SENATE REPORT NO. 93-1183
Sept. 26, 1974
The Committee on Government Operations, to which was referred the bill (S. 3418) to establish a Federal Privacy Board to oversee the gathering and disclosure of information concerning individuals, to provide management systems in Federal agencies, State and local governments, and other organizations regarding such information, and for other purposes, having considered the same, reports favorably thereon with an amendment in the nature of a substitute and an amended title and recommends that the bill as amended do pass.
PURPOSE
The purpose of S. 3418, as amended, is to promote governmental respect for the privacy of citizens by requiring all departments and agencies of the executive branch and their employees to observe certain constitutional rules in the computerization, collection, management, use, and disclosure of personal information about individuals.
It is to promote accountability, responsibility, legislative oversight, and open government with respect to the use of computer technology in the personal information systems and data banks of the Federal Government and with respect to all of its other manual or mechanized files.
It is designed to prevent the kind of illegal, unwise, overbroad, investigation and record surveillance of law-abiding citizens produced in recent years from actions of some over-zealous investigators, and the curiosity of some government administrators, or the wrongful disclosure and use, in some cases, of personal files held by Federal agencies.
It is to prevent the secret gathering of information on people or the creation of secret information systems or data banks on Americans by employees of the departments and agencies of the executive branch.
It is designed to set in motion for long-overdue evaluation of the needs of the Federal Government to acquire and retain personal information on Americans, by requiring stricter review within agencies of criteria for collection and retention.
It is also to promote observance of valued principles of fairness and individual privacy by those who develop, operate, and administer other major institutional and organizational data banks of government and society.
S. 3418 Accomplishes These Purposes in Five Major Ways
First, it requires agencies to give detailed notice of the nature and uses of their personal data banks and information systems and their computer resources. It requires a new Privacy Commission to maintain and publish an information directory for the public, to examine executive branch proposals for new personal data banks and systems, and to report to Congress and the President if they adversely affect privacy and individual rights. It penalizes those who keep secret such a personal information system or data bank.
Second, the bill establishes certain minimum information-gathering standards for all agencies to protect the privacy and due process rights of the individual and to assure that surrender of personal information is made with informed consent or with some guarantees of the uses and confidentiality of the information. To this end, it charges agencies:
To collect, solicit and maintain only personal information that is relevant and necessary for a statutory purpose of the agency;
To prevent hearsay and inaccuracies by collecting information directly from the person involved as far as practicable;
To inform people requested or required to reveal information about themselves whether their disclosure is mandatory or voluntary, what uses and penalties are involved, and what confidentiality guarantees surround the data once government acquires it; and
To establish no program for collecting or maintaining information on how people exercise First Amendment rights without a strict reviewing process.
Third, the bill establishes certain minimum standards for handling and processing personal information maintained in the data banks and systems of the executive branch, for preserving the security of the computerized or manual system, and for safeguarding the confidentiality of the information. To this end, it requires every department and agency to insure, by whatever steps they deem necessary:
That the information they keep, disclose, or circulate about citizens is as accurate, complete, timely, and relevant to the agency's needs as possible;
That they refrain from disclosing it unless necessary for employee duties, or from making it available outside the agency without the consent of the individual and proper guarantees, unless pursuant to open records laws, or unless it is for certain law enforcement or other purposes;
That they take certain administrative actions to keep account of the employees and people and organizations who have access to the system or file, and to keep account of the disclosures and uses made of the information.
That they establish rules of conduct with regard to the ethical and legal obligations in developing and operating a computerized or other data system and in handling personal data, and take action to instruct all employees of such duties;
That they not sell or rent the names and addresses of people whose files they hold; and
That they issue appropriate administrative orders, provide personnel sanctions, and establish appropriate technical and physical safeguards to insure the security of the information system and the confidentiality of the data.
Fourth, to aid in the enforcement of these legislative restraints, the bill provides administrative and judicial machinery for oversight and for civil remedy of violations. To this end, the bill:
Gives the individual the right, with certain exceptions, to be told upon request whether or not there is a government record on him or her, to have access to it, and to challenge it with a hearing upon request, and with judicial review in Federal Court;
Establishes an independent Privacy Protection Commission with subpoena power and authority to receive and investigate charges of violations of the Act and report them to the proper officials; to develop model guidelines and assist agencies in implementing the Act; and to alert the President and Congress to proposed Federal information programs and data banks which deviate from the standards and requirements of the Act; and
Judicial remedies allow the enforcement of the act through the courts by individuals and organizations in civil actions challenging denial of access to personal information or through suits by the Attorney General or any aggrieved person to enjoin violations or threatened violations of the Act.
Fifth, the bill requires the Commission to make a study of the major data banks and computerized information systems of other governmental agencies and of private organizations and to recommend any needed changes in the law governing their practices or the application of all or part of this legislation in order to protect the privacy of the individual.
BACKGROUND
The Committee on Government Operations' ad hoc Subcommittee on Privacy and Information Systems conducted hearings on June 18, 19, and 20, 1974, to consider S. 3418, cosponsored by Senators Ervin, Percy, Muskie, and Ribicoff. The hearings were held jointly with the Judiciary Committee's Subcommittee on Constitutional Rights which was considering the following legislation on related issues:
S. 2810, introduced by Senator Goldwater, to protect the constitutional right of privacy of individuals concerning whom identifying numbers or identifiable information is recorded by enacting principles of information practice in furtherance of amendments I, III, IV, X, and XIV of the U.S. Constitution;
S. 2542, introduced by Senator Bayh to protect the constitutional right of privacy of those individuals concerning whom records are maintained; and
S. 3116, introduced by Senator Hatfield, to protect the individual's right to privacy by prohibiting the sale or distribution of certain information.
COMMITTEE OVERSIGHT
These hearings continued the oversight by the Government Operations Committee of the development and proper management of automated data processing in the Federal Government and its concern for the effect on Federal-State relations of national and intergovernmental data systems involving electronic and manual transmission, sharing, and distribution of personal information about citizens.
Senator Ervin announced the joint hearings as Chairman of both subcommittees, in a Senate speech on June 11 in which he summarized the issues and described some of the complaints from citizens which have been received by Members of Congress, as follows:
It is a rare person who has escaped the quest of modern government for information. Complaints which have come to the Constitutional Rights Subcommittee and to Congress over the course of several administrations show that this is a bipartisan issue which effects people in all walks of life. The complaints have shown that despite our reverence for the constitutional principles of limited Government and freedom of the individual, Government is in danger of tilting the scales against those concepts by means of its information-gathering tactics and its technical capacity to store and distribute information. When this quite natural tendency of Government to acquire and keep and share information about citizens is enhanced by computer technology and when it is subjected to the unrestrained motives of countless political administrators, the resulting threat to individual privacy make it necessary for Congress to reaffirm the principle of limited, responsive Government on behalf of freedom.
The complaints show that many Americans are more concerned than every before about what might be in their records because Government has abused, and may abuse, its power to investigate and store information.
They are concerned about the transfer of information from data bank to data bank and black list to black list because they have seen instances of it.
They are concerned about intrusive statistical questionnaires backed by the sanctions of criminal law or the threat of it because they have been subject to these practices over a number of years.
S. 3418 provides an 'Information Bill of Rights' for citizens and a'Code of Fair Information Practices' for departments and agencies of the executive branch.
Testimony and statements were received from Members of Congress who have sponsored legislation and conducted investigations into complaints from citizens; from Federal, State, and local officials including representatives of the Administration and certain departments and agencies, the Domestic Council Committee on Right to Privacy, the Commerce Department, Bureau of the Census, National Bureau of Standards, the General Services Administration, the Office of Telecommunications Policy; the National Governors Conference, the National Legislative Conference, the National Association for State Information Systems, and the Government Management Information Sciences. Many interested organizations and individuals with expert knowledge of the subject advised the Committee. These included the former Secretary of Health, Education, and Welfare, Elliot Richardson, authors of major studies, experts in computer technology, constitutional law, and public administration, the American Civil Liberties Union, Liberty Lobby, the National Committee for Citizens in Education, the American Society of Newspaper Editors, and others.
The provisions of the bill as reported, reflect the bill as introduced, with revisions based on testimony of witnesses at hearings, consultations with experts in privacy, computer technology, and law, representatives of Federal agencies and of many private organizations and businesses, as well as the staffs of a number of congressional committees engaged in investigations related in privacy and governmental information systems.
The Committee finds that the need for enactment of these provisions is supported by the investigations and recommendations of numerous congressional committees, reports of bar associations, and others organizations, and conclusions of governmental study commissions.
To cite only a few, there are:
Earlier studies of computers and information technology by the Senate Committee on Government Operations and the current hearings and studies relating to S. 3418;
The hearings and studies on computers, data banks and the bill of rights and other investigations of privacy violations before the Constitutional Rights Subcommittee;
The hearings and studies of computer privacy and government information- gathering before the Judiciary Administrative Practices Subcommittee;
The hearings on insurance industries and other data banks before the Judiciary Antitrust Subcommittee;
The hearings on abuses in the credit reporting industries and on protection of bank records before the Senate Banking, Housing and Urban Affairs Committee;
Investigations over many years by the House Government Operations Committee; and
Finally, there are many revelations during the hearings before the Select Committee on Watergate of improper access, transfer and disclosure of personal files and of unconstitutional, illegal or improper investigation of and collection of personal information on individuals.
Particularly supportive of the principles and purposes of S. 3418 are the following reports sponsored by Government agencies:
1. 'Legal Aspects of Computerized Information Systems' by the Committee on Scientific and Technical Information, Federal Council of Science and Technology, 1972.
2. 'Records, Computers and the Rights of Citizens'.Report of the Secretary's Advisory Committee on Automated Personal Data Systems, Department of Health, Education and Welfare, July 1973.
