integrity Board may not approve any
matching agreement unless a cost-benefit analysis demonstrates
that the match is likely to be cost effective. The requirement may
be waived pursuant to guidelines issued by the Director of OMB.
The history of the OMB matching guidelines shows why legisla-
tion is needed. In 1979, OMB issued the first computer matching
guidelines.66 The guidelines specifically required that agencies con-
ducting matching prepare estimates of the costs and benefits.
OMB's instructions on preparing these estimates, although incom-
plete, were detailed. Agencies were directed to undertake only
those matches for which a "demonstrable financial benefit can be
realized which significantly outweighs the cost of the match." 67
63 1987 House Matching Hearing at 65-6 (testimony of Eleanor Chelimsky, Director, Program
Evaluation and Methodology Division, General Accounting Office).
64 Some divisions of GAO have been major proponents of computer matching. See, e.g., 1982
Senate Hearings at 176 (testimony of Wilbur D. Campbell, Director, Accounting and Financial
Management Division, General Accounting Office). But the divisions of GAO that supported
matching did not develop a cost-benefit methodology. Since the development of guidance on the
conduct of cost-benefit analyses of matching was only undertaken at the request of a Member of
Congress, the basis for GAO's earlier assertions is unclear. The lack of a preexisting cost-benefit
methodology at GAO calls into question much of GAO's earlier work on computer matching.
In fact, the objectivity of that earlier GAO work has already been questioned. See the letter
from Glenn English, Chairmam, Subcommittee on Government Information, Justice, and Agri-
culture, to Charles Bowsher, Comptroller General (March 13, 1985) (criticizing GAO Eligibility
Verification Report).
At the hearing, the Director of the GAO division that developed the cost-benefit guidance was
asked whether GAO would routinely use the guidance in the future. She was unable to provide
a positive response. She did state that she had "noticed a great deal more interest in costs in
recent publications that I had seen before, and I think our work will probably have some effect,
but I can't say anything firm on that score." 1987 House Matching Hearings at 90 (testimony of
Eleanor Chelimsky, Director, Program Evaluation and Methodology Division, General Account-
ing Office).
Thus, even after the development of the cost-benefit methodology by GAO, its use during GAO
audit work remains uncertain.
65 OTA Report at 80-81.
66 1979 OMB Matching Guidelines,
67 Id at 5.a.
The entire subparagraph reads:
Development of matching programs.?A matching program should be undertaken only if a de-
monstrable financial benefit can be realized which significantly outweights the costs of the
Continued
Declassified and Approved For Release 2013/01/17
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
15
The 1979 guidelines included requirements for the conduct of the
required cost-benefit study. Although these requirements did not
encompass all the important elements of cost-benefit analysis?for
example, discounting of savings to reflect the time value of
money?the guidelines were a step in the proper direction.
The major problem with the 1979 guidance was that it was gen-
erally ignored by the agencies. There is no evidence that agencies
took the cost-benefit requirement seriously. Few, if any, thorough
cost-benefit studies were conducted.68
In 1982, OMB revised the matching guidelines and dropped the
cost-benefit requirement." According to an analysis by the Con-
gressional Research Service, the elimination of the cost-benefit lan-
guage was one of the principal changes in the revisions.70
The changes in the OMB guidelines were made at the urging of
the PCIE and the inspectors general who promoted the use of
matching." According to Richard Kusserow, HHS inspector gener-
al and former co-chair of the PCIE's long-term computer matching
project, the paperwork burdens were the most substantial problem
with the guidelines.72 Mr. Kusserow stated that the PCIE support-
ed undertaking cost-benefit analysis but preferred to use pilot
matches to develop estimates."
The support for cost-benefit analyses expressed by Mr. Kusserow
at the hearings is difficult to assess. Despite his support, the re-
quirement was dropped entirely from the 1982 revised guidelines,
and nothing comparable was put in its place. If realistic cost-bene-
match and any potential harm to individuals that could be caused by the matching program,
e.g., public disclosure of information about an individual or improper termination of a benefit.
The matching agency should consider alternative means of detecting or curtailing fraud and
abuse or collecting debts owed to the Federal Government, and should undertake a matching
program only if the alternative are less effective, more expensive or would present a greater
threat to personal privacy. An analysis of the benefits, costs, potential harm, and alternatives
considered should be prepared and documented by the agency proposing to conduct the match.
The analysis should, as a minimum, include:
(1) Estimated losses resulting from fraud, abuse, error, or loan defaults.
(2) Estimates of the number of individuals who are receiving or have received benefits for
which they are ineligible, or who have defaulted on loans.
(3) The amount which could potentially be recovered or saved by identification of those
individuals and the termination of improper payments or the collection of delinquent debts.
(4) Potential savings which could be achieved through deterrence of ineligible applicants
or through other improvements in the program management (e.g., reduced error rates),
based on the matching program.
(5) Estimates of the reimbursement costs to be paid to the matching source for the acquisi-
tion of records for the matching programs.
(6) Estimates of any cost involved in the actual matching itself, including costs of plan-
ning the match, time or effort necessary to make the sets of personal records compatible
and the computer time required for the match.
(7) Estimates costs of follow-up on individual "hits," including verification of individuals'
records, locating the individuals, any planned counseling of those individuals, collection ef-
forts, and litigation.
(8) An assessment of the extent to which the conduct of the matching program could dis-
courage individuals from exercising their rights.
(9) An analysis of alternative means for curtailing fraud that were considered and reject-
ed, including a full description of the reasons why they were not considered viable alterna-
tives to conducting a matching program.
68 See, for example, OTA Report at 50 (Only three out of 37 agencies did cost-benefit analyses
prior to computer matching).
69 1982 OMB Computer Matching Guidelines.
70 The CRS analysis is reprinted in 1982 Senate Hearings at 273.
" See, for example, 1986' Senate Hearing at 57-58 (testimony of Joseph Wright, Deputy Direc-
tor, Office of Management and Budget).
72 1.987 House Matching Hearings at 51-52. Mr. Kusserow's concerns are difficult to evaluate
in so far as they applied to cost-benefit requirements because there is so little evidence that
agencies followed the guidelines and conducted meaningful cost-benefit analyses.
73 Id. at 52.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
16
fit studies were conducted in the absence of the OMB requirement,
GAO was unable to find them.
Second, Mr. Kusserow was asked to provide a copy of the most
comprehensive cost-benefit analysis done by his office.74 He provid-
ed only one very sketchy report.75 This was apparently the only
cost-benefit analysis done in the HHS Inspector General's office.
Mr. Kusserow's response continued the standard practice of citing
matches that generated large savings. But he offered no documen-
tation of the savings or the costs of the matches.76
The history of computer matching shows that legislation requir-
ing cost-benefit studies is needed. Without a specific legislative di-
rective and enforcement mechanism, the matching bureaucracy
will not conduct satisfactory cost-benefit studies. Joseph Wright,
Deputy Director of OMB, testified in favor of the Senate bill (S.
496) and in favor of using cost-benefit analysis to measure the
value of at least some matching activity.77
4. Elements of a Cost-Benefit Analysis?Without the use of a con-
sistent and complete method of assessing cost and benefits, it is dif-
ficult to assess fairly the cost effectiveness of computer matching.
The problem is best illustrated by specific example. In 1982, HHS
Inspector General Richard Kusserow testified about a New York
State match of welfare recipient records with employer supplied
wage data. He stated that for the period from 1979 through 1983,
savings would total $114 million and costs would be $28.1 million.78
Mr. Kusserow provided no figures to document the costs or bene-
fits, nor did he describe how the estimates were calculated.
At the same hearing, Norma Rollins, director of the Privacy
Project of the New York Civil Liberties Union, offered the commit-
tee a detailed analysis of the same match. The analysis showed
that: (1) the actual costs of operating the wage reporting system
used in the match were far greater than the State admitted; (2)
there were hidden costs to employers that were not included in the
calculation; (3) estimates of savings included millions of dollars
that cannot or will not actually be saved; and (4) losses to public
assistance and unemployment programs due to deliberate fraud
and abuse could be detected by less cumbersome and less wasteful
means.7 9
Without an objective method of assessing the cost effectiveness of
computer matches, it is impossible to resolve the differences be-
tween the points of view expressed by Mr. Kusserow and Ms. Rol-
lins. Without a realistic yardstick, resources may be wasted on in-
effectual matches while other more effective fraud, waste, and
abuse reduction techniques remain unfunded. Undocumented and
possibly exaggerated claims of the returns from computer matching
may have encouraged the Congress to include matching require-
ments in legislation.
The complexity of cost-benefit analysis for matching is shown by
the history of quarterly wage reporting. In the past, all employers
74 Id. at 47 (question 2).
75 Id. at 64.
78 Id. at 50-51.
77 Id. at 31-5.
78 1982 Senate Hearings at 11.
79 Id. at 428.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
17,
were required to file quarterly reports with the Treasury on wages
paid to employees. The 1976 law made the requirement annual.8?
iThe Senate report explained that the savings to employers could be
as much as $235 million annually:
The preparation and filing of this quarterly report in-
volves considerable effort and expense on the part of em-
ployers particularly in the case of small- and medium-sized
companies which do not have the advantage of computer-
ized payroll systems. An April 17, 1973 report issued by
the Select Committee on Small Business stated that its
Subcommittee on Government Regulation had found stud-
ies indicating that the annual cost to small employers of
submitting this form might total as much as $235 mil-
lion.81
In 1982, it was estimated that quarterly wage reporting in New
York State alone could be costing employers as much as $30 mil-
lion annually.82 The savings to employers in current dollars could
be much higher.
The problem with annual wage reporting is that the data is too
old to be useful for matching.83 As a result, pressures arose to re-
store quarterly reporting. For example, New York reinstituted
quarterly reporting in 1978.84 By 1985, 41 States required quarter-
ly wage reporting." In the Deficit Reduction Act of 1984, Congress
reimposed a form of quarterly wage reporting on employers."
Thus, the reform of 1976 was entirely reversed.
As a result, employers once again faced millions of dollars of ad-
ditional costs?and probably hundreds of millions of dollars?in
order to fuel the computer matching system. While these costs are
impossible to allocate when calculating the costs and benefits of
any particular computer match, the costs are just as real as they
are hidden.8 7
Another example illustrates a different aspect of the cost-benefit
issue. In support of the proposition that computer matching is cost
effective, proponents sometimes cite a study conducted by research-
ers David Greenberg and Douglas Wolf.88 For the matching
projects, Greenberg and Wolf concluded that the benefits out-
weighed the costs by "substantial amounts." For the four projects
studied, the ratio of benefits to costs ranging from a low of 1.19 to a
high of 2.67.89
80 Act of January 2, 1976, Public Law 94-202, 89 Stat. 1135.
81 Senate Rept. No. 94-550, 94th Cong., 1st Sess. (1975), reprinted in 1975 U.S. Code Cong. &
Ad. News 2347, 2355.
82 NYCLU Foundation, An Evaluation of New York State's Wage Reporting System: The Real
Cost of Computer Matching 14 (1982) [hereinafter cited as "NYCLU Matching Report ], reprint-
ed in 1982 Senate Hearings at 421, 434.
83 See General Accounting Office, A Central Wage File for Use by Federal Agencies: Benefits
and Concerns 3 (1985) (GAO/HRD-85-31) [hereinafter cited as "GAO Central Wage File Report"].
84 NYCLU Matching Report at 7.
85 GAO Central Wage File Report at 5.
86 Public Law No. 98-369, 98 Stat. 1147-8 (1984).
87 Since the quarterly wage reporting was being done at the State level, it was inevitable that
a proposal would be made to create a national data bank containing the shared information. See
GAO Central Wage File Report. For a discussion of concerns about the establishment of national
data banks in general, see text accompanying notes 99-109.
88 "Is Wage Matching Worth All the Trouble?", 43 Public Welfare 13 (1985) [hereinafter cited
as "Greenberg/Wolf"].
89 Id at 18.
Declassified and Approved For Release 2013/01/17:
.01A-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
DIA-RDP91B00390R000200200009-7
18
This study is the most professional and complete of all existing
cost-benefit analyses of matching. But even this study has short-
comings. For example, the stream of future benefits from matching
was not discounted to reflect the time value of money. This is a
standard technique in cost-benefit studies.9?
Regardless of the importance of discounting to the study's conclu-
sions, it is difficult to extrapolate from the study to other matching
activities. The authors recognized that they only reviewed pro-
grams that were functioning well:
For example, the employer-reported data used by these
systems clearly were adequate in terms of coverage, con-
tent, and timeliness. Equally important: follow-up proce-
dures were well-structured, adequate resources were avail-
able for follow-up, and supervisors were genuinely commit-
ted to the program. Without such conditions, it certainly is
possible that wage matching could prove ineffective."
