The Software & Information Industry Association (SIIA) submitted comments to the Office of Management and Budget (OMB) regarding executive agencies’ handling of commercially available information (CAI), particularly when it contains personally identifiable information (PII). SIIA emphasized the importance of balancing the federal government’s legitimate use of CAI for critical functions, such as fraud prevention, disaster relief, and counter-terrorism, with privacy protections for individuals. The letter recommends that OMB focus on tailored guardrails for high-risk AI systems impacting individual rights and benefits rather than imposing broad new restrictions that could hinder agencies’ ability to leverage CAI effectively.

SIIA’s comments underscore the need for a risk-based approach to privacy concerns, stronger adoption of privacy-enhancing technologies (PETs), and clear criteria for assessing third-party data vendors’ integrity. SIIA also highlights the risks of overly narrow definitions of CAI that could unintentionally limit its beneficial use in government functions. Finally, the association shared its ongoing efforts to develop data stewardship principles to guide responsible data practices, which it plans to publish in early 2025.