3. 'Data-banks in a Free Society, Computers, Record-Keeping and Privacy', of the Computer Science and Engineering Board, National Academy of Sciences, by Alan F. Westin and Michael Baker.
4. Technical Reports by Project Search Law Enforcement Assistance Administration, Department of Justice.
5. A draft study by the Administrative Conference of the United States on Interagency Transfers of Information.
6. Report by the National Governors Conference.
7. Reports by international study bodies.
The ad hoc subcommittee has initiated two surveys of the Governors and of the attorneys general of the States which are producing responses supportive of congressional legislation on privacy and Federal computers and information technology. They also reveal strong efforts in State and local governments to enact similar or stronger legislation to protect privacy.
The need for the bill is also evident from the sample of legal literature and public administration articles and press articles reprinted in the appendix of the subcommittee hearings.
Finally, there are the complaints of information abuses received by many Members of Congress and diligently investigated by each of them.
Dr. Alan F. Westin, director of the 1972 National Academy of Sciences Project, reported that the study suggested 'six major areas of priority for public action:laws to give individuals a right of notice, access, and challenge to virtually every file held by local, State, and national government, and most private record systems as well; promulgation of clearer rules for data-sharing and data-restriction that we now have in most important personal data files; rules to limit the collection of unnecessary and overbroad personal databy any organization; increased work by the computer industry and professionals on security measures to make it possible for organizations to keep their promises of confidentiality; limitations on the current, unregulated use of the Social Security number; and the development of independent, ' information-trust' agencies to hold especially sensitive personal data, rather than allowing these data to be held automatically by existing agencies.'
Witnesses cited the failure of legislation and judicial decisions to keep pace with the growing efficiency of data usage by promulgating clear standards for data collection, data exchange, and individual access rights. Similarly, many other witnesses before Congress agreed with his judgment that the mid-1970's is precisely the moment when such standards need to be defined and installed if the managers of large data systems, and the specialists of the computer industry, are to have the necessary policy guidelines around which to engineer the new data systems that are being designed and implemented.
Dr. Westin cautioned:
To delay congressional action in 1974-75, therefore, is to assure that a large number of major data systems will be built, and other existing computerized systems expanded, in ways that will make it extremely costly to alter the software, change the file structures, or reorganize the data flows to respond to national standards. And beyond the money, such late changes threaten to jeopardize many operations in vital public services that will be increasingly based on computerized systems-- national health insurance, family assistance plans, national criminal-offender records, and many others. In fact, these systems may become so large, so expensive, and so vital to so many Americans that public opinion will be put to a terrible choice-- serious interruption of services or installation of citizen-rights measures.
The spread of the data bank concept, the increasing computerization of sensitive subject areas relating to people's personal lives and activities, and the tendency of government to put information technology to uses detrimental to individual privacy were detailed by Professor Arthur Miller. He stated:
Americans today are scrutinized, measured, watched, counted, and interrogated by more governmental agencies, law enforcement officials, social scientists and poll takers than at any other time in our history. Probably in no Nation on earth is as much individualized information collected, recorded and disseminated as in the United States.
The information gathering and surveillance activities of the Federal Government have expanded to such an extent that they are becoming a threat to several of every American's basic rights, the rights of privacy, speech, assembly, association, and petition of the Government.
****
I think if one reads Orwell and Huxley carefully, one realizes that '1984' is a state of mind. In the past, dictatorships always have come with hobnailed boots and tanks and machineguns, but a dictatorship of dossiers, a dictatorship of data banks can be just as repressive, just as chilling and just as debilitating on our constitutional protections. I think it is this fear that presents the greatest challenge to Congress right now.
Profession Miller characterized the reported bill as 'a major step in developing a rationale regulatory scheme for achieving an effective balance between a citizen and the Government in the important field of information privacy. The creation of a Privacy Protection Commission with broad power of investigation, reporting, and suasion seems to me to be an effective way of developing policy in this rapidly changing environment. Also worthy of enthusiastic support is Title II of the proposed legislation. We simply cannot allow more time to pass without developing standards of care with regard to the gathering and handling of personal information. In that regard, S. 3418 goes a long way to establish the much needed information bill of rights.'
The four-year survey by the Constitutional Rights Subcommittee, intended as an aid to Congress in evaluating pending legislation, demonstrates the need for requiring the following Congressional action:
Explicit statutory authority for the creation of each data bank, as well as prior examination and legislative approval of all decisions to computerize files;
Privacy safeguards built into the increasingly computerized government files as they are developed, rather than merely attempting to supplement existing systems with privacy protections;
Notification of subjects that personal information about them is stored in a Federal data bank and provision of realistic opportunities for individual subjects to review and correct their own records;
Constraints on interagency exchange of personal data about individuals and the creation of interagency data bank cooperatives;
The implementation of strict security precautions to protect the data banks and the information they contain from unauthorized or illegal access; and
Continued legislative control over the purposes, contents and uses of government data systems.
HEW REPORT
Another report reflecting major provisions of S. 3418 is that rendered by the Secretary's Advisory Committee on Automated Personal Data Systems to the Department of Health, Education and Welfare. Former Secretary Elliot Richardson described their findings in his testimony.
The report found that 'concern about computer-based record keeping usually centers on its implications for personal privacy, and understandably so if privacy is considered to entail control by an individual over the uses made of information about him. In many circumstances in modern life, an individual must either surrender some of that control or forego the services that an organization provides. Although there is nothing inherently unfair in trading some measure of privacy for a benefit, both parties to the exchange should participate in setting the terms.'
'Under current lawa person's privacy is poorly protected against arbitrary or abusive record-keeping practices. 'For this reason, as well as because of the need to establish standards of record-keeping practice appropriate to the computer age, the report recommends the enactment of a Federal 'Code of Fair Information Practice' for all automated personal data systems. The Code rests on five basic principles that would be given legal effect as 'safeguard requirements' for automated personal data systems.
There must be no personal data record-keeping systems whose very existence is secret.
There must be a way for an individual to find out what information about him is in a record and how it is used.
There must be a way for an individual to prevent information about him that was obtained for one purpose from being used or made available for other purposes without his consent.
There must be a way for an individual to correct or amend a record of identifiable information about him.
Any organization creating, maintaining, using, or disseminating records of identifiable personal data must assure the reliability of the data for their intended use and must take precautions to prevent misuse of the data. [FN1]
The Advisory Committee recommended 'the enactment of legislation establishing a Code of Fair Information Practice for all automated personal data systems as follows:
The Code should define 'fair information practice' as adherence to specified safeguard requirements.
The Code should prohibit violation of any safeguard requirement as an 'unfair information practice.'
The Code should provide that an unfair information practice be subject to both civil and criminal penalties.
The Code should provide for injunctions to prevent violation of any safeguard requirement.
The Code should give individuals the right to bring suits for unfair information practices to recover actual, liquidated, and punitive damages, in individual or class actions. It should also provide for recovery of reasonable attorneys' fees and other costs of litigation incurred by individuals who bring successful suits.'
Pending the enactment of a code of fair information practice, the Advisory Committee also recommended that all Federal agencies apply these requirements to all Federal systems, and assure through formal rulemaking that they are applied to all other systems within reach of the Federal government's authority. Beyond the Federal Government, they urged that state and local governments, the institutions within reach of their authority, and all private organizations adopt the safeguard requirements by whatever means are appropriate.
Revolutionary changes in data collection, storage and sharing were described by Senator Goldwater, who was one of many witnesses who called for enactment of the recommendations of the HEW Advisory Committee. He stated:
Computer storage devices now exist which make it entirely practicable to record thousands of millions of characters of information, and to have the whole of this always available for instant retrieval . . . Distance is no obstacle. Communications circuits, telephone lines, radio waves, even laster beams, can be used to carry information in bulk at speeds which can match the computer's own. Time-sharing is normal . . . we are now hearing of a system whereby it is feasible for there to be several thousands of simultaneous users or terminals. Details of our health, our education, our employment, our taxes, our telephone calls, our insurance, our banking and financial transactions, pension contributions, our books borrowed, our airline and hotel reservations, our professional societies, our family relationships, all are being handled by computers right now. Unless these computers, both governmental and private, are specifically programmed to erase unwanted history, these details from our past can at any time be reassembled to confront us . . . We must program the programmers while there is still some personal liberty left.
The Committee has found that the concern for privacy is a bipartisan issue and knows no political boundaries. President Ford, as Vice-President, chaired a Domestic Council Committee on the Right of Privacy which was established by President Nixon in February 1974. In recent address on the subject, he stated:
In dealing with troublesome privacy problems, let us not, however, scapegoat the computer itself as a Frankenstein's monster. But let us be aware of the implications posed to freedom and privacy emerging from the ways we use computers to collect and disseminate personal information. A concerned involvement by all who use computers is the only way to produce standards and policies that will do the job. It is up to us to assure that information is not fed into the computer unless it is relevant.
Even if it is relevant, there is still a need for discretion. A determination must be made if the social harm done from some data outweighs its usefulness. The decision-making process is activated by demands of people on the government and business for instant credit and instant services. Computer technology has made privacy an issue of urgent national significance. It is not the technology that concerns me but its abuse. I am also confident that technology capable of designing such intricate systems can also design measures to assure security.
FEDNET
In the same address, the Vice-President called attention to FEDNET and problems involved in a proposed centralization of computer facilities which concerned several Congressional committees and which provisions in S. 3418 would correct. He stated:
The Government's General Services Administration has distributed specifications for bids on centers throughout the country for a massive new computer network. It would have the potential to store comprehensive data on individuals and institutions. The contemplated system, known as FEDNET, would link Federal agencies in a network that would allow GSA to obtain personal information from the files of many Federal departments. It is portrayed as the largest single governmental purchase of civilian data communication in history.