Thus, it is possible that a computer match found to be cost effective
in one jurisdiction or agency might not be cost effective in another.
Only a separate evaluation will tell.
The ratios reported in the Greenberg/Wolf study raise another
issue. All four matching programs were found to be cost effective.
The margin in one was very narrow (1.19). The best had a ratio of
only 2.67. Even accepting these numbers as wholly accurate, the
return on the computer matching investment is not necessarily as
impressive as it appears at first glance."
A particular computer match may be cost-effective when evaluat-
ed independently. But this does not mean that the match is the
best investment of Government money. For example, every dollar
spent by the Internal Revenue Service yields a return of $14.93
This compares with the highest return found by Greenberg and
Wolf of less than $3.
Given the large amount of management inefficiency in many
Government programs," a high return can be expected from any
investment in improved management. The impressive yield from
an investment in IRS enforcement may not be unusual. Based on
the Greenberg and Wolf study, a dollar spent on matching returns
only a quarter as much.
The real issue is what is the best use of scarce management dol-
lars. Matching is not the only alternative. The Government cannot
always fund every activity, even if the net return will be positive.
Only the most productive activities should be funded. Cost-benefit
analysis is an objective way to make choices.
There is a special need for a more formal evaluation of computer
matching. GAO has demonstrated that decisions to conduct
matches have been made casually in the past." More careful selec-
9? 1987 House Matching Hearing at 66 (testimony of Eleanor Chelimsky, Director, Program
Evaluation and Methodology Division, General Accounting Office).
91 Greenberg/Wolf.
92 The subtitle of the Greenberg/Wolf article is "The Results are Not Spectacular But . . .".
93 Frank Malanga, Director, Research Division, Internal Revenue Service.
94 See text accompanying note 58.
95 GAO Decisionmaking Report.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
IA-RDP91B00390R000200200009-7 19
tion of matching programs should increase the overall efficiency of
Government.
The GAO study done for Representative Ted Weiss contains the
most comprehensive approach to determining the costs and bene-
fits of computer matching.96 GAO was asked to develop a method-
ology. Eleanor Chelimsky, Director of the GAO Division that pro-
duced the report, declined to call the results a formal methodolo-
gy.97 Nevertheless, the GAO guidelines are a thorough and consist-
ent approach to calculating a cost-benefit ratio. They allow a sys-
tematic analysis of many costs and benefits relevant to the differ-
ent purposes of computer matching.9 8
F. OTHER ISSUES
There are other concerns about computer matching that are not
addressed in the legislation except in the rules of construction in
section 9. The rules of construction provide that nothing in the
amendments made by H.R. 4699 shall be construed to authorize the
establishment of a national data bank or the direct linking of com-
puter systems. In addition, the bill should not be construed to au-
thorize the computer matching of records not otherwise authorized
by law, or the disclosure of records for computer matching except
to a Federal, State, or local agency.
1. Establishment of a National Data Bank and Computer Link-
age.?Public opinion polls have consistently found that privacy is a
significant and enduring concern of Americans.99 About half of the
public views computers as a threat to privacy.1" Americans have
a more negative view of centralized files and data banks: 78 per-
cent believe that a master computer file would violate their priva-
cy).
These poll results are relevant because an underlying issue with
computer matching is the linkage of computers and the de facto
creation of a national data bank.'" Much matching involves the
regular exchange of large computerized files by Government agen-
cies. But for the match, these records would remain entirely sepa-
rate.
The maintenance of separate records systems is an important
element in the protection of privacy. The Privacy Act of 1974 was
passed in part in order to maintain the separation of disparate
records. Because personal information is necessary to the operation
of government programs, the separation of systems of records pro-
96GAO Cost Benefit Report.
97 1987 House Matching Hearings at 66.
98 H.R. 4699 recognizes that cost-benefit analysis may not be necessary before every computer
match. The bill authorizes the Director of OMB to issue guidelines on the issue. See new subsec-
tion (u)(4) of the bill.
99 See, for example, Privacy and 1984: Public Opinions of Privacy Issues: Hearing before a
Subcommittee of the House Committee on Government Operations, 98th Cong., 1st Sess. (1984);
OTA Report, at 26-29; Public Reaction to Privacy Issues: Hearing before a Subcommittee of the
House Committee on Government Operations, 96th Cong., 1st Sess. (1979).
1" A summary of recent polls can be found in OTA Report at 27.
1" Id. at 28.
102 An earlier proposal for the establishment of a national data bank?a centralized govern-
ment-wide computer and communications network?was killed in the mid-1970s as a result of
strong congressional and other opposition. The project was known as FEDNET, and the opposi-
tion was principally based on privacy grounds. See General Accounting Office, Improved Plan-
ning?A Must Before A Department-wide Automatic Data Processing System is Acquired for the
Department of Agriculture (1975) (LCD-75-108).
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
-2,1A-RDP91B00390R000200200009-7
20
vides some protection against the accumulation of excessive and
unnecessary amounts of personal data.
The Privacy Protection Study Commission pointed out in 1977
the consequences of the establishment of personal profiles of indi-
viduals:
The possession of such profiles invites the use of them
for marketing, research, and law enforcement, and, in an
electronic funds transfer environment, could provide a way
of tracking an individual's current movements. The dra-
matic shift in the balance of power between government
and the rest of society that such a development could por-
tend has persuaded the Commission of the compelling need
to single it out for special public-policy attention and
action.1?3
Opponents of matching have also objected because matching vio-
lates the Fourth Amendment protections against unreasonable
searches and seizures and the presumption of innocence. 04 Iron-
ically, one of the responses to these concerns?front-end verifica-
tion?has exacerbated the problems of computer linkage. Front-end
verification involves checking the eligibility of a particular individ-
ual at the time of application for a benefit program rather than a
general search of computer records. 1?5
Since fewer records are involved, front-end verification appears
less intrusive. But front-end verification can result in the direct,
on-line linking of computers and record systems that might other-
wise be unconnected. A witness from the American Civil Liberties
Union elaborated:
The current Government trend is to increase frontend
verification of applicant information for all government
benefit programs. Frontend verification reduces benefit
payment "errors" by detecting noneligibility before rather
than after a citizen receives benefits. Although some argue
that it also constitutes a lesser intrusion on citizen privacy
because the procedure involves a search through a particu-
lar citizen's file rather than a "general search" through
all files, the ACLU believes that the unchecked growth of
verification systems linking various data bases of personal
information on every citizen poses a serious danger to indi-
vidual autonomy and privacy.106
OTA's recent report on computers and privacy included several
specific findings about front-end verification. The most striking
finding is that use of front-end verification is creating a de facto
national data base covering nearly all Americans.'"
103 Privacy Protection Study Commission, Personal Privacy in an Information Society 9 (1977).
104 see, for example, 1982 Senate Hearings at 100-102 (testimony of John Shattuck, national
legislative director, American Civil Liberties Union).
06 OTA Report at 67-8.
106 1987 House Matching Hearings at 110 (statement of Janlori Goldman, staff attorney,
American Civil Liberties Union).
107 OTA Report at 68. A more recent OTA background paper raises similar issues. See Office
of Technology Assessment, Electronic Delivery of Public Assistance Benefits: Technology Options
and Policy Issues 28-30 (1988) (OTA-BP-CIT-47).
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7 21
The committee agrees that concerns about increased linkage of
Government computers are legitimate. However, verifying the eli-
gibility of program applicants at the front end is a reasonable ap-
proach and one that the committee is not prepared to discourage.
The issues raised by computer linkage are much broader than are
encompassed in computer matching. Restricting or prohibiting
front-end verification is not practical, and no one has formally pro-
posed such limitations. The concerns are real, but other solutions
to computer linkage problems will have to be found.
The problem of computer and record linkage was very well
stated in a report recently issued by a committee of the Canadian
Parliament. In a discussion of computer matching, the committee
stated:
The process of government would indeed be more effi-
cient if we were all watched and monitored; the problem is
to establish acceptable and tolerable limits to computer
matching. There is an especially strong resistance to far-
flung matching operations that involve access to a broad
array of personal data from various government institu-
tions. The current mechanisms to regulate such practices
are inadequate. In particular, a balance must be achieved
between the privacy interests of individuals and other soci-
etal values, such as the reduction of fraud and waste.'"
H.R. 4699 is not intended to create any specific barriers to com-
puter linkage. But the committee does not want the bill to be con-
strued as supporting, encouraging, or directing the linkage of com-
puters or the establishment of any type of national data bank that
combines, merges, or links information on individuals maintained
in systems of records. H.R. 4699 is intended to leave the law and
policy in this area alone. The policies, procedures, and provisions of
the Privacy Act that prevent the establishment of interagency data
banks in the name of efficiency and that prevent unwarranted
sharing of personal information remain in force.
2. Legal Questions. ?The legality of some disclosures that are
necessary to support computer matching has been questioned since
1977. A primary question revolves around the "routine use" provi-
sion of the Privacy Act.'" Where records are disclosed by one
agency to another for use in matching, the normal legal authority
for the disclosure comes from a routine use."0
A routine use may only be established if the disclosure is compat-
ible with the purpose for which the information was collected."
For example, if a match proposes to use records about Federal em-
ployees to identify welfare recipients, is the disclosure of the per-
sonnel records compatible with the purpose for which the person-
nel records were collected?
108 Canadian Parliament Report at 43.
1" See text accompany notes 15.
110 See, for example, 1982 OMB Matching Guidelines at 5.a.(1) ("If disclosure is to be made
pursuant to a 'routine use' (section (bX3) of the Privacy Act), [the agency] should ensure that the
system of records contains such a use, or [the agency] should publish a routine use notice in the
Federal Register.")
l5 U.S.C. ?552a(aX7).
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91 B00390R000200200009-7 22
In 1977, the general counsel to the Civil Service Commission an-
swered this question in the negative."" While this matter was de-
bated and reconsidered within the executive branch, the pressures
to undertake matching projects intensified. These pressures may
have been fueled in part by the undocumented claims of savings re-
sulting from computer matching."3 Eventually, with OMB's ap-
proval and 1979 Guidelines, any legal barriers placed in the way of
matching by the Privacy Act were overridden."4 Later legislation
authorizing or requiring specific matching programs resolved ques-
tions of the legality of routine uses by providing a legislative pur-
pose for the disclosures. However, there has been no formal legal
resolution of the Privacy Act issue in other areas, and some dispute
remains."5
The Senate bill (S. 496) proposed to add new language to the Pri-
vacy Act that would authorize all disclosures made pursuant to a
written matching agreement. This language may have been includ-
ed because of the Senate perception that there is some doubt about
the legality of disclosures needed for some computer matches that
do not have specific statutory authorization.
H.R. 4699 does not include this language. The committee believes
that the compatibility standard of the Privacy Act still has mean-
ing and purpose, and the committee does not wish to give blanket
authorization to all disclosures for all computer matches regardless
of purpose, scope, agency, or level of government involved. In order
to make it clear that H.R. 4699 does not provide independent au-
thority for disclosures necessary to support matching, section 9 pro-
vides that nothing in the act shall be construed to authorize the
computer matching of records not otherwise authorized by law. In
other words, H.R. 4699 leaves the legal questions surrounding
matching and the Privacy Act alone. Provided that the new proce-
dures in H.R. 4699 have been complied with, any computer match
that was lawful before passage of the bill will continue to be lawful
after passage.'16
DISCUSSION
There are three key concepts in the regulation of computer
matching under H.R. 4699. Matching programs must be established
by means of matching agreements, and the agreements must be ap-
proved by agency Data Integrity Boards. The bill has other provi-
sions, but the understanding of these concepts is central to under-
standing how the legislation should be implemented.
Matching Programs. ?"Matching programs" are defined in sec-
tion 5 of the bill to include a broad range of agency matching ac-
tivities. The scope of the bill is then narrowed by the exclusion of
six specific types of matches.
"utter from Carl F. Goodman, General Counsel, United States Civil Service Commission,
to Charles Ruff, Acting Deputy Inspector General, Department of Health, Education and Wel-
fare (July 27, 1977), reprinted in 1982 Senate Hearings at 122 ("[lit is evident that this informa-
tion on employees was not collected with a view toward detecting welfare abuses.")
113 See, for example, text accompanying notes 78-79.
"4 See note 18.
115 See, for example, 1987 House Matching Hearing at 97-101 (statement of Janlori Goldman,
staff attorney, American Civil Liberties Union).
116 For another Privacy Act legal issue raised by computer matching, see text accompanying
note 27.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91 B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7 23
A matching program must involve a Privacy Act system of
records as a source of records used in matching. Under the Privacy
Act of 1974, a "system of records" is defined as "a group of any
records under the control of any agency from which information is
retrieved by the name of the individual or by some identifying
number, symbol, or other identifying particular assigned to the in-
dividual." 5 U.S.C. ? 552a(5). Most records about individuals main-
tained by Federal agencies are kept in systems of records.
