- The Washington Times - Thursday, November 1, 2007

The Small Business Administration is ordering managers to obtain legal permission before accessing employees’ e-mail accounts after officials intercepted messages from a disaster-assistance worker secretly cooperating with congressional investigators and federal auditors.

The interception of a confidential source’s e-mails “raises troubling questions” about whether employees can feel assured that their privacy will be protected if they come forward with information to the agency’s inspector general (OIG), according to a government report.

“Management’s ability to intercept confidential employee-OIG e-mails raises troubling questions about whether agency employees can confidently and securely bring confidential complaints to the OIG’s attention,” according to an SBA inspector general’s report issued Oct. 19.

Federal law dictates that the identity of a federal employee who forward complaints to an agency inspector general remain confidential.

David Colapinto, general counsel for the National Whistleblower Center, called the situation “very, very unusual.” He said the law gives federal employees the right to take their concerns to Congress.

The report doesn’t identify the employee but said the person, who worked in the SBA’s Office of Disaster Assistance, provided information to the inspector general and gave a confidential statement to a congressional committee.

The report doesn’t name the congressional committee, but the SBA’s disaster-assistance program was the focus of a hearing in February by the House Small Business Committee, chaired by Rep. Nydia M. Velazquez, New York Democrat.

According to the report, SBA rules allow for a review of e-mails that “are subject to examination in connection with authorized official agency reviews.” But the inspector general’s office found that in this case, there was no decision on whether any such review had ever been authorized. The agency officials who would be consulted on such a request said they did not know anything about the matter, according to the inspector general.

“Although review of employee e-mails may be justified in order to determine whether an employee has violated legal or administrative requirements … the absence of controls creates an environment where employee e-mails may be subject to unauthorized access or reviewed for illegitimate purposes,” the audit concluded.

The SBA’s chief information officer, Christine Liu, told officials from the inspector general’s office that she and her staff were not aware that managers intercepted the employee’s e-mail, according to the report.

SBA officials did not respond yesterday, but Miss Liu has issued a two-page response to the inspector general’s report in which she promised new management practices.

The SBA now is requiring that the administration’s chief information officer and general counsel approve all e-mail retrieval requests, she said.



Click to Read More

Click to Hide