I am concerned that Federal protection of individual privacy is not yet developed to the degree necessary to prevent FEDNET from being used to probe into the lives of individuals. Before building a nuclear reactor, we design the safeguards for its use. We also require environmental impact statements specifying the anticipated effect of the reactor's operation on the environment. Prior to approving a vast computer network affecting personal lives, we need a comparable privacy impact statement. We must also consider the fallout hazards of FEDNET to traditional freedoms.
Examples
The revelations before the Select Committee to Investigate Presidential Campaign Activities concerning policies and practices of promoting the illegal gathering, use or disclosure of information on Americans who disagreed with governmental policies were cited by almost all witnesses as additional reasons for immediate congressional action of S. 3418 and other privacy legislation. The representative of the American Civil Liberties Union stated:
Watergate has thus been the symbolic catalyst of a tremendous upsurge of interest in securing the right of privacy:wiretapping and bugging political opponents, breaking and entering, enemies lists, the Houston plan, national security justifications for wiretapping and burglary, misuse of information compiled by government agencies for political purposes, access to hotel, telephone and bank records; all of these show what government can do if its actions are shrouded in secrecy and its vast information resources are applied and manipulated in a punitive, selective, or political fashion.
Despite such current concern, Congressional studies and complaints to Congress show that the threats to individual privacy from the curiosity of administrators and salacious inquiries of investigators predated 'Watergate' by many years. These have been described at length in the hearing record on S. 3418.
For example, under pain of civil and criminal sanctions, many people have been selected and told to respond to questions on statistical census questionnaires such as the following:
How much rent do you pay?
Do you live in a one-family house?
If a woman, how many babies have you had?Not counting still births.
How much did you earn in 1967?
If married more than once, how did your first marriage end?
Do you have a clothes dryer?
Do you have a telephone, if so, what is the number?
Do you have a home food freezer?
Do you own a second home?
Does your TV set have UHF?
Do you have a flush toilet?
Do you have a bathtub or shower?
The studies show that thousands of questionnaires are sent out yearly asking personal questions, but people are not told their responses are voluntary; many think criminal penalties attach to them; it is difficult for them to find out what legal penalties attach to a denial of the information or what will be done with it. If they do not respond, reports show that they are subjected to telephone calls, certified follow-up letters, and personal visits. Much of this work is done by the Census Bureau under contract, and many people believe that whatever agency receives the responses, their answers are subject to the same mandatory provisions and confidentiality rules as the decennial census replies. A Senate survey revealed that in 3 years alone the Census Bureau had provided their computer services at the request of 24 other agencies and departments for conducting voluntary surveys covering over 6 million people. Other independent voluntary surveys were conducted by the agencies themselves on subjects ranging from bomb shelters, to smoking habits, to birth control methods, to whether people who had died had slept with the window open. The form usually asked for social security number, address and phone number.
One such survey technique came to light through complaints to Congress from elderly, disabled or retired people in all walks of life who were pressured to answer a 15-page form sent out by the Census Bureau for the Department of Health, Education and Welfare which asked:
What have you been doing in the last 4 weeks to find work?
Taking things all together, would you say you are very happy, pretty happy, or not too happy these days?
Do you have any artificial dentures?
Do you-- or your spouse-- see or telephone your parents as often as once a week?
What is the total number of gifts that you give to individuals per year?
How many different newspapers do you receive and buy regularly?
About how often do you go to a barber shop or beauty salon?
What were you doing most of last week?
Applicants for Federal jobs in some agencies, and employees in certain cases, have been subjected to programs requiring them to answer forms of psychological tests which contained questions such as these: [FN2]
I am very seldom troubled by constipation.
My sex life is satisfactory.
At times I feel like swearing.
I have never been in trouble because of my sex behavior.
I do not always tell the truth.
I have no difficulty in starting or holding my bowel movements.
I am very strongly attracted by members of my own sex.
I like poetry.
I go to church almost every week.
I believe in the second coming of Christ.
I believe in a life hereafter.
My mother was a good woman.
I believe my sins are unpardonable.
I have used alcohol excessively.
I loved my Mother.
I believe there is a God.
Many of my dreams are about sex matters.
At periods my mind seems to work more slowly than usual.
I am considered a liberal 'dreamer' of new ways rather than a practical follower of well-tried ways.(a) true, (b) uncertain, (c) false.
When telling a person a deliberate lie, I have to look away, being ashamed to look him in the eye.(a) true, (b) uncertain, (c) false.
First Amendment Programs:the Army
Section 201(b)(7) prohibits departments and agencies from undertaking programs for gathering information on how people exercise their First maintaining information which is not relevant to a statutory purpose.
The need for these provisions have been made evident in many ways. In addition to federal programs for asking people questions such as whether they 'believe in the second coming of Christ,' there have been numberous other programs affecting First Amendment rights.
One of the most pervasive of the intrusive information programs which have concerned the Congress and the public in recent years involved the Army surveillance of civilians, through its own records and those of other federal agencies. The details of these practices have been documented in Congressional hearings and reports and were summarized by Senator Ervin as follows: [FN3]
Despite First Amendment rights of Americans, and despite the constitutional division power between the federal and state governments, despite laws and decisions defining the legal role and duties of the Army, the Army was given the power to create an information system of data banks and computer programs which threatened to erode these restrictions on governmental power.
Allegedly for the purpose of predicting and preventing civil disturbances which might develop beyond the control of state and local officials, Army agents were sent throughout the country to keep surveillance over the way the civilian population expressed their sentiments about government policies. In churches, on campuses, in classrooms, in public meetings, they took notes, tape recorded, and photographed people who dissented in thought, word or deed. This included clergymen, editors, public officials, and anyone who sympathized with the dissenters.
With very few, if any, directives to guide their activities, they monitored the membership and policies of peaceful organizations who were concerned with the war in Southeast Asia, the draft, racial and labor problems, and community welfare. Out of this surveillance the Army created blacklists of organizations and personalities which were circulated to many federal, state and local agencies, who were all requested to supplement the data provided. Not only descriptions of the contents of speeches and political comments were included, but irrelevant entries about personal finances, such as the fact that a militant leader's credit card was withdrawn. In some cases, a psychiatric diagnosis taken from Army or other medical records was included.
This information on individuals was programmed into at least four computers according to their political beliefs, or their memberships, or their geographic residence.
The Army did not just collect and share this information. Analysts were assigned the task of evaluating and labeling these people on the basis of reports on their attitudes, remarks and activities. They were then coded for entry into computers or microfilm data banks.
GENERAL STATEMENT
The premise underlying this legislation is that good government and efficient management require that basic principles of privacy, confidentiality and due process must apply to all personal information programs and practices of the Federal Government, and should apply to those of State and local government as well as to those of the organizations, agencies and institutions of the private sector.
The need for such a general legislative formula is made necessary by the haphazard patterns of information swapping among government agencies, the diversity of confidentiality rules and the unevenness of their application within and among agencies. The lack of self-restraint in information-gathering from and about citizens on the part of some agencies has demonstrated the potential throughout government for imposing coercive information burdens on citizens or for invading areas of thought, belief or personal life which should be beyond the reach of the Federal data collector.
****
The myriad rules and regulations reflecting many years of ad hoc policy decisions to meet the information needs of administrators facing problems of the political moment will, under this bill, be replaced by a rule of law. The Committee emphasizes that enactment of such general legislation in no way precludes specific legislation to govern records for special programs in such areas as tax, finance, health, welfare, census, and law enforcement. Furthermore, it should not be construed as a final statement by Congress on the right of privacy and other related rights as they may be developed or interpreted by the courts.
****
The Committee affirms that the present statutory division of executive branch power among the departments and agencies and bureaus promotes management, and responsiveness to the public will. [W]e believe that the creation of formal or de facto national data banks, or of centralized Federal information systems without certain statutory guarantees would tend to defeat these purposes, and threaten the observance of the values of privacy and confidentiality in the administrative process. The Committee therefore intends in S. 3418 to require strict reporting by agencies and departments and meaningful congressional and executive branch review of any proposed use of information technology which might tend to further such negative developments. [emphasis added]
****
The Committee recognizes that the computer is an instrument which is absolutely essential to the proper transaction of many government programs, and that the collection of information from the individual is absolutely necessary to carry out those programs.
Also necessary to modern government is the science of management of the many aspects of information technology and its related professional personnel which have been incorporated very rapidly into the administrative processes of the Federal Government.
At the same time, however, the Committee believes that in the management of computer systems and all other aspects of information technology, a special status must be accorded to the issue of individual privacy, that is, the right of an individual to have such gathering of personal information as may be collected by the Government confined to that for which there is a legitimate use, and then secondly, after it is gathered, to have access to that information confined to those who have a governmental end in view for its use, and thirdly, to be assured by government that there is as little leakage as possible to unauthorized persons.
The present legislation is designed to foster these goals in the administrative processes of the executive branch. The Committee believes that the bill strikes a balance between governmental needs and the personal freedoms of the individual.
The complexities and scale of modern government make it impossible for Congress or the courts to monitor every decision made which involves personal information. The bill therefore depends partly for its enforcement on the individual data subject and makes that person a participant in government's decision to exercise its information power over an individual.
****
The Committee is convinced that legislation cannot and should not be neutral toward the information technology by means of which the Federal Government affects individual rights. Certain kinds of information should not be collected or maintained or disclosed by government agencies because to do so is either unconstitutional, unfair, unwise, or simply bad management of the people's business. This means, furthermore, that certain computer hardware and software used to operate the information systems of government should provide features which will promote the necessary security of any part of the system and the confidentiality of the information processed and handled by means of it.
****
The bill does not rest solely on the findings of any one report or study, but on review and consideration of all of the studies cited here.