Except for a relatively small number of systems of records main-
tained by Federal agency contractors, systems of records are main-
tained only by Federal agencies. This means that matching pro-
grams will generally not include any matching activities that do
not involve a Federal agency as a source or recipient of informa-
tion.
As a result, H.R. 4699 does not affect matching activities that are
conducted by State or local governments using State, local records,
or private records. A matching activity becomes a matching pro-
gram within the meaning of H.R. 4699 only when Federal records
from a Privacy Act system of records are involved.
There are two basic types of computerized comparisons of records
that fall within the general definition of matching programs. First,
a matching program includes the computerized comparison of any
automated systems of records for the purpose of establishing or
verifying eligibility of, or continuing compliance with statutory and
regulatory compliance by, applicants for, recipients or beneficiaries
of, participants in, or providers of services with respect to, cash or
in-kind assistance or payments under Federal benefit programs.
Federal employees are intended to be treated as recipients of pay-
ments under a Federal benefit program. The comparison of records
for the purpose of recouping payments or delinquent debts under
Federal benefit programs also qualifies as a matching program. A
matching program includes matches between two Federal systems
of records as well as matches between a Federal system of records
and non-Federal records.
Matches conducted by the Federal Parent Locator Service do not
fall under this definition because the matches are performed for
the purpose of locating absent parents who are not paying child
support in order to take action against them to secure such child
support payments. The committee does not intend the bill to be
construed to apply to matches performed by the Federal Parent Lo-
cator Service to locate absent parents even though such payments
may result in a recoupment of payments made by a Federal benefit
program such as Aid to Families with Dependent Children. The
Federal benefit recoupment is not the principal purpose of the
matching activity.
For a matching program that meets the primary definition, the
applicability of H.R. 4699 is determined by the purpose of the
match. A matching activity conducted for a nonqualifying purpose
will not be subject to H.R. 4699.
Second, all computerized comparisons using Federal personnel or
payroll systems of records are matching programs. When Federal
payroll or personnel records are used in a matching activity, the
activity falls within the general definition of matching programs
regardless of purpose. This includes matches between two Federal
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/91/17:
.7,1A-RDP91B00390R000200200009-7
24
systems of records as well as matches between a Federal system of
records and non-Federal records.
There are six categories of matching activities that are specifical-
ly excluded from the scope of the bill. First, a match performed to
produce aggregate statistical data without any,personal identifiers
is excluded from the definition of matching programs. To qualify
under this exclusion, no information resulting from the match may
be produced or retained in individually identifiable form or may be
used in any way to affect the rights, benefits, or privileges of any
individual.
Second, a match performed to support any research or statistical
project is excluded if no information resulting from the matching
activity is used to make decisions concerning the rights, benefits, or
privileges of specific individuals. The difference between research
or statistical matching (the first exclusion category) and aggregate
statistical matching (the second exclusion category) is that identifi-
able information may be produced and retained during a research
or statistical match/. No identifiable information may result from
aggregate statistical matches. In neither case may any information
be used in any adverse or other way to affect an individual. Disclo-
sure of any identifiable information produced during a research or
statistical match may be made otherwise in accordance with the
conditions of disclosure in the Privacy Act.
The third exclusion can only be invoked by an agency or compo-
nent which performs as its principal function any activity pertain-
ing to the enforcement of criminal laws. The exclusion covers
matches conducted by such an agency or component subsequent to
the initiation of a specific criminal or civil law enforcement investi-
gation of a named person or persons for the purpose of gathering
evidence against such person or persons.
This exclusion is intended to be narrowly construed. First, not
every agency is eligible to use the exclusion. The agency's (or com-
ponent's) principal function must pertain to the enforcement of
criminal laws. The Federal Bureau of Investigation is an example
of such an agency.
However, if an agency has a number of different functions, one
of which is a criminal law enforcement activity, the agency does
not qualify unless the criminal law enforcement activity has been
clearly identified by statute or otherwise as the principal function
of the agency. A regulatory agency that spends most of its time
and resources implementing a scheme of regulation will not qualify
just because the law it oversees has criminal penalties. The crimi-
nal law enforcement function must be the principal function for
the agency to qualify.
An agency that is not principally a law enforcement agency may
still have a component that can utilize the third exclusion. For ex-
ample, an audit office will typically have a number of functions,
one of which is the initiation of criminal law enforcement investi-
gations. The office as a whole will normally not qualify because the
criminal law enforcement activity is not its principal activity. How-
ever, a clearly identifiable investigation subunit that performs as
its principal function investigations that may lead to criminal re-
ferrals can qualify. Investigative offices do not know at the com-
mencement of an investigation whether the matter under investi-
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7 25
gation will result in civil or criminal charges. This uncertainty
does not make the law enforcement exclusion unavailable to crimi-
nal investigative units. As long as criminal referrals or indictments
may result from the investigative activity, and the investigative ac-
tivity is the principal function of the office, the exclusion will be
available. An example is the Criminal Investigations Division of
the Internal Revenue Service which will qualify even though the
IRS as a whole does not.
An office that is eligible to use the third exclusion can only use it
subsequent to the initiation of a specific criminal or civil investiga-
tion of a named person or persons for the purpose of gathering evi-
dence against such person or persons. In order to rely on the third
exclusion, an agency or component must be gathering evidence for
an existing, ongoing investigation whose targets must already be
identified.
This requirement is intended to distinguish computer match-
ing?which is typically initiated without any evidence or suspicion
about specific individuals?from the later stages of a law enforce-
ment investigation where specific, named suspects have already
been identified. Once the specific targets of an investigation have
been identified, the protections of H.R. 4699 may no longer be ap-
propriate. The bill is intended to regulate general records searches
rather than to interfere with well-defined law enforcement oper-
ations.
The phrase "named person or persons" is intended to mean that
the investigation sponsoring the excluded matching activity has al-
ready identified the specfic individual or individuals who are the
targets of the investigation. A generic description of the targets
(such as "program beneficiaries" or "program beneficiaries who are
also on the Federal payroll") is not adequate. In addition, there
must be a reasonable basis for believing that each of the identified
targets of the investigation has engaged in improper conduct that
is subject to investigation by the agency or component. These limi-
tations are intended to assure that the law enforcement exclusion
will not be a loophole which will allow general matching oper-
ations to be transferred to criminal law enforcement agencies or
components in order to evade the procedural requirements for com-
puter matching. At the same time, the exclusion is intended to
allow matching to be done without undue procedural interference
for legitimate law enforcement purposes.
The fourth exclusion covers several matching activities conduct-
ed by the Internal Revenue Service. Disclosures of tax returns and
tax return information to State officials pursuant to 26 U.S.C.
? 6103(d) are excluded from the requirements of H.R. 4699.
Also excluded are matches of tax information for purposes of tax
administration as defined in 26 U.S.C. ? 6103(b)(4). This exclusion
will permit IRS to continue without interference the matching of
tax returns with notices of interest, dividend, and similar pay-
ments.
Finally, the fourth exclusion also covers matches of tax informa-
tion for the purpose of intercepting a tax refund due to an individ-
ual under authority granted by the Deficit Reduction Act of 1984.
The tax refund offset programs authorized by DEFRA already con-
tain due process procedures. To subject these offset programs to the
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
26
computer matching bill would only result in duplicative notice to
affected individuals and duplicative hearings.
The fifth exclusion is designed to allow most internal agency
matching activities to be conducted without following the matching
procedures. The purpose is twofold. First, the general scheme of the
Privacy Act allows agencies to make reasonable internal uses of in-
formation without unnecessary complexity. See, for example, 5
U.S.C. ? 552a(b)(1). The fifth exclusion continues that policy.
Second, the broad definition of matching programs includes some
routine agency operations that do not warrant the additional con-
trols imposed by the bill.
Two different types of matches can qualify under the fifth exclu-
sion. First, the exclusion covers matches performed for routine ad-
ministrative purposes that use records predominantly relating to
Federal personnel. A routine administrative purpose includes ac-
tivities such as: (a) a computer search for an agency employee with
specific skills who can carry out a specific assignment; (b) matching
of agency payroll records with Treasury Department records for
the purpose of preparing payroll checks; and (c) standard internal
auditing of agency travel records. The Director of the Office of
Management and Budget is required to issue guidance to clarify
and standardize the concept of "routine administrative purpose."
Second, the exclusion also covers matches that are performed
using only records from systems of records maintained by an
agency. The term "agency" is defined term under the Privacy Act,
and the committee intends that it be interpreted in accordance
with the OMB Privacy Act Guidelines, 40 Federal Register 28950
(July 9, 1975), and the Justice Department letter quoted therein.
An internal or administrative match does not necessarily qualify
for the fifth exclusion. The match only qualifies if the purpose is
not to take any adverse financial, personnel, disciplinary, or other
adverse action against Federal personnel. Thus, a match of Federal
employees for waste, fraud, abuse, or debt collection purposes does
not qualify for exclusion. Such matches are identical in purpose to
matches involving non-Federal employee populations, and Federal
employees are entitled to the same protections that H.R. 4699 af-
fords to others. However, routine administrative matches conduct-
ed as part of normal accounting or auditing controls and that are
not specifically intended to result in adverse action against Federal
personnel can qualify for exclusion.
The sixth and final exclusion for the matches is performed to
produce background checks for security clearances of Federal per-
sonnel or for foreign counterintelligence purposes. This is intended
to allow all required security clearance investigations without ap-
plication of the matching procedures.
Matching Agreements.?H.R. 4699 requires that most computer
matching involving Federal data be conducted pursuant to match-
ing agreements. The bill enforces this requirement by prohibiting
the disclosure by a Federal agency of any record contained in a
system of records to another Federal agency or to a non-Federal
agency for use in a computer matching program except pursuant to
a written matching agreement.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7 27
There are eleven required elements in a matching agreement.
First, the agreement must specify the purpose and legal authority
for conducting the matching program.
Second, the agreement must specify the justification for the pro-
gram and the anticipated results, including a specific estimate of
any savings. This information is required because of a concern by
the committee that some computer matching may not be cost effec-
tive. Data Integrity Boards are required to disapprove a matching
program unless a cost-benefit analysis has been completed and the
analysis demonstrates that the program is likely to be cost effec-
tive.
The General Accounting Office has developed guidelines for as-
sessing the costs and benefits of computer matching. The report
was issued in November 1986 (GAO/PEMD-87-2). The GAO guide-
lines are the first attempt to set out a comprehensive, realistic, and
objective approach to the assessment of the costs and benefits of
matching.
When an agency prepares estimated results of matching and esti-
mates of savings, the committee intends that the elements relating
to cost-benefit assessment identified in the GAO report be em-
ployed to the greatest extent practical. All identifiable cost ele-
ments should be included in the analysis, and a realistic assess-
ment of the benefits?suitably discounted to reflect the time value
of money?is also required.
Third, a matching agreement must include a description of the
records that will be matched, including each data element that will
be used, the approximate number of records that will be matched,
and the projected starting and completion dates of the matching
program.
Fourth, an agreement must describe the procedures for providing
individualized notice to applicants for and recipients of financial
assistance or payments under federal benefit programs and to ap-
plicants for and holders of positions as Federal personnel. Individ-
ualized notice means that each individual affected by the match
must receive a notice. Notice through publication in the Federal
Register will not meet the requirement of individualized notice. In-
dividualized notice must be provided at the time of application and
periodically thereafter that any information provided by appli-
cants, recipients, and others may be subject to verification through
matching programs.
The Data Integrity Board may direct procedures for periodic
notice for each matching program. The Director of the Office of
Management and Budget is required to issue guidance on periodic
notice for the use of the Boards. In general, the committee intends
that all individuals receive meaningful notice. Agencies will nor-
mally be able to accomplish this by providing matching notices to
individuals at the same time that other information is conveyed.
Unless determined by OMB to be necessary in some circumstances,
the committee does not expect that agencies will be required to
keep a receipt for the notice from each individual receiving the
notice. Each agency need only take reasonable steps to assure that
affected individuals have been notified.
In the case of the initial notice, matching information can be in-
cluded on an application form or with other notices provided to ap-
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
.01A-RDP91B00390R000200200009-7 28
plicants. The periodic notice requirements can be met in a similar
way. The mailing of separate periodic notices is not required as a
matter of law, but could be required in specific instances either by
a Data Integrity Board or under OMB guidance.
Fifth, a matching agreement must specify procedures for verify-
ing information produced in the matching program. Verification
requirements are discussed elsewhere in this report.
