{"id":188719,"date":"2026-02-18T17:16:00","date_gmt":"2026-02-18T22:16:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/18\/congressional-report-recommends-fedramp-for-commercial-data-brokers\/"},"modified":"2026-02-19T01:50:15","modified_gmt":"2026-02-19T06:50:15","slug":"congressional-report-recommends-fedramp-for-commercial-data-brokers","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/18\/congressional-report-recommends-fedramp-for-commercial-data-brokers\/","title":{"rendered":"Congressional report recommends \u2018FedRAMP\u2019 for commercial data brokers"},"content":{"rendered":"<p><a href=\"https:\/\/federalnewsnetwork.com\/cybersecurity\/2026\/02\/congressional-report-recommends-fedramp-for-commercial-data-brokers\/\">Congressional report recommends \u2018FedRAMP\u2019 for commercial data brokers<\/a><\/p>\n<p><a href=\"https:\/\/federalnewsnetwork.com\/cybersecurity\/2026\/02\/congressional-report-recommends-fedramp-for-commercial-data-brokers\/\">https:\/\/federalnewsnetwork.com\/cybersecurity\/2026\/02\/congressional-report-recommends-fedramp-for-commercial-data-brokers\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-18 17:16:00<\/a><\/p>\n<p>Source Domain: <a href=\"federalnewsnetwork.com\">federalnewsnetwork.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>                    Amid persistent concerns about how agencies make use of data brokers, a new congressionally chartered report recommends setting up an authorization framework to regulate the federal government\u2019s use of commercially available information.<br \/>\nRep. Lori Trahan (D-Mass.) this week released a new report on modernizing the Privacy Act of 1974. The 68-page document features a range of proposals to update the 52-year-old law.<br \/>\nTrahan\u2019s report has garnered attention for addressing Privacy Act vulnerabilities allegedly exploited in high-profile instances by Department of Government Efficiency (DOGE) personnel over the last year.<br \/>\nBut the report\u2019s recommendations go beyond DOGE\u2019s activities and take on several longstanding issues, including how federal agencies use data about Americans that can be purchased through private brokers.]]><\/p>\n<p>\u201cThe Privacy Act\u2019s authors could not have foreseen the proliferation of commercially available information (CAI) in the decades following the Act\u2019s passage \u2013 especially CAI containing personally identifiable information (PII) sold by data brokers \u2013 nor federal agencies\u2019 voracious appetite for such data,\u201d the report states.<br \/>\nIt recommends setting up a process to authorize federal use of commercially available information modeled on the Federal Risk and Authorization Management Program. Known as FedRAMP, the program assesses the security of cloud offerings used by federal agencies.<br \/>\n\u201cBy modeling this process on or incorporating it into the Federal Risk and Authorization Management Program \u2026 Congress could standardize evaluations of commercially available datasets and mitigate privacy risk,\u201d the report states. \u201cMoreover, Congress could stipulate that such authorizations be made publicly available via a centralized portal, facilitating its own oversight while simultaneously improving accountability.\u201d<br \/>\n\u2018Messy\u2019 state of affairs<br \/>\nThe Privacy Act\u2019s protections \u201cgenerally\u201d cover CAI that contains personally identifiable information, the report acknowledges. But CAI \u201cpresents emergent privacy risks that demand additional quality and transparency controls which Congress is uniquely positioned to mandate.\u201d<br \/>\nTrahan\u2019s report points to how civilian agencies rely on data brokers to verify identity and prevent fraud, rather than using data from other federal agencies. The Privacy Act \u201cengenders a dynamic in which civilian agencies under pressure from Congress to meet statutory deadlines routinely look to commercial data brokers rather than other agencies or individuals for requisite data,\u201d Trahan\u2019s report states.<br \/>\nMeanwhile, law enforcement and intelligence agencies rely on \u201ccopious exceptions\u201d in law to buy and share commercially available information.<br \/>\n\u201cThis state of affairs is messy, inefficient, and indefensible,\u201d Trahan\u2019s report states.]]><\/p>\n<p>Civil liberties groups have also argued that agencies use data brokers to circumvent the Fourth Amendment and evade Privacy Protections. In response to a 2024 request for information from the Office of Management and Budget, privacy advocates pointed to the types of information the data broker industry collects and sells on individuals.<br \/>\n\u201cThis data includes, but is not limited to, detailed location histories; demographic information, including membership in legally protected groups, interests, affinities, and associations; and information about finances and wealth, property, healthcare, and internet search and browsing history,\u201d a group of civil liberties nonprofits told OMB.<br \/>\nIn a separate response, the Federation of American Scientists argued agencies like Immigration and Customs Enforcement have used broker-purchased data to track individuals without warrants.<br \/>\nLike Trahan\u2019s proposal, the FAS has recommended using FedRAMP to authorize third-party data sources. \u201cAn authorization framework for CAI containing PII would ensure a standardized approach for data collection, management, and contracting, mitigating risks, and ensuring ethical data use,\u201d FAS wrote.<br \/>\nThe Democratic congresswoman\u2019s report said a standardized authorization framework for CAI should be one that \u201cmeaningfully mitigates privacy risk for individuals, improves quality control, and eliminates redundant procurements.\u201d<br \/>\nMuch like how FedRAMP uses third-party assessors to evaluate whether cloud services meet security controls, a \u201cFedRAMP-for-CAI\u201d solution would \u201cidentify appropriate CAI products and services, and evaluate those products and services against a common baseline of privacy controls,\u201d Trahan\u2019s report states.<br \/>\n\u201cAgency authorizing officials use this information to make informed, risk-based, and efficient decisions concerning the use of those CAI products and services,\u201d it adds.<br \/>\n                    Copyright<br \/>\n                            \u00a9\u00a02026 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Congressional report recommends \u2018FedRAMP\u2019 for commercial data brokers https:\/\/federalnewsnetwork.com\/cybersecurity\/2026\/02\/congressional-report-recommends-fedramp-for-commercial-data-brokers\/ Publish Date: 2026-02-18 17:16:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":188720,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2026\/02\/IDENTIFICATION_08.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24],"class_list":["post-188719","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/188719"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=188719"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/188719\/revisions"}],"predecessor-version":[{"id":188721,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/188719\/revisions\/188721"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/188720"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=188719"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=188719"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=188719"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}