The Committee is convinced that effective legislation must provide standards for and limitations on the information power of government. Providing a right of access and challenge to records, while important, is not sufficient legislative solution to threats to privacy. Contrary to the views of Administration spokesmen it is not enough to tell agencies to gather and keep only data which is reliable by their rights for whatever they determine is their intended use, and then to pit the individual against government, armed only with a power to inspect his file, and a right to challenge it in court if he has the resources and the will to do so.
To leave the situation there is to shirk the duty of Congress to protect freedom from the incursions by the arbitrary exercise of the power of government and to provide for the fair and responsible use of that power. For this reason, the Committee deems especially vital the restrictions in section 201 which deal with what data are collected and by what means. For this reason, the establishment of the Privacy Commission is essential as an aid to enforcement and oversight.
The Committee views the standards of statutory relevance for data gathering as minimum and as paving the way for more specific guarantees in each area. The Committee rejects in part and supplements the position of the White House representative, the Chairman of the Domestic Council Committee on Right of Privacy, who testified that 'the Federal Government should collect from individuals only the amount and types of information that are reasonably necessary for public protection. 'He stated 'I do not think it is possible to develop a standard of reasonableness in any more precise way than to ask people to exercise their very best judgment and to exercise the utmost restraint in the amount of information they collect.'
The Committee found many helpful definitions of privacy and confidentiality in seeking to define the concepts and principles developed in the provisions of S. 3418.
A useful statement is offered by the report on Data Banks in a Free Society project by the National Academy of Sciences, which distinguishes them in the following terms:
Privacy is independent of technological safeguards; it involves the social policy issues of what information should be collected at all and how much information should be assembled in any one information system. (For purposes of the principles implemented by this bill for the Federal executive branch, the Committee means this to include constitutional and statutory prohibitions or restraints.)
Confidentiality is the central issue for which technological safeguards are relevant. Where an organization has promised those from whom it collects information that unauthorized uses will not be made by persons inside or outside that agency, making good that promise of confidentiality requires record security controls in both manual and computerized files.
****
'Privacy', then, is a shorthand term for the restraint on the power of government to investigate individuals, to collect information about their personal lives and activities in society or in ways which are banned by the Constitution, or for reasons which have little or nothing to do with the purpose of government or of the agency involved, as their powers are defined by the Constitution and specific statutes.
Therefore, the Committee believes that the conclusions of study groups set up in the executive branch to study computer technology must be supplemented by the complaints from citizens and evidence gathered by numerous congressional committees on the over-reach of its information power by the Federal executive branch. This characteristic distinguishes S. 3418 from other proposals on 'privacy.'
STATE LAWS
S. 3418 is further needed to complement State and municipal laws and regulations which have been adopted to protect individual privacy and confidentiality of records, and which, in some cases, provide more detailed and more effective protections that S. 3418. Governors and others have expressed concern that despite all the States may do to provide guarantees, they are not effective once the data are integrated in a Federal information system or transferred to a Federal data bank. S. 3418 will safeguard and supplement the efforts of State legislatures.
COVERAGE:PRIVATE, STATE AND LOCAL
As reported, the bill applies to Federal personal information systems, whether automated or manual, and to those of State, local and private organizations which are specifically created or substantially altered through grant, contract or agreement with Federal agencies, where the agency causes provisions of the act to be applied to such systems or files or relevant portions.
As introduced, S. 3418 applied to all governmental and private organizations which maintained a personal information system, under supervision of a strong regulatory body, with provision for delegating power to State instrumentalities.
The Committee has cut back on the bill's original coverage and ordered the Privacy Commission to make a study of State, local and private data banks and recommend precise application of the Act where needed.
The original coverage reflected the recommendations of the HEW Secretary's Committee for 'enactment of its code of fair information practice for all automated personal data systems,' but which noted that it would 'wisely be applied to all personal data systems whether automated or manual.'
Hearing witnesses and other commentators advocated nationwide application of the Act to protect individual privacy and other rights from invasion by Government and the institutions and organizations of society.
Total coverage was advocated by the representative of the American Civil Liberties Union citing examples of cases and programs to show that information collected by State, local and private institutions can be every bit as harmful to the individual. These included the reported need for additional controls over the retail credit industry, whose five largest companies maintain files on 54 million people; the Medical Information Bureau in Greenwich, Connecticut, a major source of medical information on 13 million Americans for life insurance companies; the use by the banking industry of an Electronic Funds Transfer System to centralize an individual's charges all over the community and automatically deduct them from the individual's bank account; the uncontrolled access to customer records and cancelled checks afforded by financial institutions to law enforcement officials and other investigators in the absence of subpena and notice to the individual.
Profession Miller testified in 1971 on behalf of a regulatory commission with power to embrace the activities of 'non-Federal information gatherers that might adversely affect the rights we are trying to protect. The regulators should be particularly attentive to the interlocking relationships that have begun to spring up between Federal and local data handlers in the law enforcement field and the fact that many of the Nation's major corporations maintain dossiers on millions of Americans. Close scrutiny of the latter category of data banks is becoming imperative because there is growing reason to believe that these files are exchanged both within the private sector and with law enforcement and surveillance groups at all levels of government. In short, once standards are established for Federal systems I believe that it eventually will become necessary to apply them to certain non-Federal systems.'
Similar findings of interlinking networks for the governmental and private sectors were found by the Academy of Sciences project.
Professor Vern Countryman, in an article submitted for the hearing record, has detailed cases, congressional hearings, and practices involving privately compiled dossiers by commercial compilers, punitive compilers, and benevolent compilers.
Reports filed for the hearing record from the Freedom of Information Center of the University of Missouri School of Journalism, describe investigative practices and intrusive data-gathering technique in the private sector.
Problems of privacy, standards, confidentiality and security in medical and health records programs were described for the subcommittee by doctors in private practice and in State government.
Extension of legislative coverage to student records procedures for gathering, disclosure, and dire process in educational records was advocated by Senator James L. Buckley and by witnesses for the Citizens Committee for Education.
Other witnesses advocated coverage of State and local systems, but not of the private sector.
Despite calls by these and other witnesses for total or partial coverage, the Committee as persuaded to delay a decision on total application by considerations of time and investigative resources for developing a full hearing record and for drafting the needed complex legislative solution for information abuses in the private sector, beyond those presently covered by the Fair Credit Reporting Act and its pending amendments.
Former Secretary of Health, Education, and Welfare Elliot Richardson noted the lack of a precise hearing record and suggested legislation 'to establish authority in an existing Federal agency or in some new instrumentality established in part for that purpose, to make inquiry, hold hearings, and report to Congress if it finds a prima facie showing of need for legislation to assure fair information practice in some particular industry or other segment of the nongovernmental organizations of America. Congress could then take whatever action toward developing additional legislation seemed necessary.'
Mr. Richardson endorsed coverage of State and local activities'substantially affected by their relationships with Federal agencies, as a consequence of (1) Federal fiscal contributions, (2) Federal record-keeping or data-collection and reporting requirements, or (3) cooperative arrangements among intergovernmental personal data system.'
Dr. Westin, while endorsing coverage of intergovernmental computers systems, opposed the total coverage of the original bill, citing 'the impracticality and dangers involved in trying to regulate and register many tens or hundreds of thousands of files of every kind. 'He recommended 'an instrumentality to lead private organizations to adopt codes of fair information practice as their voluntary policies, and proposed creating a national commission on private, interstate personal data systems. 'This commission should, testified Dr. Westin, 'examine the conduct of those nationwide personal data systems that affect the rights, opportunities, and benefits of Americans, holding hearings as necessary and with a strong, competent staff to make onsite visits and study the real practices of organizations, not just their formal policies.
'The creation of such a commission should provide an extremely valuable force acting on the private sector. It would push privacy, confidentiality, and due process issues to the top of the organizational agenda, and into the design, testing, and operational thinking of data-system managers and their staffs. It would move the computer industry and computer professionals into high gear, as consultants to the user organizations, developers of new techniques and materials, and innovators in cost-effective responses.'
Numerous representatives of private organizations and of business and industry opposed the total coverage of the bill, citing the lack of hearing record, the existing requirements of the Fair Credit Reporting Act, and prohibitive costs of implementing S. 3418 in the private section without passing on the costs in consumer services. Most indicated support for or lack of opposition to, a commission study of privacy invasions by the private sector.
RIGHT OF ACCESS AND CHALLENGE
The Committee believes that the size of the Federal Government, the sheer number of personal records it must handle, and the growing complexities of information technology require that the full protections against abuses of the power of government to affect the privacy of the individual and the confidentiality of personal information must depend in part upon the participation of the individual in monitoring the maintenance and disclosure of his own file.
To this end, we agree with the members of numerous respected study bodies that an individual should have the right to discover if he is the subject of a government file, to be granted access to it, to be able to assure the accuracy of it, and to determine whether the file has been abused by improper disclosure.
The Committee agrees with the conclusion of one government study that'In the majority of cases, the citizen's right of access to information kept on him by the Federal Government will not interfere with the ongoing program of the agency. In addition, giving the individual a right of access often will be a desirable adjunct to any other system designed to insure file accuracy.'
Furthermore, the Committee adopts the timely observation of one scholar from the Council on Science of Technology study that 'giving the individual maximum ability to examine what the Government knows on the person should help promote citizen confidence in activities of the Federal Government and is essential to assure that notions of due process are employed when decisions are made on the basis of personal information.'
So important does the Committee consider procedures required by the bill on this matter that it is determined that any exemptions from such provisions sought under the rule-making scheme of the bill must be kept to an absolute minimum and must not be made on the basis of parochial agency concerns. It finds support for this stand in the conclusion of the report of the HEW Secretary's Advisory Committee on Automated Personal Data Systems that:
No exemption from or qualification of the right of data subjects to have full access to their records should be granted unless there is a clearly paramount and strongly justified societal interest in such exemption or qualification . . .The instances in which it can be convincingly demonstrated that there is a paramount society interest in depriving an individual of access to data about himself would seem to be rare. (pp. 61, Report.)