Sixth, a matching agreement must specify procedures for the
timely destruction of identifiable records created by a recipient
agency or non-Federal agency during the course of a matching pro-
gram. All records generated during the course of a matching pro-
gram should be destroyed as soon as the records are no longer
needed. The timely destruction of unnecessary personal informa-
tion provides an important privacy protection.
Seventh, a matching agreement must specify procedures for en-
suring the administrative, technical, and physical security of the
records matched and the results of the matching program. This re-
quirement is similar to an existing Privacy Act provision in subsec-
tion (e)(10). The existing requirement is for appropriate safeguards
for protecting the security and confidentiality. The committee in-
tends that a standard of appropriateness also be applied to the pro-
tection of matching records. The degree of protection should be
commensurate with the sensitivity of the records. Matching records
will normally not require the same degree of protection as classi-
fied information.
Eighth, a matching agreement must specify applicable prohibi-
tions on duplication and redisclosure of records provided by the
source agency within or outside the recipient agency or the non-
Federal agency, except where required by law or essential to the
conduct of the matching program.
The prohibition on duplication and redisclosure is another impor-
tant privacy protection. Records made available for a matching
program may be used only for the program and may not be dupli-
cated or redisclosed for any other purpose. This will be the prohibi-
tion on duplication and redisclosure normally specified in the
matching agreement.
There are two exceptions to the general prohibition. Records may
be duplicated or redisclosed for a purpose that is required by law.
An example is the law requiring disclosure of records to the Comp-
troller General. Records may also be duplicated or redisclosed
where duplication or redisclosure is essential to the conduct of the
matching program. The "essential" standard is a strict test, and
the committee intends it to be much more restrictive than the
"campatibility" standard for routine uses under the Privacy Act.
See 5 U.S.C. ? 552a(7). In general, the stricter restrictions on dupli-
cation and redisclosure reflect a concern that records used in
matching programs be tightly controlled.
A disclosure is essential only when a matching program cannot
be carried out without it. The results of a match may be disclosed
for followup and verification as an essential part of the program.
Also, when a matching program uncovers activity that warrants
civil or criminal investigation or prosecution, the disclosure or du-
plication of information to support the investigation or prosecution
is an essential purpose.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7 29
Ninth, a matching agreement must specify procedures governing
the use by a recipient agency or non-Federal agency of records pro-
vided by a source agency, including procedures governing return of
the records to the source agency or destruction of records used in
the matching program. Records should be destroyed or returned to
the source agency at the earliest possible opportunity.
Tenth, a matching agreement must include information on as-
sessments that have been made on the accuracy of the records that
will be used in the matching program. The accuracy of data is im-
portant in any matching activity, and there have been serious
problems in the past when inaccurate information has been used.
Finally, matching agreements must provide that the Comptroller
General may have access to all records of a recipient agency or
non-Federal agency that the Comptroller General deems necessary
in order to monitor or verify compliance with the agreement. Since
the Comptroller General already has a statutory right to access to
Federal agency records, this provision is primarily intended to
allow the Comptroller General to have access to records of state or
local governments.
A copy of each matching agreement must be provided to the
Senate Committee on Governmental Affairs and to the House Com-
mittee on Government Operations, and the agreement will not
become effective until 30 days after copies are sent to the Commit-
tees.
A copy of a matching agreement must be made available to the
public on request. The committee intends that copies of matching
agreements should be provided upon request, without charge, and
without the necessity for the filing of a formal request under the
Freedom of Information Act. No agency may hide its matching ac-
tivities from public view by holding requests for matching agree-
ments in a lengthy FOIA queue.
Matching agreements may remain in effect for the period deter-
mined to be appropriate by the Data Integrity Board. The Board
will make its determination in light of the purpose and length of
time necessary for the conduct of the matching program. The maxi-
mum length of time for a matching agreement is 18 months. How-
ever, the Board may renew an existing matching agreement for up
to an additional year if the program will be conducted without any
change for the additional period and if each party to the agreement
certifies in writing that the program has been conducted in compli-
ance with the agreement.
The vast majority of matching programs subject to H.R. 4699 will
involve two different Federal agencies or one Federal agency and a
non-Federal agency. This is because the fifth exclusion of the defi-
nition of matching programs excludes most internal agency
matches.
However, there will be some matches wholly internal to an
agency that will be subject to the requirements of H.R. 4699. In
these instances, the same agency will be both the source and the
recipient agency, and the agency will have to effectuate a matching
agreement with itself. If the source and recipient agencies are dif-
ferent components with the agency, an agreement can be signed by
the two components. If the same component is both the source and
the recipient of the matching information, the head of the compo-
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7 30
nent or agency should prepare and submit to the agency's Data In-
tegrity Board a memorandum which can serve as the equivalent of
a matching agreement.
Data Integrity Boards. ?Each Federal agency conducting or par-
ticipating in a matching program is required to establish a Data In-
tegrity Board to oversee and coordinate implementation of H.R.
4699. A Federal agency must have a Data Integrity Board if the
agency is a source agency or a recipient agency. No non-Federal
agency is required to establish a Data Integrity Board.
Each agency's Data Integrity Board must be composed of senior
officials designated by the head of the agency. The only members of
the Board designated by law are the senior agency official designat-
ed by the head of the agency as responsible for implementation of
the Privacy Act of 1974, and the inspector general of the agency, if
any. The agency head can determine how many additional mem-
bers to appoint to the Board. A small agency with limited matching
activities may have only a few members on its board. A larger
agency with active matching programs may have a need to have a
large number of agency components represented on its board.
The bill specifically provides that no inspector general may serve
as chairman of the Data Integrity Board. The agency head may
select another member as chairman or may allow the Board to
select its own chairman. The reason for the limitation on inspec-
tors general is because of the prominent role played by inspectors
general and the President's Council on Integrity and Efficiency in
promoting the use of computer matching. The committee is con-
cerned that a Board chaired by an inspector general may not exer-
cise sufficiently detached judgment regarding computer matching.
The committee intends that neither an agency inspector general
nor any employee of an inspector general serve as chairman of the
Board, chair meetings of the Board, or provide staff to the Board.
Membership on the Board should not be a full-time job for
anyone. In fact, except at a large agency with a considerable
amount of matching activities, the Board may not neet to have any
permanent, full-time staff. However, during the initial implementa-
tion period for H.R. 4699, there is likely to be more effort required
than will be necessary for continuing operations, and some full-
time staff may be assigned initially. It is likely that the members
of the Board will contribute staff as needed to carry out the
Board's functions or that the agency's Privacy Act officer may be
assigned additional matching-related activities. The Committee en-
visions that most agency Data Integrity Boards will meet several
times each year to consider matching agreements and to review on-
going matches.
The bill sets out eight specific functions for Data Integrity
Boards. First, each Board will review, approve, and maintain all
written agreements for receipt or disclosure of agency matching
programs. Each Board will also maintain copies of all relevant stat-
utes, regulations, and guidelines as a resource for the agency.
Second, each Board must review all matching program in which
the agency has participated during the year, either as a source
agency or recipient agency. The purpose of the review is to deter-
mine compliance with applicable laws, regulations, guidelines, and
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
4
31
agency agreements, and to assess the cost and benefits of such pro-
grams.
The committee does not envision that Boards will routinely un-
dertake active investigations of matching programs. When there
are reports or other indications of problems with a matching pro-
gram's operations or of a lack of compliance with law or the match-
ing agreement, an active investigation may be warranted. Other-
wise, the Board's role will normally be more limited and may in-
clude collection and review of information about matching pro-
grams and occasional spot audits. The Boards will have to take
positive action to ensure that the assessement of costs and benefits
for each matching program is fairly and accurately presented.
Third, each Board must review all recurring matching programs
in which the agency has participated during the year, whether as a
source agency or recipient agency, for continued justification. This
requirement has been included in order to make sure that special
attention will be paid to matching programs that are done on a
continuing basis. The Committee is concerned that these matches
may be renewed automatically long after the need for the match
has passed. This is most likely to be a problem with front-end veri-
fication matches.
Fourth, each Board must prepare an annual report on matching
for submission to the head of the agency and to Office of Manage-
ment and Budget. The report of each Board must also be made
available to the public upon request. OMB will consolidate the re-
ports for the various Boards and file a single report with the Con-
gress.
Reports by the Boards must describe the matching activities of
the agency and must include: (i) a description of all matching pro-
grams in which the agency participated as a source or recipient
agency; (ii) a description of any matching agreements that were
proposed but disapproved by the Board; (iii) a description of any
changes in the membership or structure of the Board in the preced-
ing year; (iv) the reasons for any waiver of the requirement for the
completion and submission of a cost-benefit analysis prior to the
approval of a matching program; (v) information about any viola-
tions of matching agreements that have been alleged or identified
and any corrective action taken; (vi) any other information re-
quired by the Director of OMB to be included in the report.
Fifth, each Board is required to serve as a clearinghouse for re-
ceiving and providing information on the accuracy, completeness,
and reliability of records used in matching programs.
Sixth, each Board is required to provide interpretation and guid-
ance to agency components and personnel on the Privacy Act's
matching requirements.
Seventh, each Board is required to review agency recordkeeping
and disposal policies and practices for matching programs to assure
compliance with the Privacy Act.
Finally, each Board may review and report on any agency match-
ing activities that are not matching programs. This authority
allows the Boards to consider any aspect of agency matching oper-
ations that fall outside of the definition of matching programs be-
cause of the exclusions.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7 32
The Senate bill assigned the Data Integrity Boards responsibility
for reviewing and coordinating privacy training programs. This has
been left out of the House bill because the responsibilities of the
Boards are specifically focused on computer matching rather than
the whole Privacy Act or broader privacy issues. This change from
the Senate bill should not be taken as any indication of lack of in-
terest in or support for privacy training. The Committee strongly
supports Privacy Act training' but believes that the responsibility
should not rest with Data Integrity Boards. Existing training pro-
grams?such as those sponsored by the Defense Privacy Board?
should continue to be utilized.
One of the major elements of H.R. 4699 is the focus on the cost-
effectiveness of computer matching. The Data Integrity Boards
have been given a central assignment in this area. In general, no
Board may approve any matching agreement unless the agency has
cmpleted and submitted a cost-benefit analysis of the proposed
matching program and the analysis demonstrates that the program
is likely to be cost-effective.
The General Accounting Office has developed guidelines for as-
sessing the costs and benefits of computer matching. The report
was issued in November 1986 (GAO/PEMD-87-2). The GAO guide-
lines are the first attempt to set out a comprehensive, realistic, and
objective approach to the assessment of the costs and benefits of
matching.
When an agency prepares estimated results of matching and esti-
mates of savings, the committee intends that the elements relating
to cost-benefit assessment identified in the GAO report be em-
ployed to the greatest extent practical. All identifiable cost ele-
ments should be included in the analysis, and a realistic assess-
ment of the benefits?suitably discounted to reflect the time value
of money?is also required. The Board will enforce this require-
ment by reviewing the cost-benefit analysis submitted along with
each proposed matching agreement.
The committee is aware that an exact cost-benefit analysis
cannot be prepared for every proposed match. H.R. 4699 reflects
this uncertainty by requiring only that the analysis demonstrate
that a matching program is likely to be cost-effective. The commit-
tee expects that a good faith effort will be made to be as realistic as
possible.
A considerable amount of matching has been done, and informa-
tion from past matches should be consulted whenever possible in
the preparation of cost-benefit analyses. For recurring matches,
specific evidence can be collected during the first year of operation
and then used to prepare a realistic cost-benefit analysis for the
future.
As experience with developing cost-benefit analyses increases, es-
timates should rapidly improve in quality over time. The require-
ment that an actual assessment of costs and benefits be included in
annual reports will permit a comparison of estimates with actual
results. The committee will review the annual reports to determine
how good a job the Boards are doing in overseeing the cost-benefit
analysis provisions of H.R. 4699.
The preparation of a cost-benefit analysis will not be possible for
every proposed matching program. While most matches done to
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
33
reduce fraud, abuse, or waste can be measured on a cost-effective-
ness scale, other matches have objectives that cannot effectively be
measured in monetary terms. For example, it may not be possible
to prepare a complete cost-benefit analysis for a match that is con-
ducted to improve the quality of health care. For other matches?
particularly front-end verification matches?cost-benefit criteria
are not sufficiently developed to permit a cost-effectiveness evalua-
tion at this time.
The committee recognizes that there are some limitations on
cost-benefit analysis, and H.R. 4699 allows Data Integrity Boards to
waive the requirement for the preparation of a cost-benefit analy-
sis. In order to grant a waiver, the Board must make a determina-
tion in writing that a cost-benefit analysis is not required. The de-
termination must be made in accordance with guidelines pre-
scribed by the Director of OMB.
