The Privacy Act of 1974 protects the personal information the federal government keeps on you in systems of records (SOR) (information an agency controls recovered by name or other personal identifier). The Privacy Act regulates how the government can disclose, share, provide access to, and keep the personal information that it collects. The Privacy Act does not cover all information collected online. The Act's major provisions require agencies to:
- Publish a Privacy Act Notice in the Federal Register explaining the existence, character and uses of a new or revised SOR;
- Keep information about you accurate, relevant, timely, and complete to assure fairness in dealing with you; and
- Allow you to, on request, access and review your information held in a SOR and request amendment of the information if you disagree with it.
When the OIG collects information from you online that is subject to the Privacy Act (information kept in an SOR), we will provide a Privacy Act Statement specific to that collected information. This Privacy Act Statement tells you:
- The authority for and the purpose and use of the information collected subject to the Privacy Act
- Whether providing the information is voluntary or mandatory
- The effects on you if you do not provide any or all requested information
- Federal Activities Inventory Reform (FAIR) Act
- Web Publication Schedule
- Disclaimer And Liability Notice
For more information or for comments and concerns on our privacy practices, please contact our Privacy Officer, Stacy Jordan, by email at Stacy.Jordan@oig.dot.gov or by phone at 202.360.5581.
What We Automatically Collect Online
We collect information about your visit that does not identify you personally. We can tell the computer, browser, and web service you are using. We also know the date, time, and pages you visit. Collecting this information helps us design the site to suit your needs. In the event of a known security or virus threat, we may collect information on the web content you view.
Other Information We May Collect
When you visit our website, we may request and collect the following categories of personal information from you:
- Contact information
- IDs and passwords
Why We Collect Information
Our principal purpose for collecting personal information online is to provide you with what you need and want, address security and virus concerns, and to ease the use of our website. We will only use your information for the purposes you intended, to address security or virus threats, or for the purposes required under the law. See “Choices on How We Use the Information You Provide” to learn more.
- Responding to your complaints
- Replying to your “feedback comments”
Sharing Your Information
We may share personally identifiable information you provide to us online with representatives within the Department of Transportation's Operating Administrations and related entities, other federal government agencies, or other named representatives as needed to speed your request or transaction. In a government-wide effort to combat security and virus threats, we may share some information we collect automatically, such as IP address, with other federal government agencies. Also, the law may require us to share collected information with authorized law enforcement, homeland security, and national security activities. (See the Privacy Act of 1974)
Choices on How We Use the Information You Provide
Throughout our website, we will let you know whether the information we ask you to provide is voluntary or required. By providing personally identifiable information, you grant us consent to use this information, but only for the primary reason you are giving it. We will ask you to grant us consent before using your voluntarily provided information for any secondary purposes, other than those required under the law.
Cookies or Other Tracking Devices
A "cookie" is a small text file stored on your computer that makes it easy for you to move around a website without continually re-entering your name, password, preferences, for example. We only use “session” cookies on our website. This means we store the cookie on your computer only during your visit to our website. After you turn off your computer or stop using the Internet, the cookie disappears with your personal information.
Securing Your Information
Properly securing the information we collect online is a primary commitment. To help us do this, we take the following steps to:
- Employ internal access controls to ensure the only people who see your information are those with a need to do so to perform their official duties
- Train relevant personnel on our privacy and security measures to know requirements for compliance
- Secure the areas where we hold hard copies of information we collect online
- Perform regular backups of the information we collect online to insure against loss
- Use technical controls to secure the information we collect online including but not limited to:
- Secure Socket Layer (SSL)
- Password protections
- We periodically test our security procedures to ensure personnel and technical compliance
- We employ external access safeguards to identify and prevent unauthorized tries of outsiders to hack into, or cause harm to, the information in our systems
Tampering with OIG's website is against the law. Depending on the offense, it is punishable under the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act.