The exemptions allowed from observance of these standards are for three purposes only, national defense and foreign policy and certain law enforcement investigative and intelligence matters where access and challenge rights are found to damage the purpose for which the information was collected.
The Committee recognizes that while many agencies afford such rights, many agencies deny them with respect to certain files. Allowing only these narrow areas for exemption may well promote the reassessment of existing practices whereby individuals are deprived of full access to records about themselves, and some agencies, in the year before the Act takes effect, may well see fit to seek special legislation permitting special treatment of certain files they hold. Meanwhile, the Committee is persuaded by the language of the HEW report:
Many organizations are likely to argue that it is not in the interest of their data subjects to have full access. Others may oppose full access on the grounds that it would disclose the content of confidential third-party recommendations or reveal the identity of their sources. Still others may argue that full access should not be provided because the records are the property of the organization maintaining the data system. Such objections, however, are inconsistent with the principle of mutuality necessary for fair information practice.
The relevance of the rights of access and challenge to the principle of accountability in government, to efficient achievement of management goals and to a public sense of social justice is recognized in a 1970 report made by the Project SEARCH group to the Justice Department. That report called for a citizen's right to access and challenge to certain law enforcement records, but it stated the following reasons for its conclusions which the committee finds worthy of general application:
First, an important cause of fear and distrust of computerized data systems has been the feelings of powerlessness they provoke in many citizens. The computer has come to symbolize the unresponsiveness and insensitivity of modern life. Whatever may be thought of these reactions, it is at least clear that genuine rights of access and challenge would do much to disarm this hostility.
Second, such rights promise to be the most viable of all the possible methods to guarantee the accuracy of data systems. Unlike more complex internal mechanisms, they are triggered by the most powerful and consistent of motives, individual self-interest.
Finally, it should now be plain that if any future system is to win public acceptance, it must offer persuasive evidence that it is quite seriously concerned with the rights and interests of those whose lives it will record. The committee can imagine no more effective evidence than authentic rights of access and challenge. [FN4]
LAW ENFORCEMENT FILES
Title II of S. 3418 sets general standards of fair records keeping which apply to practically all government files, including those maintained by law enforcement agencies. Although various committees of the Congress [FN5] have been considering legislation which specifically addresses confidentiality of law enforcement files, the Committee is of the view that prospects for that legislation is sufficiently unclear so that S. 3418 should apply in its general terms to such files until such time as the law enforcement privacy legislation is enacted.
Therefore the Committee decided that, to the extent feasible, S. 3418 should apply to law enforcement files but that such application should not be bills, introduced early this year, S. 2963 by Senator Ervin and S. 2964 by Senator Hruska on behalf of the administration. S. 3418 as amended by the Committee would apply the general standards of title II, including the general updating and accuracy requirements and provisions affording right of access to most law enforcement files.
The Committee recognizes, however, that there are two general classes of files maintained by agencies with law enforcement functions, criminal history or record files on the one hand and intelligence and investigative files on the other. The first class of information, defined for the purposes of S. 3418 as 'criminal history information' includes routine records of arrests and court dispositions sometimes called rap sheets. As a general principle these records are subject to all the requirements of title II including the right of access provision. This is entirely consistent with both the Ervin and administration criminal justice privacy legislation. Indeed, Director Kelly of the FBI, in testimony before the Subcommittee on Constitutional Rights, expressed support for the general access and challenge provisions contained in the two criminal justice privacy bills and replicated in S. 3418:
These bills provide for an individual to obtain access to his own criminal offender record, and also provide procedures for him to challenge that record. I support these provisions. Currently, the FBI provides copies of offender record information . . .
As for the other general provisions of title II, none of these provisions are inconsistent with the criminal justice privacy legislation in particular as they apply to criminal history information. Furthermore, S. 3418 permits each agency to promulgate its own regulations implementing the Act and this should provide sufficient flexibility so that the Attorney General will not undermine good law enforcement practices in promulgating regulations. Indeed, since early this year the Justice Department has been drafting regulations which address most of the basic issues raised by S. 3418. Those regulations set certain standards for the operation of any routine exchange of criminal history information by the FBI and for the funding of criminal history record systems on the State and local level by the Law Enforcement Assistance Administration. Although the Justice Department might have to carefully review these regulations, if this legislation is passed, their scope and thrust are essentially what would be required of the Department of Justice by this legislation.
The second class of information generally maintained by law enforcement agencies are intelligence, or investigative files. These files contain highly sensitive and usually confidential information collected by law enforcement officers in anticipation of criminal activity, such as by organized crime figures, or in the course of investigating criminal activity which has already occurred. It was the Committee's judgment, shared by most criminal justice privacy experts and reflected in the pending criminal justice privacy legislation, that all of the provisions of title II of S. 3418 could not be applied to such sensitive information. In particular, it would not be appropriate to allow individuals to see their own intelligence or investigative files. Therefore, the bill exempts such information from access and challenge requirements of title II. However, most of the other general accuracy and updating provisions would apply, subject, of course, to the rules and regulations issued by the agency head in the course of implementing such provisions.
Obviously, these general provisions on law enforcement records are not entirely adequate. The two criminal justice privacy bills address this subject in considerable detail and are the result of at least two years of careful study and revision by the Subcommittee on Constitutional Rights and the Justice Department. However, the Committee feels that general privacy legislation must assure subjects of law enforcement files at least these minimal rights until such time as the more comprehensive criminal justice legislation is passed.
PRIVACY PROTECTION COMMISSION
It is clear that many of the information abuses over the last decade could have been avoided with the help of an independent body of experts charged with protecting individual privacy as a value in government and society.
Commentators on privacy for years have also cited the need for such an agency to help deal in a systematic fashion with the great range of administrative and technological problems throughout the many agencies of the Federal Government.
Title I of S. 3418, as amended, establishes a Privacy Protection Commission composed of five experts in law, social science, computer technology, and civil liberties, business, and State and local government and supported by a professional staff. The Commission would be empowered to:
Monitor and inspect Federal systems and data banks containing information about individuals;
Compile and publish an annual U.S. Information Directory so that citizens and Members of Congress will have an accurate source of up-to-date information about the personal data-handling practices of Federal agencies and the rights, if any, of citizens to challenge their contents;
Develop model guidelines for implementation of this act and assist agencies and industries in the voluntary development of fair information practices;
Investigate and hold hearings on violations of the Act, and recommend corrective action to the agencies, Congress, the President, the General Accounting Office, and the Office of Management and Budget;
Investigate and hold hearings on proposals by Federal agencies to create new personal information systems or modify existing systems for the purpose of assisting the agencies, Congress, and the President in their effort to assure that the values of privacy, confidentiality, and due process are adequately safeguarded; and
Make a study of the state of the law governing privacy-invading practices in private data banks and in State and local and multistate data systems.
NEED FOR A PRIVACY PROTECTION UNIT
There is an urgent need for a permanent staff of experts within the Federal Government to inform Congress and the public of the data-handling practices of major governmental and private personal information systems. As a recent study by the Judiciary Subcommittee on Constitutional Rights graphically demonstrates, there has been a proliferation of Federal information systems and data banks which, if misused, can do irreparable harm to the privacy and economic well-being of millions of persons. 'Data Banks and a Free Society, ' the study done for the National Academy of Sciences by Professors Alan F. Westin and Michael A. Baker, similarly demonstrates such harm inherent in large personal information systems maintained at all levels of government and by private industry.
Although recent attempts to turn Federal tax records into weapons of political and personal revenge have come to light, along with many other record abuses, the major threat to most Americans lies in the inadvertent, careless, and unthinking collection, distribution, and storage of records which may be inaccurate, incomplete, or irrelevant to legitimate governmental needs. This threat has grown tremendously as developments in telecommunications, photocopying, and computer technology have accelerated and with expanded data- swapping among government agencies and throughout private industry.
It is now clear that Congress, with its limited technical staff and multitude of functions, cannot keep track of these developments in every Federal agency and for every data bank with the depth of detail required for consistently constructive policy analysis. The Constitutional Rights Subcommittee data bank study and other agency-by-agency studies have each taken years to complete, and have documented the frustrations of agency delays, withholding of data, and camouflage of governmental activities. Citizens also have no and use personal information about them. Agencies and businesses would similarly benefit from the existence of an authoritative source of information about their record-keeping practices which would protect them from misinformed and inflammatory criticism.
In addition, there is an urgent need for a staff of experts somewhere in government which is sensitive both to the privacy interests of citizens and the informational needs of government and which can furnish expert assistance to both the legislative and executive branches. In recent years, controversies over privacy and government data banks have arisen after executive branch decisions have been made. The Commission will serve the important purposes of raising and resolving privacy questions before government plans are put in operation. Agencies need help to incorporate newly-refined concepts of individual liberty into their current procedures without unnecessary disruption and confusion. Congress and the President need help in identifying those areas in which privacy safeguards are most urgently needed and in drafting legislation specifically tailored to those problem areas.
There are now over 100 privacy bills before Congress. Most are of unquestionable merit, but only a few can receive the kind of sustained attention to survive the legislative gauntlet. The proposed Commission would help Congress deal with those bills in two ways. First, it would obviate the necessity of enacting many of them into law by inducing agencies and industries to adopt their own fair information practices. Second, the Commission would help Congress and the President by narrowing down the range of legislative options and drafting bills designed to achieve a good 'fit' between privacy values and other values in the context of often unique data-keeping activities.