It is the committee's intent that waiver be granted sparingly and
only where the preparation of a cost-benefit analysis is impossible
or would be completely fruitless. The flexibility included by grant-
ing authority to waive the cost-benefit requirement should not be
abused. For example, Data Integrity Boards may not grant routine
waivers on the excuse that the purpose of a matching program is
"deterrence of fraud and abuse" and that deterrence is difficult to
measure. The experience with computer matching during the last
ten years should provide a basis for realistically estimating any
benefits attributable to "deterrence". The requirement that Boards
annually assess the costs and benefits of matching programs will
rapidly provide a more precise basis for determining whether esti-
mates of deterrence benefits have been accurate.
When one Federal agency is the source agency and another Fed-
eral agency is the recipient agency for a matching program, the
Data Integrity Boards of both agencies will have the responsibility
to review and approve the program. Both boards will have to be
satisfied that the proposed matching program meets the standards
of the law. Any disagreements will have to be resolved before the
matching program can proceed.
Appeals. ?If a matching agreement is disapproved by a Data In-
tegrity Board, any party to the agreement may appeal the disap-
proval to the Director of OMB. The appeal has been added to the
Senate bill because of the possibility that some of the members of
the Data Integrity Board considering a matching agreement might
have a conflict of interest. It is possible, for example, that an
agency operating a benefit program might resist a proposed match-
ing project because of concern that the results might show that the
program was being poorly run. An appeal allows for an independ-
ent review of the decision of the Board. The committee anticipates
that appeals will be rare and primarily because of conflicts of inter-
est.
When an appeal is filed with OMB, notice must be provided by
OMB to the Senate Committee on Governmental Affairs and the
House Committee on Government Operations. OMB may prescribe
whatever procedural rules for appeals that it finds necessary.
OMB will have limited authority to overrule a Data Integrity
Board and approve a matching agreement. An appeal may be
granted only if the Director of OMB determines that: (i) the match-
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7 34
ing program will be consistent with all applicable legal, regulatory,
and policy requirements; (ii) there is adequate evidence that the
matching agreement will be cost effective; and (iii) the matching
program is in the public interest.
The public interest standard does not grant OMB any authority
to approve a matching program that is not in full compliance with
statutory requirements. Instead, it is an additional standard that
gives OMB authority to disapprove a matching program that com-
plies with the law but that is not an appropriate use of federal
funds or information.
When OMB approves a matching agreement, the decision must
be reported to the Senate Committee on Governmental Affairs and
to the House Committee on Government Operations. The notice to
the committees should include a detailed statement of the reasons
for granting the appeal. Any matching agreement so approved may
not take effect until 30 days after the committees are notified.
If a matching program proposed by the inspector general of an
agency is disapproved by the Data Integrity Board and by the Di-
rector of OMB, the inspector general may report the disapproval to
the head of the agency and to the Congress. If the Congress deter-
mines that the matching program was improperly disapproved, the
Congress can take appropriate action.
Verification.?Before a recipient agency, non-Federal agency, or
source agency can suspend, terminate, reduce, or make a final
denial of any financial assistance under a Federal benefit program
or take other adverse action against an individual as a result of in-
formation produced by a matching program, an officer or employee
of the agency must independently verify the information.
Independent verification may be satisfied in either of two ways.
First, information may be verified in accordance with the require-
ments governing the Federal benefit program. This assumes that
the benefit program has specific verification requirements.
Alternatively, information about an individual uncovered
through a matching program can be independently verified
through independent investigation and confirmation of: (A) the
amount of the asset or income involved; (B) whether the individual
actually has or had access to the asset or income for the individ-
ual's own use; (C) the period or periods when the individual actual-
ly had the asset or income; and (D) any other information used as a
basis for an adverse action against an individual.
The purpose of the independent verification requirement is to
assure that the rights of individuals are not determined automati-
cally by computers without human involvement and without check-
ing that the information relied upon is accurate, complete, and
timely. No one should be denied any right, benefit, or privilege
simply because his or her name was identified in a match as a
"raw hit". There can be no presumption that information obtained
from a computer is necessarily correct or that correct data has
been correctly interpreted. Computerized data is just as likely to be
incorrect as information that comes from other sources.
The confirmation that is required means that the underlying
data elements used in the computer match have been found to be
correct. It is not enough to confirm that the specific data on the
computer tape used in the matching operation is the same as the
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7 35
data contained in the source computer for the tape. Confirmation
means that the data is, in fact, correct. This may be determined by
asking the individual involved for confirmation of the information
or by checking the data with another data source that obtained the
information independently of the first source.
In most instances, the individual will be the best source of confir-
mation and explanation. An existing Privacy Act provision already
requires that Federal agencies collect information to the greatest
extent practicable directly from the subject individual when the in-
formation may be used in a way that results in an adverse determi-
nation about an individual's rights, benefits, or privileges. See 5
U.S.C. ? 552a(e)(2).
Contacting the individual for an explanation of the information
in question is important because there may be more than one in-
terpretation of the facts. The 1982 Massachusetts bank match,
which is discussed elsewhere in this report, demonstrates why.
Some welfare recipients were found to have bank accounts with
assets in excess of the legal amounts. But while the basic informa-
tion was correct, further investigation revealed that in some cases,
the money in the account did not belong to the welfare recipient or
was being held for a legal purpose.
The independent verification requirement is not intended to
erect a complex or rigid barrier to the use of the results of comput-
er matching. It should be interpreted using a rule of reason. If
there is a reasonable independent confirmation that the informa-
tion from a computer match is correct and a reasonable basis for
taking action, then an agency may act upon that information.
Due Process. ?H.R. 4699 also requires that due process be afford-
ed to individuals before any action can be taken on the results of
computer matching. No recipient agency, non-Federal agency, or
source agency may suspend, terminate, reduce, or make a final
denial of any financial assistance or payment under the Federal
benefit program to any individual as a result of information pro-
duced by a computer match until 60 days after the individual re-
ceives a notice from the agency. The notice must contain a state-
ment of the findings and must inform the individual of the oppor-
tunity to contest the findings. The opportunity may be satisfied by
notice, hearing, and appeal rights governing the Federal benefit
program. The exercise of any such rights shall not affect any rights
available under the Privacy Act of 1974.
These due process procedures are similar in purpose and design
to existing requirement for computer matching that is authorized
under the Deficit Reduction Act of 1984. As a result, the proce-
dures should not be difficult or expensive for any agency to follow.
Most, if not all, affected agencies will already have in place similar
procedures. For these agencies, the additional costs of complying
with the due process requirements of H.R. 4699 will be minimal.
Notwithstanding the due process procedures required under H.R.
4699, an agency may take any appropriate action that might other-
wise be prohibited if the agency determines that the public health
or public safety may be adversely affected or significantly threat-
ened during the 60-day notice period. For example, an agency
might discover as a result of a computer match that a person not
licensed to practice medicine was working as a physician. Under
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
ICIA-RDP91B00390R000200200009-7 36
the public health or safety exception, the agency could take imme-
diate action to prevent the unauthorized person from continuing to
practice medicine. Due process should still have to be provided, but
in such a case it could be provided after rather than before the
fact. While it is not anticipated that the public health or safety ex-
ception will be used often, it will prevent H.R. 4699 from restrict-
ing Government action needed to protect human life or limb.
Report to Congress.?The Director of OMB will file a report with
the Congress on matching activity. The report must be filed annu-
ally during the first 3 years after the date of enactment and bienni-
ally thereafter. The report will consolidate the information con-
tained in the reports from the Data Integrity Boards. The report
must include detailed information about the costs and benefits of
matching programs and must identify each waiver granted by a
Data Integrity Board of the requirement for completion and sub-
mission of a cost-benefit analysis and the reasons for granting the
waiver. The OMB report may contain such other information about
matching programs and matching activities as the Director deter-
mines to be relevant to executive or congressional oversight.
Reports to OMB from the Data Integrity Boards are required to
include information about matching activities that are not match-
ing programs under the definition in H.R. 4699. Some of these
matching activities are matches conducted for law enforcement
purposes. In order to protect any sensitive, ongoing matching ac-
tivities connected with law enforcement investigations that might
be jeopardized by premature publicity, the reports by the Boards
and by OMB may present information about such matching activi-
ties on an aggregate basis.
Other Privacy Act Amendments.?H.R. 4699 makes several minor
amendments to the Privacy Act. First, the uncodified provisions of
section 6 of the Privacy Act of 1974, Public Law 93-579, relating to
the responsibilities of the Director of OMB to provide guidelines,
assistance, and oversight of the Privacy Act are codified in new
subsection (v) of the Privacy Act. This is a technical amendment,
and no change in the function of OMB is made or intended by the
codification of this authority. Existing OMB Privacy Act guidance
remains in effect. A conforming amendment repeals section 6 of
the Privacy Act of 1974.
Second, the requirement in subsection (f) of the Privacy Act that
the Office of Federal Register annually publish a compilation of
Privacy Act rules and system notices is changed to a biennial re-
quirement. In making this change, the committee notes that the
current form of the compilation may not be the most effective
means of informing the public about government records about in-
dividuals. The committee urges the Office of Federal Register to de-
velop indexes and other tools that will make the publication more
useful to a broader community. Alternative publication formats
should also be studied by the Office of Federal Register and by
OMB.
Third, H.R. 4699 modifies the requirement that the President
submit to the Congress an annual report on the administration of
the Privacy Act of 1974. The report will be required biennially in
the future rather than annually. The current requirement is in
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
-2,IA-RDP91B00390R000200200009-7 37
subsection (p) of the Act which becomes subsection (s) as redesig-
nated by H.R. 4699.
Fourth, existing subsection (o) of the Privacy Act (subsection (r)
as redesignated) requires agencies to file a report on new systems
of records with OMB and with the Congress. This requirement is
revised in several ways:
(a) Not all changes to existing system notices must be reported.
The new language requires reports only for significant changes.
The purpose of this amendment is to eliminate the suggestion in
the law that reports must be filed to reflect changes that are insig-
nificant and have no effect on the exercise of rights by individuals.
Any change in the categories of individuals on whom records are
maintained, the categories of records maintained, access proce-
dures, exemptions, or the routine uses for a system will always con-
stitute a significant change that requires a report. Nonsignificant
changes include a change in the name or title of the system man-
ager and minor procedural changes that will not affect an individ-
ual's exercise of rights granted by the Privacy Act in any way. The
committee is aware that OMB has issued guidance to agencies on
when an agency is required to file reports on changes in system no-
tices. The OMB guidance reflects the intent of this change in the
reporting requirement. See OMB Circular A-130, 50 Fed. Reg.
52740 (December 29, 1987).
(b) Current law requires that reports be provided to the Congress.
The new language requires instead that two copies of the reports
be provided directly to the Senate Committee on Governmental Af-
fairs and to the House Committee on Government Operations.
(c) Current law requires that the report proposing new or
changed systems include information about the effect of the propos-
al on "personal or property rights of individuals or the disclosure
of information relating to such individuals, and its effect on the
preservation of the constitutional principles of federalism and sepa-
ration of powers." This language is eliminated in the revised sub-
section. Instead, the reports are simply required to provide infor-
mation in order to permit an evaluation of the probable or poten-
tial effect of the proposal on the privacy or other rights of individ-
uals.
The committee has determined that the information required
under the existing provision is only occasionally relevant to the
evaluation of a new or changed system of records. The new lan-
guage gives OMB and the agencies broader discretion to determine
what information is necessary to assist in the evaluation of the pro-
posal. The change does not reflect any lessened interest in the con-
tent of the system reports, and the committee intends that agencies
provide a full and fair evaluation of the consequences of the estab-
lishment or alteration of any system of record. This includes, but
only where appropriate, information on the effect of any Privacy
Act systems on preservation of the constitutional principles of fed-
eralism and separation of powers.
Fifth, a new paragraph 12 is added to subsection (e) of the Priva-
cy Act. The new paragraph requires source and recipient agencies
to publish notices of the establishment or revision of matching pro-
grams in the Federal Register at least 30 days prior to conducting
such programs.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7 38
Effective Date.?Most of the provisions of the bill affecting
matching activities take effect 9 months after the date of enact-
ment. The minor changes to the Privacy Act made by sections 6, 7,
and 8 are effective upon enactment. The Director of OMB is direct-
ed to develop guidelines and regulations for the use of agencies in
implementing the amendments made by H.R. 4699 not later than 8
months after the date of enactment. This should allow sufficient
time for agencies to establish Data Integrity Boards and to bring
existing and proposed matching activities into compliance with the
new law.
SECTION-BY-SECTION ANALYSIS
SECTION 1-SHORT TITLE
This section provides that the act may be cited as the "Computer
Matching and Privacy Protection Act of 1988."
