- Authorized Uses of Pay.gov
- Importance of Privacy
- Information Automatically Gathered
- Personal Information We May Ask for and Its Uses
- Personal Information Not Sought from Children
- Our Legal Authority to Ask for Personal Information
- To Whom We May Release Personal Information
- No Unsolicited Information
Caution About Sending Unencrypted Personal Information Over the Internet
Authorized Uses of Pay.gov
We authorize you to access and use Pay.gov services for the primary purpose of conducting financial transactions with
Federal agencies. Accessing or using Pay.gov services without consenting to the terms of these Pay.gov notices and
agreement is unauthorized and prohibited. Any access or use of the Pay.gov Web site for unlawful purposes, purposes
other than those allowed under these notices and agreement or in a manner contrary to the terms of these notices or
agreement is unauthorized and prohibited. Among other things, attempts to "crack," disrupt, bring down, infect with a
computer virus or worm, block access to by others, or spoof Pay.gov are unauthorized. Also unauthorized are attempts to
impersonate others or to intercept data intended for others. Unauthorized use may be a violation of law, including a
violation of the Computer Fraud and Abuse Act of 1986 and National Information Infrastructure Protection Act
(18 U.S.C. § 1030) and mail fraud statutes if it
leads to an item being delivered by mail and may result in criminal penalties.
Also, 31 U.S.C. § 333 prohibits (among other things)
the misuse of certain names, terms, symbols, and emblems of the Department of the Treasury, as well as any colorable
imitations of these items. This conduct is illegal if done in connection with business activities in a manner that
reasonably could be construed as falsely implying that such activities are in any manner approved, endorsed, sponsored,
authorized by, or associated with the Department of the Treasury. For instance, "framing" the Pay.gov site in a manner
designed to falsely imply a relationship with Treasury could be forbidden under the statute. Section 333 also provides
that the use of disclaimers is irrelevant to a determination of whether the statute has been violated.
Importance of Privacy
We are committed to protecting the privacy rights of the public. These rights are ensured through the Privacy
Act of 1974 (5 U.S.C. §552A), Office of
Management and Budget guidance, and other Federal regulations and FMS policy.
Information Automatically Gathered
For Web site security purposes as well as to improve our site, Pay.gov uses software that can monitor network
traffic and identify unauthorized attempts to cause damage or upload or change information. Like all Web sites,
when a page is requested Pay.gov can obtain some information
about the request, such as: name of the domain from which the visitor accesses the Internet (e.g. "a company.com"; "
a school.edu; or "an agency.gov"), Internet protocol address, date and time the Web site is visited and type of
browser and operating system used to access the site. Aggregate information about individual Web pages visited also
We generally do not use this automatically gathered information to attempt to identify individual users. We may use
this information for authorized law enforcement investigations related to Pay.gov. This includes attempting to trace
the source of an attack designed to disrupt or bring down the site or to prove whether a financial transaction has
taken place. Otherwise, we only use this information to improve the content and structure of the Pay.gov Web site.
Pay.gov does not use persistent "cookies", which are permanent files placed on a visitor's hard drive that allow a
Web site to monitor a visitor's use of the site. To the extent Pay.gov uses any cookies at all, such cookies are
session cookies, which expire and automatically are removed no later than upon the closing of a Web browser.
Personal Information We May Ask for and Its Uses
We do not require you to provide any personal information just to access the Pay.gov site. If you choose to use
certain services provided by Pay.gov, such as submitting a form or paying a bill electronically, we may need to
confirm whom you claim to be to provide access, a process known as authentication.
Authentication may entail that you provide a username and password previously issued to you after a
registration process. Another way that Pay.gov may perform authentication is by asking you to provide certain
sensitive personal identifying information, in particular your name, address, phone number, driver's license number,
date of birth, taxpayer identification number, financial institution account information, and amount of recent
payment from the Treasury Department, that Pay.gov will verify by querying commercial or Government databases.
The information you provide to Pay.gov will not be added to the databases of any commercial database provider,
other than that needed for the purpose of billing us for the service, and cannot be re-disclosed by the commercial
database provider. This authentication process is exclusively geared to verify a user's identity; it in no way
performs a credit check. The only criterion is that the information you provide is consistent with the records in
the databases we access for authentication.
Although this does not constitute a Fair Credit Reporting Act action (which mandates the database providers
to offer certain aspects of customer service), we will disclose the names of the databases if you so
All information you provide will be encrypted during any transmission or delivered using secure, dedicated networks.
Personal Information Not Sought from Children
We do not attempt to collect personally identifiable information on-line from children age 16 or younger.