It may well be that regulatory functions will eventually have to be added to the Commission's powers in order to assure that privacy, confidentiality, and due process become an integral part of governmental and private data systems. However, the Committee has decided not to address this area in the legislation pending the Commission's study.
The original version of S. 3418 would have created a Federal policy board with regulatory powers to investigate and issue cease and desist orders for violations of the Act. The Committee believes that it does not have sufficient evidence to support a case for vesting broad regulatory powers in a board charged with administrating the Act. Rather, a much more effective and less cumbersome procedure will permit an individual to seek enforcement of his rights under procedures established by each Federal agency. Ultimate enforcement of those rights and challenges to agency judgments would rest with United States District Courts. By taking this action, the Committee did not mean to preclude a future decision by the Congress to vest regulatory functions in the Commission to assure that privacy, confidentiality, and due process become an integral part of governmental and private data systems.
Public administration and privacy experts have urged a cautious approach to regulation on two grounds. First, there is much more that privacy advocates need to know about information systems before they are in a position to make demonstrably constructive regulatory policy proposals. Second, there is substantial evidence that agencies and companies are not inherently hostile to letting individuals have more of a say in what the files say about them, provided that the changes can be made in an orderly, efficient, and economically sound manner. The work of the Secretary of Health, Education, and Welfare's Advisory Committee on Automated Data Systems, Vice President Ford's Domestic Council Committee on the Right of Privacy and the National Academy of Sciences Project on Computer Data Banks, clearly demonstrate that the right of privacy has its advocates within the executive branch. Testimony before the Committee by State officials was nearly unanimous in citing a need for higher standards and better regulation of privacy practices in their jurisdictions. Statements by private industry representatives have persuaded the Committee that a substantial measure of industry cooperation can be anticipated.
Thus, the Committee believes that it would be a mistake for the Privacy Protection Commission to begin its work in an adversarial posture, either as a regulatory or ombudsman-type agency. Those roles may come in time, but they should be the product of specific legislation and come only after efforts to achieve voluntary reforms have failed. Meanwhile, awareness that the Commission might be vested by Congress with regulatory powers at some future time should have a salutory effect on those agencies which may be tempted to ignore its suggestions or which fail to give its model guidelines the deference due them.
LOCATING THE PRIVACY UNIT
The Committee has concluded that the best place to vest these new functions would be in an independent commission. The decision was arrived at with some reluctance, because members of the Committee share the unwillingness of many Members of Congress to create still more independent commissions. On balance, however, the commission route seemed the best solution for the abuses and potential threats which have been documented.
Having concluded that an expert staff and an independent body was needed somewhere in the Federal Government to supply information and advice and conduct investigations, the Committee considered three alternatives, as described in testimony before Committee by Dr. Christopher H. Pyle. The first was to place the unit in the General Accounting Office, modeled on the Office of Federal Elections. The second was to locate it in the Office of Management and Budget, much like the Statistical Policy Division which policies Federal questionnaires. The third alternative wasto create an independent commission.
The Committee chose not to recommend vesting the investigatory and advisory functions in the GAO because it would be unwise to dilute the GAO's important auditing function with this kind of substantive policy assignment. Except in rare instances, responsibility within Congress for policy development should rest with its committees. Also, placing the investigative role in the GAO might limit the unit's ability to study multi-state and commercial information systems not dependent upon the Federal budget, which is the focus of the GAO's attention.
Similar considerations persuaded the Committee that the unit could not achieve its full potential as part of the Office of Management and Budget. Moreover, the Committee was of the opinion that the privacy as executive agencies-- a relationship which could not be guaranteed by making it part of the President's staff. On the other hand, by creating the unit as a commission, its reports and expertise could be available to both the GAO and OMB.
The Committee received suggestions that creation of such an independent commission should be delayed in order to develop legislation charging it with the functions of dealing with classification and freedom of information issues, as well as privacy and civil liberties.
While they pose significant problems, these other two subject areas go to different considerations of government. Creation of a privacy commission is recognition of the fact that the Congress intends to afford access to the decision-making centers of government to interest which promote the privacy of individual Americans against overly-intrusive or arbitrary government institutionalized in the structure by the Privacy Commission, would defeat the purpose of the legislation. It would reduce the viability of privacy as a matter of concern in the Federal Government. By thus denying itself the full strength of the investigative help needed to protect privacy and due process in the years ahead, Congress would dilute, in turn, the quality of protections which it and the other branches of Government might otherwise afford to those amendments in the Bill of Rights which safeguard privacy.
The administration has opposed the creation of a commission partly for Commission is vitally needed to promote the quality of legislative and administrative oversight which will provide a privacy bulwark for Americans in the years ahead. It is expected, furthermore, that the savings it will effect in the Federal Government will far outweigh the immediate cost.
ENFORCEMENT
The Act is enforceable in the courts with the aid of Congress and the Privacy Commission.
As Elliot Richardson, former Secretary of three executive branch Departments, informed the Committee:
The requirements of fair information practice are so much in the interest of organizations, as well as of the individuals about whom records are maintained, that there should be little difficulty in agencies adhering to them and little occasion for court enforcement suits. Enforcement provisions are needed, however, to create a strong and reliable incentive to overcome the initial bureaucratic resistance to change that might otherwise prove to be a crucial obstacle to the prompt and full achievement of fair information practice. Frivolous suits, no doubt a matter of concern to some, would be promptly subjects to motions for summary dismissal.
Except for the act of keeping secret data banks and improper disclosures by Commission employees, there are no criminal penalties in the Act. As introduced, the original bill contained strong criminal penalties for employees and others who violated or contributed to the violation of the Act. These penalties were deleted in Committee for two main reasons:the difficulties of effective enforcement through such criminal prosecutions and the possibility that the threat of prosecution may preclude that 'Whistleblowing' and disclosure of wrongdoing to Congress and the press which helps to promote 'open government.'
Instead, the mandates of S. 3418 are enforceable through the civil challenges of the Attorney General or of private citizens with real or suspected grievances or claims of violations of the Act. Given the difficulties of time and resources, private enforcement through litigation is will depend on the zeal and the good faith of the Attorney General and the President in enforcing the terms of the new law.
As always, the press and communications media will contribute to the enforcement of the Act through its investigation and exposure of wrongdoing, a function eased by the requirements in S. 3418 that decisions be made on the open record by responsible officials and that precise notices be published containing the details of government policy where it affects personal privacy.
Administratively, the agencies may be called to account by Congress and the President through the monitoring and investigative activities of the Privacy Commission and its reporting of violations.
Despite these guarantees, the Committee acknowledges there is no way that the Congress, the press, or the public can assure strict administrative observance of the exercise of the power of the Federal Government pursuant of views as to what constitutes compliance within particular agencies.
Realistically, therefore, the implementation of the Act rests, finally, with the departments and agencies of the executive branch and the good faith, ethical conduct and integrity of the Federal employees who serve in them.
SOCIAL SECURITY NUMBER AND IDENTIFIERS
As introduced, S. 3418 made it unlawful for any person to require an require an individual to disclose or furnish his Social Security account number for any purpose in connection with any business transaction or commercial or other activity, or to refuse to extend credit or make a loan or to enter into any other business transaction or commercial relationship with an individual because of refusal to disclose or furnish the number, unless the disclosure or furnishing of the number was specifically required by Federal law.
The Committee considers this usage of the number of a government file one of the most serious manifestations of privacy concerns in the Nation. However, it received conflicting evidence about the effects of this section, particularly the inordinate costs to the Federal Government and private businesses of changing to another identifier and reprogramming computers or reindexing files.
In view of the lack of ready independent data about the probable costs and effects of such a prohibition and in view of stricter limitations on transfer of and access to government files, the section was deleted in Committee by an 8 to 1 vote. At the same time, the issue was designated as a priority issue for study by the Privacy Commission and for report to Congress of specific legislative recommendations to meet the serious public concerns reflected in the original bill. In subsection 106(b)(1)(C), the Commission is required to examine and analyze 'the use of license plate numbers, Social Security numbers, universal identifiers, and other symbols to identify individuals in data banks and to access, integrate or centralize information systems and files'
The Committee realizes that the number is a major element in the national debate over privacy since a common numerical identifier or symbol to designate and index each person is an essential feature of a national data bank, or indeed, of any information system which allows creation of an instant dossier or which permits quick retrieval of all personal information which flows through that system about an individual.
In recent years the Social Security number has been the identifier most used in common by government agencies and private organizations to improve efficiency of services, aid management functions, prevent fraud and reduce errors in identification of people.
Citizens' complaints to Congress and the findings of several expert study groups have illustrated a common belief that a threat to individual privacy and confidentiality of information is posed by such practices. The concern goes both to the development of one common number to label a person throughout society and to the fact that the symbol most in demand is the Social Security number, the key to one government dossier.
Of major concern is the possibility that the number may become a means of violating civil liberties by easing the way for intelligence and surveillance uses of the number for indexing or locating the person.
In this connection, a Constitutional Rights Subcommittee report on the intelligence-gathering by the military from its own agents and the files of other Government agencies, shows that individuals were often indexed in the Army computers by their Social Security numbers. Complaints to the Constitutional Rights Subcommittee also showed that government pressures people to disclose their Social Security number on administrative, statistical, and research questionnaires of all kinds, including income tax forms, HEW questionnaires asking whether elderly people buy newspapers and wear false teeth, and many others.
Every serviceman is now identified by his Social Security number, a development of intense concern to some groups who were not able to persuade congressional committees or the Pentagon to reverse the course.
A cross-section of such complaints appearing in the subcommittee hearings shows that people are pressured in the private sector to surrender their numbers in order to get telephones, to check out books in university libraries, to get checks cashed, to vote, to obtain drivers' licenses, to be considered for bank loans, and many other benefits, rights or privileges.