SECTION 2-MATCHING AGREEMENTS
This section adds three new subsections to the Privacy Act of
1974, 5 U.S.C. ? 552a. The new subsections are designated as sub-
section (o), (p), and (q), and existing subsections (o), (p), and (q) are
redesignated as subsections (r), (s), and (t).
Subsection (o)?Matching Agreements
Matching Agreements (Paragraph 1).?No record contained in a
Privacy Act system of records may be disclosed to a recipient
agency or a non-Federal agency for use in a computer matching
program except pursuant to a written agreement between the
source agency and the recipient agency or non-Federal agency. The
matching agreement must specify:
(A) the purpose and legal authority for conducting the pro-
gram.
(B) the justification for the program and the anticipated re-
sults, including a specific estimate of any savings.
(C) a description of the records that will be matched, includ-
ing each data element that will be used, the approximate
number of records that will be matching, and the projected
starting and completion dates of the matching program.
(D) procedures for providing individualized notice at the time
of application, and periodically thereafter as directed by the
agency's Data Integrity Board, to (i) applicants for and recipi-
ents of financial assistance or payments under Federal benefit
programs, and (ii) applicants for and holders of positions as
Federal personnel. The notice must indicate that any informa-
tion provided by the applicants, recipients, holders, and indi-
viduals may be subject to verification through matching pro-
grams. Procedures for providing notice must be established
subject to guidance from the Director of OMB.
(E) procedures for verifying information produced in such
matching program as required by subsection (p) [verification
and opportunity to contest findings].
(F) procedures for the timely destruction of identifiable
records created by a recipient agency or non-Federal agency.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
39
(G) procedures for ensuring the administrative, technical,
and physical security of the records matched and the results of
the matching programs.
(H) prohibitions on duplication and redisclosure of records
provided by the source agency within or outside the recipient
agency or the non-Federal agency, except where duplication or
? redisclosure is required by law or is essential to the conduct of
the matching program.
(I) procedures governing the use by a recipient agency or a
non-Federal agency of records provided in a matching program
by a source agency. These procedures must include rules gov-
erning return of the records to the source agency or the de-
struction of records used in the matching program.
(J) information on assessments that have been made on the
accuracy of the records that will be used in matching pro-
grams.
(K) that the Comptroller General may have access to all
records of a recipient agency or a non-Federal agency that the
Comptroller General deems necessary in order to monitor or
verify compliance with the agreement.
Transmittal of Copies and Effective Date (Paragraph 2).?A copy
of each matching agreement must be sent to the Senate Committee
on Governmental Affairs and the House Committee on Govern-
ment Operations. Matching agreements must be available upon re-
quest to the public.
No matching agreement shall be effective until 30 days after a
copy is transmitted to the House and Senate committees.
Matching agreements shall remain effective for a period not to
exceed 18 months. The Data Integrity Board shall determine an ap-
propriate period for an agreement in light of the purposes and
length of time necessary for the conduct of the matching program.
The Data Integrity Board may, without additional review, renew
a matching agreement for a current, ongoing matching program
for up to a year if the program will be conducted without any
change and each party to the agreement certifies to the Board in
writing that the program has been conducted in compliance with
the agreement.
Subsection (p)?Verification and Opportunity to Contest Findings
Verfication Requirements (Paragraph 1).?No recipient agency,
no Federal agency, or source agency may suspend, terminate,
reduce, or make a final denial or any financial assistance under a
federal benefit program to any individual, or take any other ad-
verse action against an individual as a result of information pro-
duced by a matching program, until an office or employee of the
agency has independently verified the information. The independ-
ent verification requirement may be satisfied either by verification
in accordance with requirements governing the federal benefit pro-
gram or by verification in accordance with paragraph (2) of this
subsection.
Independent Verification (Paragraph 1).?Independent verifica-
tion shall include independent investigation and confirmation of?
(A) the amount of the asset or income involved;
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7 40
(B) whether the individual actually has or had access to such
asset or income for the individual's own use;
(C) the period or periods when the individual actually had
such asset or income; and
(D) any other information used as a basis for an adverse
action against an individual.
Notice (Paragraph 3).?No recipient agency, non-Federal agency,
or source agency may suspend, terminate, reduce, or make a final
denial of any financial assistance or payment under a Federal ben-
efit program to any individual whose records are used in a match-
ing program, or may take other adverse action against the individ-
ual as a result of information produced by a matching program,
until 60 days after the individual receives notice from the agency.
The notice must include a statement of the agency's findings and
must inform the individual of the opportunity to contest such find-
ings. The opportunity to contest may be satisfied by notice, hear-
ing, and appeal rights governing the Federal benefit program. The
exercise of any such rights shall not affect any rights available
under this section.
Health and Safety (Paragraph 4).?Notwithstanding the limita-
tion in paragraph (3), an agency may take any appropriate action
otherwise prohibited by such paragraph if the agency determines
that the public health or public safety may be adversely affected or
significantly threatened during the 60-day notice period otherwise
required.
Subsection (q)?Sanctions
Notwithstanding any other provision of law, no source agency
may disclose any record which is contained in a system of records
to a recipient agency or non-Federal agency for a matching pro-
gram if the source agency has reason to believe that the verifica-
tion requirements of subsection (p) or any matching agreement en-
tered into pursuant to subsection (o) are not being met by the recip-
ient agency. No source agency may renew a matching agreement
unless (1) the recipient agency or non-Federal agency has certified
that it has complied with the provisions of the agreement; and (2)
the source agency has no reason to believe that the certification is
inaccurate.
SECTION 3-NOTICE OF MATCHING PROGRAMS
Subsection (a) amends subsection (e) of the Privacy Act by adding
new paragraph (12). The new paragraph requires source and recipi-
ent agencies to publish in the Federal Register notice of the estab-
lishment or revision of a matching program at least 30 days prior
to conducting the program.
Subsection (b) amends subsection (r) (as redesignated) of the Pri-
vacy Act regarding reporting on new or changed systems of
records. The new language (1) extends the existing reporting re-
quirement to matching programs; (2) eliminates reporting for
minor changes; (3) provides that reports go directly to congressional
committees; and (4) eliminates several less important report ele-
ments.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
41
SECTION 4-DATA INTEGRITY BOARD
This section adds a new subsection (u) regarding Data Integrity
Boards to the Privacy Act.
Establishment (Paragraph 1).?Every agency conducting or par-
ticipating in a matching program shall establish a Data Integrity
Board to oversee and coordinate the agency's implementation of
the Privacy Act.
Membership (Paragraph 2).?Each Data Integrity Board shall
consist of senior officals designated by the head of the agency and
shall include any senior official designated by the head of the
agency as responsible for implementation of the Privacy Act. The
inspector general of the agency, if any, shall be a member of the
Board, but the inspector general shall not serve as chairman of the
Board.
Functions (Paragraph 3).?Each Data Integrity Board?
(A) shall review, approve, and maintain all written agree-
ments for receipt or disclosure of agency records for matching
programs to ensure compliance with the Privacy Act and all
relevant statutes, regulations, and guidelines.
(B) shall review all matching programs in which the agency
has participated during the year, either as a source agency or
recipient agency; determine compliance with applicable laws,
regulations, guidelines, and agency agreements; and assess the
costs and benefits of such programs.
(C) shall review all recurring matching program in which
the agency has participated during the year, either as a source
agency or recipient agency, for continued justification for such
disclosures.
(D) shall compile an annual report, which shall be submitted
to the head of the agency and the Office of Management and
Budget and made available to the public on request, describing
the matching activities of the agency, including: (i) matching
programs in which the agency participated as a source or re-
cipient agency; (ii) matching agreements that were disap-
proved; (iii) any changes in the membership or structure of the
Board in the preceding year; (iv) the reasons for any waiver of
the requirement for completion and submission of a cost-bene-
fit analysis prior to the approval of a matching program; (v)
any violations of matching agreements that have been alleged
or identified and any corrective action taken; and (vi) any
other information required by the Director of OMB to be in-
cluded.
(E) shall serve as a clearinghouse for receiving and providing
information on the accuracy, completeness, and reliability of
records used in matching programs;
(F) shall provide interpretation and guidance to agency com-
ponents and personnel on the requirements of the Privacy Act
for matching programs;
(G) shall review agency recordkeeping and disposal policies
and practices for matching programs to assure compliance
with the Privacy Act.
(H) may review and report on any agency matching activities
that are not matching programs.
Declassified and Approved For Release 2013/01/17:
IA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
42
Cost-Benefit Analysis (Paragraph 4).?A Data Integrity Board
shall not approve any written agreement for a matching program
unless the agency has completed and submitted a cost-benefit anal-
ysis of the proposed program and the analysis demonstrates that
the program is likely to be cost effective. The Board may waive the
requirements of this paragraph if it determines, in writing and in
accordance with guidelines prescribed by the Director of OMB, that
a cost-benefit analysis is not required.
Appeals (Paragraph 5).?If a matching agreement is disapproved
by a Data Integrity Board, any party to the agreement may appeal
the disapproval to the Director of OMB. Notice of the appeal must
be provided to the House Committee on Government Operations
and to the Senate Committee on Governmental Affairs. The Direc-
tor of OMB may approve a matching agreement notwithstanding
the disapproval of a Data Integrity Board if the Director deter-
mines that (i) the matching program will be consistent with all ap-
plicable legal, regulatory, and policy requirements; (ii) there is ade-
quate evidence that the matching agreement will be cost effective;
and (iii) the matching program is in the public interest. The deci-
sion of the OMB Director to approve a matching agreement shall
not take effect until 30 days after it is reported to the House Com-
mittee on Government Operations and the Senate Committee on
Governmental Affairs. If the Data Integrity Board and the Director
of the Office of Management and Budget disapprove a matching
program proposed by an inspector general of an agency, the inspec-
tor general may report the disapproval to the head of the agency
and to the Congress.
OMB Report (Paragraph 6).?The Director of OMB shall consoli-
date in a report to Congress the information contained in the re-
ports from the Data Integrity Boards. The OMB report shall be
made annually during the first 3 years after the data of enactment
of the Computer Matching and Privacy Protection Act of 1988, and
biennially thereafter. The OMB report shall include detailed infor-
mation about costs and benefits of matching programs and shall
identify each waiver granted by a Data Integrity Board of the re-
quirement for completion and submission of a cost-benefit analysis
as well as the reasons for granting the waiver.
Aggregate Reporting (Paragraph 7).?Agency matching activities
that are not matching programs may be reported on an aggregate
basis if necessary to protect ongoing law enforcement investiga-
tions.
SECTION 5-DEFINITIONS
This section adds new definitions to the Privacy Act.
"Matching program" means any computerized comparison of (i)
two or more automated systems of records or a system of records
with non-Federal records for the purpose of (I) establishing or veri-
fying the eligibility of, or continuing compliance with statutory and
regulatory requirements by, applicants for, recipients or benefici-
aries of, participants in, or providers of services with respect to,
cash or in-kind assistance or payments under Federal benefit pro-
grams, or (II) recouping payments or delinquent debts under Feder-
al benefit programs, or (ii) two or more automated Federal person-
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
I Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
43
nel or payroll systems of records or a system of Federal personnel
or payroll records with non-Federal records.
A matching program does not include: (i) matches performed to
produce aggregate statistical data without any personal identifiers;
(ii) matches performed to support any research or statistical
project, the specific data of which may not be used to make deci-
sions concerning the rights, benefits, or privileges of specific indi-
viduals; (iii) matches performed, by an agency or component which
performs as its principal function any activity pertaining to the en-
forcement of criminal laws, subsequent to the initiation of a specif-
ic criminal or civil law enforcement investigation of a named
person or persons for the purpose of gathering evidence against
such person or persons; (iv) matches of tax information (I) pursuant
to section 6103(d) of the Internal Revenue Code of 1986 (pertaining
to disclosures to State and local officials); (II) for purposes of tax
administration as defined in section 6103(b)(4), or (III) for the pur-
pose of intercepting a tax refund due an individual under authority
granted by the Deficit Reduction Act of 1984; (v) matches whose
purpose is not to take any adverse financial, personnel, discipli-
nary, or other adverse action against Federal personnel, (I) using
records predominantly relating to Federal personnel, that are per-
formed for routine administrative purposes (subject to guidance
provided by the Director of OMB); or (II) conducted by an agency
using only records from systems of records maintained by that
agency; or (vi) matches performed to produce background checks
for security clearance of Federal personnel or for foreign counterin-
telligence purposes.
The term "recipient agency" means any agency, or contractor
thereof, receiving records contained in a system of records from a
source agency for use in a matching program. -
The term 'non-Federal agency" means any State or local govern-
ment, or agency thereof, which receives records contained in a
system of records from a source agency for use in a matching pro-
gram.
The term "source agency" means any agency which discloses
records contained in a system of records to be used in a matching
program, or any State or local government, or agency thereof,
which discloses records to be used in a matching program.