Furthermore, we do not attempt to authenticate any person claiming to be age 16 or younger.
Our Legal Authority to Ask for Personal Information
We ask for personal information during authentication so that you can access certain information and conduct
transactions that may typically result in the collection or payment of public money. Unless stated otherwise,
the providing of this information is voluntary, not mandatory; however, if you choose not to provide this
information we may not be able to process your requests.
Among the voluntary information we may seek, Social Security numbers are a special case. Unlike other voluntary
information, the Privacy Act states that an agency cannot deny you access or otherwise refrain from processing your
transactions if you refuse to provide this particular piece of information, unless there is a statutory provision
or other exception that allows or requires the agency to ask for this information. In this regard, there is a
statutory provision at 31 U.S.C. § 7701 that can
require us to ask for Social Security numbers in many instances. This statute mandates that we ask for this
information in transactions that may result in a receivable and in certain other financial dealings. When dealing
with a particular agency application, that agency may have additional cause to ask us to request your Social
To Whom We May Release Personal Information
The parties to whom we disclose information may include:
As was previously mentioned, the information you voluntarily provide may be communicated during authentication to
third parties to validate your information and to ultimately confirm your identity. They are legally bound to not
further disclose information we share with them.
- Appropriate Federal, state, local or foreign agencies responsible for investigating or prosecuting the
violation of, or for enforcing or implementing, a statute, rule, regulation, order, or license, but only if
the investigation, prosecution, enforcement or implementation concerns a transaction(s) or other
event(s) that involved (or contemplates involvement of), in whole or part, an electronic method of collecting
revenues for the Federal government. The records and information may also be disclosed to commercial database
vendors to the extent necessary to obtain information pertinent to such an investigation, prosecution,
enforcement or implementation.
Commercial database vendors for the purposes of authenticating the identity of individuals who electronically
authorize payments to the Federal Government, to obtain information on such individuals' payment or check
writing history, and for administrative purposes, such as resolving a question about a transaction.
A court, magistrate, or administrative tribunal, in the course of presenting evidence, including disclosures
to opposing counsel or witnesses, for the purpose of civil discovery, litigation, or settlement negotiations
or in response to a subpoena, where relevant or potentially relevant to a proceeding, or in connection with
criminal law proceedings.
A congressional office in response to an inquiry made at the request of the individual to whom the record
Fiscal agents, financial agents, financial institutions, and contractors for the purpose of performing
financial management services, including, but not limited to, processing payments, investigating and
rectifying possible erroneous reporting information, creating and reviewing statistics to improve the
quality of services provided, or conducting debt collection services.
Federal agencies, their agents and contractors for the purposes of facilitating the collection of revenues,
the accounting of such revenues, and the implementation of programs related to the revenues being collected.
Federal agencies, their agents and contractors, to credit bureaus, and to employers of individuals who owe
delinquent debt only when the debt arises from the unauthorized use of electronic payment methods. The
information will be used for the purpose of collecting such debt through offset, administrative wage garnishment,
referral to private collection agencies, litigation, reporting the debt to credit bureaus, or for any
other authorized debt collection purpose.
Financial institutions, including banks and credit unions, and credit card companies for the purpose of
revenue collections and/or investigating the accuracy of information required to complete transactions using
electronic methods and for administrative purposes, such as resolving questions about a transaction.
In addition, if authentication is successful, we may make the information you provide, and the details of how we
concluded authentication was successful, available to the agency that owns the application with which you are
attempting to complete a transaction.
We will not license or sell your personal information for commercial purposes.
No Unsolicited Information
We may send notices to your e-mail address with regard to transactions you conduct on the Pay.gov site, such as
confirmation notices, but otherwise we will not use your personal information to send you unsolicited information
unless you opt-in to do so, such as by asking to be placed on an e-mail list.
Caution About Sending Unencrypted Personal Information Over the Internet
If you choose to send Pay.gov personal information electronically or request that we send you personal information
electronically (such as by e-mail), we cannot guarantee its confidentiality as it travels across the Internet.
While not likely, others could eavesdrop. To make this less likely, we may use encryption to protect information
that you send or view via Web pages (this does not apply to e-mail). Pay.gov utilizes a secure transmission
protocol (Secure Sockets Layer (SSL)) to provide protection of the Web page communications across the Internet
between Pay.gov and your computer. SSL is a commonly used protocol for managing the security of an interactive
Web session on the Internet. If the Web page has an address that begins with <https://> rather than
<http://> then the page is protected by SSL.
Information transmitted to and from agencies and third party vendors other than through Web pages will be
transmitted through a secure virtual private network connection or dedicated connection.