This Daily Sound Off comes from Bob in Elgin, Illinois:
Until Tuesday I was the AMT (Asst. Manager for Technology) for the Elgin IL census office.
Around April 1st, a change was made to DAPPS (Decennial Applicant, Personnel, and Payroll System) so that it required us to ask employees for the last 4 digits of their Social Security Number to reset their passwords. This is a direct violation of the Federal Privacy Act of 1974, and placed me personally at risk of fines and jail every time I illegally requested this information of another employee. I immediately notified IT management of this issue, and opened a trouble ticket.
Despite my complaints, this issue was never fixed. A proper disclosure could have been added to the screen to be read to the employee. Or something other than SSN could have been used to verify identity. The system even asked new users 3 security questions (hobby,favorite color, pets name) when they first logged in, but these are NEVER used anywhere. Or we could have continued to reset passwords with no further authentication, since these users were all in the office and personally known. This was not a situation where passwords were being reset from remote requests over the phone or internet where verification of identity is an issue.
On May 4th, I was ordered by my area manager, Richard Earley (Chicago RCC) to do this in violation of the law, and threatened with termination if I refused to comply. I responded that he did not have the authority to order me to violate federal law.
On May 6th, Richard Earley stopped in our Elgin office, again ordered me to violate this law, and wrote me up twice on D-282 disciplinary forms. He indicated that he would provide me with copies of those forms, and indicate exactly what rules I had violated in refusing to violate the law, but never did either of these.
In late May a new NRFU Shipping application was rolled out to replace the severely performance limited PBOCS system. The new ship app was based on DAPPS, and had the same illegal SSN request to reset passwords. I immediately logged another trouble ticket to alert management of this issue.
Tuesday afternoon, June 8th Richard Earley again came to our office with a letter written by his staff ordering my termination, that he forced our local office manager to sign under threat of termination. Richard was the only one that spoke to me, terminating me on the spot, and walking me out the door. Although a D283 is required for termination, I never saw a copy of that form.
In addition, our Chicago RCC has issued an edict that we can’t terminate anyone for performance issues, we have to demote them to a lower position. This has been done to other employees in my office, but was not done in my case.
According to the rules on this web site
Both my discipline and termination are illegal actions.
I have contacted several federal regulatory agencies, including EEO, OMB, OIG, and OSC and filed complaints as soon as I was disciplined.
In addition the census bureau owes a $1000 penalty to every employee that has been asked for an SSN to have their password reset (probably 5-10K people at a cost of $5-10M), according to the Privacy Act. And those responsible for this illegal system should be fined $5000 per the same law.
I would be more than happy to provide additional information on this issue, and would really appreciate it if you would publicize the census violations of the law.
The computer systems have so many bugs and performance issues, that I question that this census will produce a true and accurate count of our population.
Our RCC manages by intimidation and harassment. They have gone out of their way to create a hostile work environment for all involved in this operation. I don’t know if this is a local issue (IL, WI, IN) or national. In my 35 years of work history, I have NEVER seen so many illegal actions in a place of work as this one experience of working for my own government. I find it disgusting.