The term "Federal benefit program" means any program admin-
istered or funded by the Federal Government or any agent thereof,
providing cash or in-kind assistance in the form of payments,
grants, loans, or loan guarantees to individuals.
The term "Federal personnel" means officers and employees of
the Government of the United States, members of the uniformed
services (including members of the Reserve components), individ-
uals entitled to received immediate or deferred retirement benefits
under any retirement program of the Government of the United
States (including survivor benefits).
SECTION 6-FUNCTIONS OF THE DIRECTOR OF OMB
This section adds a new subsection (v) to the Privacy Act to con-
solidate and codify the functions of the Director of OMB under the
Privacy Act.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
44
Subsection (v) requires the Director of OMB to (1) develop and
(after notice and opportunity for public comment) prescribe guide-
lines and regulations for the use of agencies in implementing the
provisions of the Privacy Act; and (2) provide continuing assistance
to and oversight of the implementation of the Privacy Act by agen-
cies.
Section 6 of the Privacy Act of 1974, which is codified in subsec-
tion (v), is repealed.
SECTION 7 ?COMPILATION OF RULES AND NOTICES
The requirement for publication of a compilation of Privacy Act
system notices is changed from annual to biennial publication.
SECTION 8-ANNUAL REPORT
The current requirement in the Privacy Act for a report by OMB
is changed to from annual to biennial.
SECTION 9-RULES OF CONSTRUCTION
This section provides that nothing in the amendments made by
the Computer Matching and Privacy Protection Act of 1988 shall
be construed to authorize: (1) the establishment or maintenance by
any agency of a national data bank that combines, merges, or links
information on individuals maintained in systems of records by
other Federal agencies; (2) the direct linking of computerized sys-
tems of records maintained by Federal agencies; (3) the computer
matching of records not otherwise authorized by law; or (4) the dis-
closure of records for computer matching except to a Federal,
State, or local agency.
SECTION 10?EFFECTIVE DATES
The amendments made by this act shall take effect 9 months
after the date of enactment, except that the amendments made by
sections 6, 7, and 8 shall take effect upon enactment.
ESTIMATE OF THE CONGRESSIONAL BUDGET OFFICE
The following estimate prepared by the Congressional Budget
Office is submitted as required by clause (2)(1)(3)(C) of House Rule
XI.
U.S. CONGRESS,
CONGRESSIONAL BUDGET OFFICE,
Washington, DC, July 6, 1988.
Hon. JACK BROOKS,
Chairman, Committee on Government Operations,
House of Representatives, Washington, DC.
DEAR MR. CHAIRMAN: The Congressional Budget Office has re-
viewed H.R. 4699, the Computer Matching and Privacy Protection
Act of 1988, as ordered reported by the House Committee on Gov-
ernment Operations, June 9, 1988.
Based on information provided by the Department of Health and
Human Services (HHS), the Department of Defense and a number
of other agencies, CBO estimates that enacting this bill would
result in costs to the federal government of up to $2 million during
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
45
the first year after enactment, and less than $1 million annually
thereafter. A greater budget impact would occur if matching pro-
grams operated by the Office of Child Support Enforcement (OCSE)
and the Federal Parent Locator Service (FPLS) are affected by the
bill, in which case the federal government and state governments
could lose substantial collection.
H.R. 4699 would establish procedures to regulate the use of com-
puter matching by federal agencies or by nonfederal agencies with
federal records. These procedures would include preparing match-
ing agreements with agencies when sharing data, providing the
right to appeal to individuals affected by information obtained in a
match, and establishing data integrity boards to oversee matching
activities.
Most of the costs associated the bill would result from preparing
matching agreements required by section 2 of the bill. Although
agencies currently have agreements covering some matching activi-
ties, H.R. 4699 would require more extensive agreements, and
would require them for all matches. The agreements would specify
the purpose and legal authority of the match, the methodology to
be used, and expected results; they would also include notification
and verification procedures for individuals affected by a match.
The magnitude of the first-year costs is difficult to predict. If ex-
isting matching agreements would satisfy the requirements of the
bill, then there would be little additional cost to the government.
However, if the existing agreements would need substantial addi-
tional work, CBO estimates that costs would be around $1 million
during the first year after enactment. Costs in future years would
be much lower, because the agreements would problably need only
minor updating.
Another potential cost associated with enacting H.R. 4699 would
be establishing data integrity boards required by Section 4. These
boards would oversee an agency's matching activities, and would
review the matching agreements required by Section 2. Many agen-
cies already have some type of formal or informal group similar to
a data integrity board. Nevertheless, because many agencies would
probably devote more time to these activities, there would be some
additional cost to the government, probably less than $1 million an-
nually.
Section 4 would also require agencies to prepare cost/benefit
analyses for all proposed matches, which would be reviewed by the
data integrity boards. Preparing these analyses would probably
result in some additional costs, but they would also discourage
agencies from attempting some matches that would not be cost ef-
fective. CBO expects that these two effects would probably offset
each other and, therefore, would result in no significant costs or
savings to the government.
CBO does not expect other sections of H.R. 4699 to have a signifi-
cant effect on the federal budget. These sections would, among
other things, require federal agencies to publish in the Federal
Register notice of matching programs with nonfederal entities and
require that an Office of Management and Budget report on com-
puter matching be submitted biennially instead of annually.
The enactment of H.R. 4699 would also result in additional costs
both to the federal government and to state governments if the
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
46
FPLS and the Federal Income Tax Refund Offset Program of the
OCSE would receive fewer collections through their enforcement
activities. These programs use computer matching to locate or es-
tablish the identity of non-custodial parents who are failing to
make child support payments. In fiscal year 1987, the federal share
of these collections was $400 million and the state government
share was $202 million. Although the committee staff has indicated
that the bill is not intended to cover these programs, information
provided by HHS indicates that these programs might be subject to
H.R. 4699 because of their involvement with Aid to Families with
Dependent Children and tax refunds. The issue may be resolved in
the courts.
The reduction in collections could occur in two ways. First, the
verification and appeal procedures mandated by H.R. 4699 could
result in less computer matching, and therefore fewer collections,
because some agencies could elect not to let OCSE use their records
for matching rather than institute the new procedures. Second, no-
tifying parents found through FPLS of court actions to be taken
against them may give such parents an opportunity to evade legal
proceedings, and to continue to avoid making child support pay-
ments. Either of these outcomes would result in fewer collections,
but we cannot predict the likelihood of either or the amount by
which the collections might decrease.
Estimated Cost to State and Local Governments. CBO expects
that enacting H.R. 4699 would require state and local agencies in-
volved in computer matching with federal agencies to adopt some
new procedures to comply with the verification and notification re-
quirements of the bill, and to expand matching agreements with
federal agencies. Based on information provided by the American
Public Welfare Association and the National Association of State
Information Systems, CBO estimates that the costs associated with
these activities would not be significant.
Previous CI30 Estimate. On September 17, 1987, CBO prepared
an estimate for S. 496, the Computer Matching and Privacy Protec-
tion Act of 1987, as passed by the Senate on May 21, 1987. In that
earlier analysis, CBO estimated that enacting S. 496 would result
in recurring costs to the federal government of $2 million to $3 mil-
lion annually, and in non-recurring costs of $2 million during the
first year after enactment. The difference between this estimate
and the earlier one reflects new information provided by several
agencies and a reexamination of our earlier findings.
If you wish further details on this estimate, we will be pleased to
provide them.
Sincerely,
JAMES L. BLUM,
Acting Director.
COMMITTEE ESTIMATE OF COST
The committee accepts the cost estimate of the Congressional
Budget Office.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
47
INFLATIONARY IMPACT
In accordance with clause (2)(1)(4) of House Rule XI, it is the
opinion of the committee that the provisions of this bill will have
no inflationary impact on prices and costs in the operations of the
national economy.
OVERSIGHT FINDINGS
The committee has made no detailed findings or recommenda-
tions other than those contained elsewhere in this report.
NEW BUDGET AUTHORITY AND TAX EXPENDITURES
No new budget authority or tax expenditures are required by
this legislation.
CHANGES IN EXISTING LAW MADE BY THE BILL, AS REPORTED
In compliance with clause 3 of rule XIII of the Rules of the
House of Representatives, changes in existing law made by the bill,
as reported, are shown as follows (existing law proposed to be omit-
ted is enclosed in black brackets, new matter is printed in italic,
existing law in which no change is proposed is shown in roman):
TITLE 5, UNITED STATES CODE
PART I?THE AGENCIES GENERALLY
CHAPTER 5?ADMINISTRATIVE PROCEDURE
SUBCHAPTER II?ADMINISTRATIVE PROCEDURE
? 552a. Records maintained on individuals
(a) DEFINITIONS.?For purposes of this section?
(1) * * *
(6) the term "statistical record" means a record in a system
of records maintained for statistical research or reporting pur-
poses only and not used in whole or in part in making any de-
termination about an identifiable individual, except as provid-
ed by section 8 of title 13; [and]
(7) the term "routine use" means, with respect to the disclo-
sure of a record, the use of such record for a purpose which is
compatible with the purpose for which it was collected [.];
(8) the term "matching program"?
(A) means any computerized comparison of?
(i) two or more automated systems of records or a
system of records with non-Federal records for the pur-
pose of?
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
48
(I) establishing or verifying the eligibility of or
continuing compliance with statutory and regula-
tory requirments by, applicants for, recipients or
beneficiaries of paticipants in, or providers of serv-
ices with respect to, cash or in-kind assistance or
payments under Federal benefit programs, or
(II) recouping payments or delinquent debts
under such Federal benefit programs, or
(ii) two or more automated Federal personnel or pay-
roll systems of records or a system of Federal personnel
or payroll records with non-Federal records,
(B) but does not include?
(i) matches performed to produce aggregate statistical
data without any personal identifiers;
(ii) matches performed to support any research or sta-
tistical project, the specific data of which may not be
used to make decisions concerning the rights, benefits
or privileges of specific individuals;
(iii) matches performed, by an agency (or component
thereof) which performs as its principal function any
activity pertaining to the enforcement of criminal laws,
subsequent to the initiation of a specific criminal or
civil law enforcement investigation of a named person
or persons for the purpose of gathering evidence against
such person or persons;
(iv) matches of tax information (I) pursuant to sec-
tion 6103(d) of the Internal Revenue Code of 1986, (II)
for purposes of tax administration as defined in section
6103(b)(4) of such Code, or (III) for the purpose of inter-
cepting a tax refund due an individual under author-
ity granted by the Deficit Reduction Act of 1984;
(v) matches?
(I) using records predominantly relating to Fed-
eral personnel, that are performed for routine ad-
ministrative purposes (subject to guidance provided
by the Director of the Office of Management and
Budget pursuant to subsection (v)); or
(II) conducted by an agency using only records
from systems of records maintained by that agency;
if the purpose of the match is not to take any adverse
financial, personnel, disciplinary, or other adverse
action against Federal personnel; or
(vi) matches performed to produce background checks
for security clearances of Federal personnel or for for-
eign counterintelligence purposes;
(9) the term "recipient agency" means any agency, or contrac-
tor thereof receiving records contained in a system of records
from a source agency for use in a matching program;
(10) the term "non-Federal agency" means any State or local
government, or agency thereof which receives records contained
in a system of records from a source agency for use in a match-
ing program;
(11) the term "source agency" means any agency which dis-
closes records contained in a system of records to be used in a
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
49
matching program, or any State or local government, or agency
thereof which discloses records to be used in a matching pro-
gram;
(12) the term "Federal benefit program" means any program
administered or funded by the Federal Government, or any
agent thereof providing cash or in-kind assistance in the form
of payments, grants, loans, or loan guarantees to individuals;
and
(13) the term "Federal personnel" means officers and employ-
ees of the Government of the United States, members of the uni-
formed services (including members of the Reserve Components),
individuals entitled to receive immediate or deferred retirement
benefits under any retirement program of the Government of the
United States (including survivor benefits).
(f) AGENCY RULES.?In order to carry out the provisions of this
section, each agency that maintains a system of records shall pro-
mulgate rules, in accordance with the requirements (including gen-
eral notice) of section 553 of this title, which shall?
(1) establish procedures whereby an individual can be noti-
fied in response to his request if any system of records named
by the individual contains a record pertaining to him;
(2) define reasonable times, places, and requirements for
identifying an individual who requests his record or informa-
tion pertaining to him before the agency shall make the record
or information available to the individual;
(3) establish procedures for the disclosure to an individual
upon his request of his record or information pertaining to
him, including special procedure, if deemed necessary, for the
disclosure to an individual of medical records, including psy-
chological records pertaining to him;
(4) establish procedures for reviewing a request from an indi-
vidual concerning the amendment of any record or information
pertaining to the individual, for making a determination on
the request, for an appeal within the agency of an initial ad-
verse agency determination, and for whatever additional
means may be necessary for each individual to be able to exer-
cise fully his rights under this section; and
(5) establish fees to be charged, if any, to any individual for
making copies of his record, excluding the cost of any search
for and review of the record.