In many cases in the private sector, he is informed that the number is necessary for identification purposes, yet on its face, the Social Security card states that it is not to be used for identification purposes. This proviso was initially included in the Social Security program to prevent reliance on the card for identification because a person could acquire several of them under several identities and there frequently was no agency investigation of the information provided in order to obtain a number.
A list of the Federal Government's uses of the number, authorizations, and the texts of applicable statutes, Executive order, and regulations appears in the appendix of the hearings together with excerpts of Government reports on this subject.
The HEW Secretary's committee found that 'the Federal Government itself has been in the forefront of expanding the use of the number, that its actions have actively promoted the tendency to depend more and more upon the number as an identifier-- of workers, taxpayers, automobile drivers, students, welfare beneficiaries, civil servants, servicemen, veterans, pensioners, and so on. 'It concluded:'If use of the SSN as an identifier continues to expand, the incentives to link records and to broaden access to them are likely to increase. Until safeguards such as we have recommended . . . have been implemented, and demonstrated to be effective, there can be no assurance that the consequences for individuals of such linking and accessibility will be benign. At best, individuals may be frustrated and annoyed by unwarranted exchanges of information about them. At worst, they may be threatened with denial of status and benefits without due process, since at the present time record linking and data subject to protest, interfere, correct, comment, and in most instances, even to know what linking of which records is taking place for what purposes.'
While specific laws mandate or have been interpreted to permit the use of the number in a few Federal programs, most agencies have proceeded to use it by regulation or directive. Executive Order 9397 of 1943 found it 'desirable in the interest of economy and orderly administration that the Federal Government move towards the use of a single unduplicated numerical identification system of accounts', and ordered that 'any Federal department, establishment or agency shall, whenever the head thereof finds it advisable to establish a new system of permanent account numbers pertaining to individual persons, utilize exclusively the Social Security account numbers.'
While some have cited this order as authority for the Federal usage, the HEW report found otherwise, noting, 'It has been suggested that Executive Order 9397 was intended to apply only to instances when Federal agencies seek to number records, such as employment, attendance, performance, or medical records . . . To interpret the order as applying to all kinds of Federal agency record systems is arguably beyond the meaning of its language. In any case, it appears that Federal agencies are free to use the SSN in any way they wish, and no instance has come to our attention in which the order has been invoked to compel or limit an agency's use of the SSN.'(p. 117)
The HEW Secretary's committee came to the following conclusions about the need for legislation on this matter:'If the SSN is to be stopped from becoming a de facto Standard Universal Identifier, the individual must have the option not to disclose his number unless required to do so by the Federal Government for legitimate Federal program purposes, and there must be legal authority for his refusal. Since existing law offers no such clear authority, we recommend specific, preemptive, Federal legislation providing that the individual has the right to refuse to disclose his SSN to any person or organization that does not have specific authority provided by Federal statute to request it . . . and the right to redress if his lawful refusal to disclose his SSN results in the denial of a benefit.'
The report contained other recommendations about the need for constraints on the use of the number and on its dissemination, and it cited the need for congressional review of all present Federal requirements for use of the number to determine whether they should be continued, repealed, or modified.
The Committee expects the Privacy Commission study to undertake such a study for the public and private sector.
A number of departments and agencies opposed the provision in S. 3418 limiting the use of the Social Security number. These included the Commerce Department, Civil Service Commission, Defense Department and the Securities and Exchange Commission. All cited the need for use of the number as an identifier to achieve administrative ends, and the inordinate and prohibitive costs of reprogramming with an alternative number. Numerous private business, banks and industries uniformly opposed this section.
Computer and data professionals from State and local government also opposed the provision, testifying that such prohibitions on its use 'would impose a tremendous financial burden on the States and an alternate identifier would have to be developed.'
MAILING LISTS
The bill now prohibits Federal agencies from selling or renting mailing lists except as authorized by law, but does not require names and addresses to be kept confidential, thus allowing inspection where these are public records. It requires private organizations maintaining a mailing list to remove the individual's name upon request.
A major avenue by which personal privacy and confidentiality may be invaded is the practice of the Federal Government of selling and renting names, addresses and personal data in their files for use in commercial and other mailing lists. Such practices may cause a violation of the tacit or formal agreement by which the agency collected or acquired the information for its own authorized purposes. Laws promoting open records in government have resulted or may result in administrative contracts on agreements to sell the data in bulk, either as a convenience to commercial or other users, or to publicize and promote the purposes of the agency.
While a few examples might be found in which the sale or rental of mailing lists by Federal agencies without specific statutory authority serves a useful purpose, the Committee concludes for several reasons that such action is totally inconsistent with the purposes of the bill as amended. One of these purposes is to entitle an individual to a large measure of control over who, outside of a Federal agency maintaining information about him, has access to his personal information. Mailing lists constitute such personal information when, for example, they represent a group of individuals possessing a certain set of characteristics. The disclosure of this personal information can be damaging to the individual. Therefore, section 206(a) of the bill, as amended, prohibits the sale or rental of lists of names and addresses by Federal agencies unless the sale or rental is specifically authorized by law.
Legislation on this subject has been offered for a number of years. These problems are addressed in S. 3116, introduced by Senator Hatfield and pending before the Constitutional Rights Subcommittee.
Senator Hatfield stated 'the real thrust of S. 3116 is not what is received in one's mailbox but privacy and the question of individuals' right to control what is known about them.'
He cited the stockpiling of personal information in the businesses who compile and sell lists and other data for commercial purposes. Primarily, this means selling or renting lists to the direct mail industry.
The Committee was told that 'lists for this industry are compiled from every imaginable source-- telephone, books, magazine subscription lists, credit card lists, church rosters, club memberships, government agencies, newspaper, announcement of birth, death, graduation and from seemingly, inviolate sources such as doctors, dentists, and schools. This flourishing business exists largely without the knowledge of the people who are providing the profit, the people whose names and personal data keep this wheel turning.'
Testimony from the Direct Mail Marketing Association shows that it is their recommended practice to remove a person's name from their list if requested to do so. However, only some people know about this service, and the distribution of information through lists is so widespread that people who do manage to get off lists through such a service, have no way of controlling what all the other companies do.
The bill now requires no more of the private sector than that an organization engaged in business in interstate commerce shall remove the individual's name from a mailing list, upon request. Where lists are maintained by private companies, the Committee believes that the decision as to who should be allowed to rent or buy them is a decision best left up to each individual business. However, where such lists are maintained by government agencies, or where names and addresses are sold or rented, the Committee firmly believes that the decision must not be left to individual agency administrators.
Subsection 206(b) requires all persons or organizations engaged in interstate commerce to comply with the written request of an individual who wishes to have his name and address removed from their lists that are used for direct mail solicitation.
This provision represents a sound business practice which is followed by many of the largest and most respectable direct mailers in the country. The Direct Mail Marketing Association, which represents several thousand users of direct mail marketing and advertising in America, has stated in writing to the Senate Government Operations Committee that its Mail Preference Service is specifically designed to permit an individual to have his name removed from its members' lists upon request.
The Committee has been advised by representatives of the Direct Mail Marketing Association and by numerous prominent direct mailers that this practice creates more profitable lists by allowing for the removal of names of individuals who are unlikely to purchase goods or services from the soliciting organization.
The purpose of this provision is to extend this practice to all organizations and to expand the protection to all individuals. It is consistent with the best practice in American industry and with the programs and standards of the Association representing those companies with direct interest in this problem.
The Committee believes such a requirement is a simple and fair one which will not necessitate a revision of private business procedures. Mail order businesses may continue to compile mailing lists and solicit through the mail. The widespread sentiment on this subject for action was noted by Congressman reported 65 House members sponsoring the bill, 34 Republicans and 32 Democrats.
A survey of mailing list practices of Federal departments and agencies made by the Congressman and another by the House Government Operations Subcommittee chaired by Congressman Moorhead, were offered by Congressman Horton for the hearing record.
The threat to individual privacy from the selling and renting of names and personal information from government files and the use of mailing lists by the mailing list industry was found to be an appropriate subject for privacy legislation by the National Academy of Sciences Project Report. The Committee agrees with the report that the standard of the Direct Mail Marketing Association, mere removal of one's name, is not enough for Government agencies. As the Academy report states, 'For many people, this does not resolve the basic privacy issue: when individuals give information about themselves to government agencies for one purpose, usually under legal compulsion to report, should their names, addresses, and data about their occupations, ownership, military service, or other activities be made available to organizations that would use the information for purposes that these individuals consider intrusive?
'In time of major problems of housing, education, crime, race relations, pollution, and peace, it may seem a disturbingly trivial matter to worry about government records leading to the receipt of mail advertisements that some individuals do not want. But the issue symbolizes something we cannot afford to ignore-- how do we make the individual's informed consent a more respected and controlling feature in organizational society?Our approach to this problem should not be to make matters confidential which have long been considered open for public access; rather, it should be to find a way to accomodate those who feel their privacy is intruded upon by such direct mail practices. (Report, p. 385)'
SECTION-BY-SECTION ANALYSIS
TITLE I--privacy PROTECTION COMMISSION
Section 101
ESTABLISHMENT OF COMMISSION
Title I establishes a Federal Privacy Commission, an independent body which the Committee deems absolutely essential to aid in the administrative and enforcement of the act, and to conduct a study of other private and governmental information systems.