The Office of the Federal Register shall [annually] biennially
compile and publish the rules promulgated under this subsection
and agency notices published under subsection (e)(4) of this section
in a form available to the public at low cost.
(0) MATCHING AGREEMENTS.-(1) No record which is contained in
a system of records may be disclosed to a recipient agency or non-
Federal agency for use in a computer matching program except pur-
suant to a written agreement between the source agency and the re-
cipient agency or non-Federal agency specifying?
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
50
(A) the purpose and legal authority for conducting the pro-
gram;
(B) the justification for the program and the anticipated re-
sults, including a specific estimate of any savings;
(C) a description of the records that will be matched, includ-
ing each data element that will be used, the approximate
number of records that will be matched, and the projected start-
ing and completion dates of the matching program;
(D) procedures for providing individualized notice at the time
of application, and periodically thereafter as directed by the
Data Integrity Board of such agency (subject to guidance pro-
vided by the Director of the Office of Management and Budget
pursuant to subsection (v)), to?
(i) applicants for and recipients of financial assistance or
payments under Federal benefit programs, and
(ii) applicants for and holders of positions as Federal per-
sonnel,
that any information provided by such applicants, recipients,
holders, and individuals may be subject to verification through
matching programs;
(E) procedures for verifying information produced in such
matching program as required by subsection (p);
(F) procedures for the timely destruction of identifiable
records created by a recipient agency or non-Federal agency in
such matching program;
(G) procedures for ensuring the administrative, technical, and
physical security of the records matched and the results of such
programs;
(H) prohibitions on duplication and redisclosure of records
provided by the source agency within or outside the recipient
agency or the non-Federal agency, except where required by law
or essential to the conduct of the matching program;
(I) procedures governing the use by a recipient agency or non-
Federal agency of records provided in a matching program by a
source agency, including procedures governing return of the
records to the source agency or destruction of records used in
such program;
(J) information on assessments that have been made on the
accuracy of the records that will be used in such matching pro-
gram; and
(K) that the Comptroller General may have access to all
records of a recipient agency or a non-Federal agency that the
Comptroller General deems necessary in order to monitor or
verify compliance with the agreement.
(2)(A) A copy of each agreement entered into pursuant to para-
graph (1) shall?
(i) be transmitted to the Committee on Governmental Affairs
,of the Senate and the Committee on Government Operations of
the House of Representatives; and
(ii) be available upon request to the public.
(B) No such agreement shall be effective until 30 days after the
date on which such a copy is transmitted pursuant to subparagraph
(A)(i).
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
51
(C) Such an agreement shall remain in effect only for such period,
not to exceed 18 months, as the Data Integrity Board of the agency
determine is appropriate in light of the purposes, and length of time
necessary for the conduct, of the matching program.
(D) Within 3 months prior to the expiration of such an agreement
pursuant to subparagraph (C), the Data Integrity Board of the
agency may, without additional review, renew the matching agree-
ment for a current, ongoing matching program for not more than
one additional year if?
(i) such program will be conducted without any change; and
(ii) each party to the agreement certifies to the Board in writ-
ing that the program has been conducted in compliance with
the agreement.
(p) VERIFICATION AND OPPORTUNITY To CONTEST FINDINGS.?(1)
In order to protect any individual whose records are used in match-
ing programs, no recipient agency, non-Federal agency, or source
agency may suspend, terminate, reduce, or make a final denial of
any financial assitance under a Federal benefit program to such in-
dividual, or take other adverse action against such individual as a
result of information produced by such matching programs, until an
officer or employee of such agency has independently verified such
information. Such independent verification may be satisfied either
(A) by verification in accordance with the requirements governing
such Federal benefit program, or (B) by verification in accordance
with the requirements of paragraph (2).
(2) Independent verification required by paragraph (1)(B) shall in-
clude independent investigation and confirmation of?
(A) the amount of the asset or income involved,
(B) whether such individual actually has or had access to
such asset or income for such individual's own use,
(C) the period or periods when the individual actually had
such asset or income, and
(D) any other information used as a basis for an adverse
action against an individual.
(3) No recipient agency, non-Federal agency, or source agency may
suspend, terminate, reduce, or make final denial or any financial
assistance or payment under a Federal benefit program to any indi-
vidual described in paragraph (1), or take other adverse action
against such individual as a result of information produced by a
matching program, until 60 days after such individual receives a
notice from such agency containing a statement of its findings and
informing the individuals of the opportunity to contest such find-
ings. Such opportunity may be satisfied by notice, hearing, and
appeal rights governing such Federal benefit program. The exercise
of any such rights shall not affect any rights available under this
section.
(4) Notwithstanding paragraph (3), an agency may take any appro-
priate action otherwise prohibited by such paragraph if the agency
determines that the public health or public safety may be adversely
affected or significantly threatened during the 60-day notice period
required by such paragraph.
(q) SANCTI0NS.?(1) Notwithstanding any other provision of law,
no source agency may disclose any record which is contained in a
system of records to a recipient agency or non-Federal agency for a
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
52
matching program if such source agency has reason to believe that
the requirements of subection (p), or any matching agreement en-
tered into pursuant to subsection (o), or both, are not being met by
such recipient agency.
(2) No source agency may renew a matching agreement unless?
(A) the recipient agency or non-Federal agency has certified
that it has complied with the provisions of that agreement; and
(B) the source agency has no reason to believe that the certifi-
cation is inaccurate.
((0) REPORT ON NEW SYSTEMS.?Each agency shall provide ade-
quate advance notice to Congress and the Office of Management
and Budget of any proposal to establish or alter any system of
records in order to permit an evaluation of the probable or poten-
tial effect of such proposal on the privacy and other personal or
property rights of individuals or the disclosure of information relat-
ing to such individuals, and its effect on the preservation of the
constitutional principles of federalism and separation of powers.]
(r) REPORT ON NEW SYSTEMS AND MATCHING PROGRAMS.?Each
agency that proposes to establish or make a significant change in a
system of records or a matching program shall provide adequate ad-
vance notice of any such proposal (in duplicate) to the Committee on
Government Operations of the House of Representatives, the Com-
mittee on Governmental Affairs of the Senate, and the Office of
Management and Budget in order to permit an evaluation of the
probable or potential effect of such proposal on the privacy or other
rights of individuals.
[(p) ANNUAL] (S) BIENNIAL REPORT.?The President shall [an-
nually] biennially submit to the Speaker of the House of Repesen-
tatives and the President pro tempore of the Senate a report?
(1) describing the actions of the Director of the Office of
Management and Budget pursuant to section 6 of the Privacy
Act of 1974 during the preceding [year] 2 years;
(2) describing the exercise of individual rights of access and
amendment under this section during such [year;] years;
(3) identifying changes in or additions to systems of records;
(4) containing such other information concerning administra-
tion of this section as many be necessary or useful to the Con-
gress in reviewing the effectiveness of this section in carrying
out the purposes of the Privacy Act of 1974.
[(14)] (t)(1) EFFECT OF OTHER LAWS.?No agency shall rely OR any
exemption contained in section 552 of this title to withhold from an
individual any record which is otherwise accessible to such individ-
ual under the provisions of this section.
(2) No agency shall rely on any exemption in this section to with-
hold from an individual any record which is otherwise accessible to
such individual under the provisions of section 552 of this title.
(u) DATA INTEGRITY B0ARDS.?(1) Every agency conducting or par-
ticipating in a matching program shall establish a Data Integrity
Board to oversee and coordinate among the various components of
such agency the agency's implementation of this section.
(2) Each Data Integrity Board shall consist of senior officials des-
ignated by the head of the agency, and shall include any senior offi-
cial designated by the head of the agency as responsible for imple-
mentation of his section, and the inspector general of the agency, if
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
53
any. The inspector general shall not serve as chairman of the Data
Integrity Board.
(3) Each Data Integrity Board?
(A) shall review, approve, and maintain all written agree-
ments for receipt or disclosure of agency records for matching
programs to ensure compliance with subsection (o), and all rele-
vant statutes, regulations, and guidelines;
(B) shall review all matching programs in which the agency
has participated during the year, either as a source agency or
recipient agency, determine compliance with applicable laws,
regulations, guidelines, and agency agreements, and assess the
costs and benefits of such programs;
(C) shall review all recurring matching programs in which
the agency has participated during the year, either as a source
agency or recipient agency, for continued justification for such
disclosures;
(D) shall compile an annual report, which shall be submitted
to the head of the agency and the Office of Management and
Budget and made available to the public on request, describing
the matching activities of the agency, including?
(i) matching programs in which the agency has partici-
pated as a source agency or recipient agency;
(ii) matching agreements proposed under subsection (o)
that were disapproved by the Board;
(iii) any changes in membership or structure of the Board
in the preceding year;
(iv) the reasons for any waiver of the requirement in
paragraph (4) of this section for completion and submission
of a cost-benefit analysis prior to the approval of a match-
ing program;
(v) any violations of matching agreements that have been
alleged or identified and any corrective action taken; and
(vi) any other information required by the Director of the
Office of Management and Budget to be included in such
report;
(E) shall serve as a clearinghouse for receiving and providing
information on the accuracy, completeness, and reliability of
records used in matching programs;
(F) shall provide interpretation and guidance to agency com-
ponents and personnel on the requirements of this section for
matching programs;
(G) shall review agency recordkeeping and disposal policies
and practices for matching programs to assure compliance with
this section; and
(H) may review and report on any agency matching activities
that are not matching programs.
(4) A Data Integrity Board shall not approve any written agree-
ment for a matching program unless the agency has completed and
submitted a cost-benefit analysis of the proposed program and such
analysis demonstrates that the program is likely to be cost effective.
The Board may waive the requirements of this paragraph if it deter-
mines in writing, in accordance with guidelines prescribed by the
Director of the Office of Management and Budget, that a cost-bene-
fit analysis is not required.
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7
Declassified and Approved For Release 2013/91/17:
CIA-RDP91B00390R000200200009-7
54
(5)(A) If a matching agreement is disapproved by a Data Integrity
Board, any party to such agreement may appeal the disapproval to
the Director of the Office of Management and Budget. Notice of the
appeal must be provided to the Committee on Governmental Affairs
of the Senate and the Committee on Government Operations of the
House of Representatives.
(B) The Director of the Office of Management and Budget may ap-
prove a matching agreement notwithstanding the disapproval of a
Data Integrity Board if the Director determines that?
(i) the matching program will be consistent with all applica-
ble legal, regulatory, and policy requirements;
(ii) there is adequate evidence that the matching agreement
will be cost-effective; and
(iii) the matching program is in the public interest.
(C) The decision of the Director to approve a matching agreement
shall not take effect until 30 days after it is reported to committees
described in subparagraph (A).
(D) If the Data Integrity Board and the Director of the Office of
Management and Budget disapprove a matching program proposed
by the inspector general of an agency, the inspector general may
report the disapproval to the head of the agency and to the Con-
gress.
(6) The Director of the Office of Management and Budget shall,
annually during the first 3 years after the date of enactment of this
subsection and biennially thereafter, consolidate in a report to the
Congress the information contained in the reports from the various
Data Integrity Boards under paragraph (3)(D). Such report shall in-
clude detailed information about costs and benefits of matching
programs that are conducted during the period covered by such con-
solidated report, and shall identify each waiver granted by a Data
Integrity Board of the requirement for completion and submission of
a cost-benefit analysis and the reasons for granting the waiver.
(7) In the reports required by paragraphs (3)(D) and (6), agency
matching activities that are not matching programs may be reported
on an aggregate basis, if and to the extent necessary to protect ongo-
ing law enforcement investigations.
(V) OFFICE OF MANAGEMENT AND BUDGET RESPONSIBILITIES.?The
Director of the Office of Management and Budget shall?
(1) develop and, after notice and opportunity for public com-
ment, prescribe guidelines and regulations for the use of agen-
cies in implementing the provisions of this section; and
(2) provide continuing assistance to and oversight of the im-
plementation of this section by agencies.
SECTION 6 OF THE PRIVACY ACT OF 1974
(SEC. 6. The Office of Management and Budget shall?
E(1) develop guidelines and regulations for the use of agen-
cies in implementing the provisions of section 552a of title 5,
United States Code, as added by section 3 of this Act; and
1[(2) provide continuing assistance to and oversight of the im-
plementation of the provisions of such section by agencies.]
0
Declassified and Approved For Release 2013/01/17:
CIA-RDP91B00390R000200200009-7