Section 101 provides that the five full-time members of the Commission would be appointed by the President subject to confirmation by the Senate. In order to assure the kind of expertise necessary for dealing with the legal, political, social and technological aspects, a commissioner should be considered for selection in part by reasons of his knowledge in one or several of the areas of civil rights and liberties, law, social sciences, computer technology, business, and State and local government. Not more than three of the members of the Commission shall be from the same political party. Commissioners shall serve for terms of three years and for no more than two terms. The President shall select the Chairman of the Commission from its members and he shall be the official spokesman of the Commission in its relations with Congress, the Federal Government and the general public. In this capacity, the Chairman would be expressing the view of the entire Commission. Of course, this would not prevent any other Commissioner from speaking his views, testifying, or providing information to Congress, the Executive or the public. In all other respects, the Chairman shall have equal responsibility and authority in all decisions and actions of the Commission with other members and each member shall have one vote on the Commission.
Section 102
PERSONNEL OF THE COMMISSION
Section 102 authorizes the Commission to appoint an Executive Director and other officers and employees and prescribe their functions and duties. The Executive Director will be compensated at a rate not in excess of the maximum for a GS-18 Federal employee.
In addition to its own employees, the Commission may contract for the services of experts and consultants to carry out its responsibilities. Where these are technicians charged with the inspection of physical and technical security of arrangements, computer equipment and systems, they should be bonded in cases where this is found appropriate.
Section 103
FUNCTIONS OF THE COMMISSION
One of the principal reasons for establishing a Privacy Protection Commission was to fill the present vacuum in the administrative process for overseeing establishment of governmental data banks and personal information systems and examining invasions of individual privacy.
Subsection 103(a)(1). Requires the Commission to publish, and supplement annually, a United States Directory of Information Systems. Each agency is required under subsection 201(c) to notify the Commission of the existence and character of each existing system or file which it maintains on individuals, or any significant expansion or modification of the system. The Commission is directed to publish this information in the Directory of Information Systems together with a listing of all statutes which require the collection of such information by a Federal agency. This is to carry out one of the fundamental principles of the Act that the existence of Federal personal record-keeping systems should not be kept secret from the Congress, the press, or the public. In particular, it is designed to give the citizen one set of accessible documents and one central location where one may reasonably be expected to find out just what agencies are likely to have a file on one and what they are likely to have done with it. It also provides a published standard for testing and evaluating Federal collection, use and disclosure of personal information in the hands of government. The Committee considers this requirement a substitute for the original requirement of notice to everyone on whom any Federal agency maintains a file, a notice ideally designed to promote the concept of substantive due process throughout government. However, consideration of testimony from experts and of agency objections concerning costs and administrative feasibility of such a requirement resulted in its deletion and replacement by the function of the Commission in this section.
Subsection 103(a)(2). Authorizes the Commissioners to investigate and hold hearings on reports received of violations of the Act. No adjudicatory powers are vested with the Commission and enforcement of the Act rests with the Federal courts. If the Commissioners determine that a violation has occurred, they may report that violation to the President, to the Attorney General, to the Congress, to the General Services Administration where the duties of that agency are involved, and to the Comptroller General if it deems it appropriate for any auditing functions of that agency. S. 3418, as originally introduced, would have given the Commission the power to issue cease and desist orders to stop violations of the Act. The Committee decided, however, to provide for general enforcement of the Act's safeguards, and for the implementation of the exemption provisions, through the administrative channels of each agency, with ultimate review of any challenges in a United States District Court.
Subsection 103(a)(3).MODEL GUIDELINES. The Commission has not been given the power to issue rules and regulations that would be binding on other Federal agencies. However, it is directed to develop model guidelines for implementing the provisions of the Act with interagency consultation and the assistance of appropriate experts in special subject areas. The Committee would expect that other Federal agencies would look to these guidelines before adopting their own rules and their procedures by which individuals could exercise their rights under this legislation.
The Commission is further directed to assist Federal agencies in preparing regulations to meet the technical and administrative requirements of this Act. It is expected that the Commission will retain or contract for expert assistance in information management and technology and other fields in order to provide resources that may not be available to each agency.
Subsection 103(b). Requires the Commission to review, and report on proposed data banks and substantial alteration of existing ones. For this reason, subsection 201(g) requires that Federal agencies report to the Commission of proposals to establish data banks and personal information systems, to significantly expand existing data banks and information systems, to integrate files or establish programs for records linkage within or among agencies, or to centralize resources and facilities for data processing.
The review anticipated here is for several purposes. The Commission is directed to review these reports in order to assess the potential impact of any such proposal on the privacy, due process, and other personal or property rights of individuals or on the confidentiality of personal information. This would include the physical, technical and administrative security of the data bank or computerized information system. The Committee acknowledges that there are many definitions of privacy and that there is no one precise definition as it relates to the exercise by an individual of rights guaranteed to him under the Constitution or of his right to own and possess property. Each amendment to the Constitution carries with it guarantees against governmental invasions of a particular aspect of individual privacy. Until the concept of privacy can be defined with more precision, the Committee believes that there is a need to study any threatened invasion of a broad range of individual rights by Federal information activities or practices.
In testimony before the Committee on Government Operations and before other committees of the Senate, questions have been raised about the impact of Federal information systems on State programs and powers as well as on the separation of powers existing between the judicial, executive and legislative branches of the Federal Government. Any proposal to establish or alter an information system should be examined in light of its potential to affect the Federal system:to take power or responsibility from the States or to grant responsibilities which should properly be carried out by a Federal agency.
Similarly, any major proposal to expand or create new information- handling technology by Federal agencies for personal data should pose questions for the Commission to attempt to answer regarding the ability of the three branches of government to discharge their responsibilities under such a new system. It is for all of these reasons that agencies must describe in their notices the following matters, under subsection 201(g):
(1)the effects of such proposals on the rights, benefits, and privileges of the individuals on whom personal information is maintained;
(2)the software and hardware features which would be required to protect security of the system or file and confidentiality of information;
(3)the steps taken by the agency to acquire such features in their systems, including description of consultations with representatives of the National Bureau of Standards and other computer experts; and
(4)a description of changes in existing interagency or intergovernmental relationships in matters involving the collection, processing, sharing, exchange, and dissemination of personal information.
Based upon its review of these proposals, the Commission should submit any findings and recommendations regarding the need for new legislation or administrative action to control or regulate new information-gathering techniques and technology to the President, the Congress, and the General Service Administration.
Subsection 103(c). The Commission is directed to report to the Congress the failure of any proposed data bank or information system to comply with the purposes, standards and safeguards of the Act. In most cases, a review by the Commission of proposals to establish or expand information systems should take no longer than sixty (60) days and should afford the agency sufficient opportunity to alter its proposal if a question regarding compliance with this Act is raised. This estimate of time is predicated on the full and prompt disclosure to the Commission of agency proposals sufficiently in advance of a final policy decision by the agency to proceed with the proposal to permit adequate review by the Commission. If it is necessary for the Commission to report a failure to comply with the Act, the agency proposing an information system change shall not proceed with this proposal until sixty (60) days after receiving that notification. This is to afford the Congress and responsible executive branch officials an opportunity to act on the agency proposal. If the Commission does not make a determination that the Act has not been violated by an agency proposal, this should not constitute an endorsement of or approval of any invasion of privacy which might result from the implementation of the newer alternate information system.
In carrying out its functions under the Act, the Commission is encouraged to consult to the fullest extent practicable the heads of departments, agencies and instrumentalities of the Federal Government, of State and local governments and of private businesses and other organizations which may be affected by S. 3418.In order to carry out the duties assigned by the Congress, the Commission must be provided access and the opportunity to personally inspect a wide range of confidential material, information maintained by public agencies and private organizations and businesses. In performing its functions the Commission has the difficult task of balancing its need for information with the rights of privacy of citizens. It may, for example, be necessary for it to examine the actual contents and use of certain files held by agencies. Obviously, the Commission itself is bound by the requirements of the Act, including civil and criminal liability for any improper use or divulgence of information it receives in carrying out its responsibilities. The Committee expects the Commission to perform its tasks comprehensively, but has guarded against the creation of an Information Czar. The Commission is not intended to maintain its own files on individuals, or to retain any such personal information in its own possession. The Committee regards this legislation as a means to guard against the integration of separate files on citizens into complete dossiers. The Commission's powers should not be used to frustrate this purpose. In addition, there is no intent to require a national depository for the technical and commercial, and trade documents, or the programming secrets of government organizations and the private sector.
Subsection 103(d)(1). Mutual cooperation will be important to the successful completion of the study of information systems and the implementation of the safeguards by the agencies covered by the Act. With regard to the Federal Government, the Commission may wish to form an interagency council to work to implement the provisions of the Act.
It is expected that the Commission will also serve as a clearinghouse for various Federal agencies and others to share information on methods of dealing with problems in administering the Act as well as assisting in the exchange of administrative and technological material related to handling of personal information.
Subsection 103(d)(2). It is probable that the Commission will need to study and initiate research projects to determine the best procedures for agency implementation and enforcement of this Act. Because of the highly technical nature of information in system management, research efforts may also be directed toward developing procedures for guarding against unauthorized access to information systems and procedures for implementing the standards and safeguards provided by title to this Act. Where these have already been undertaken by the National Bureau of Standards and other Federal offices, the Commission should take appropriate advantage of those resources to prevent duplication of efforts and to aid in the coordination of Federal efforts in this area.
Subsection 103(d)(3). The Committee added to the functions of the Commission the duty to determine, in connection with its research activities, that specific categories of information should be prohibited by statute from collection by Federal agencies on the basis that the collection of such information would violate an individual's right of privacy.
Section 104
CONFIDENTIALITY OF INFORMATION
In order to fulfill its obligations properly under this Act, the Commission must have access to all data, reports, and other information requested of any department, agency or instrumentality of the executive branch as well as of any independent agency.
Since this will require access to classified documents and other highly sensitive personal information, the Commission may accept identifiable personal data only if it is necessary to carry out its powers and functions. It is directed to establish safeguards to insure that the confidentiality of the information is maintained and upon completion of the purpose for which the information is required it must be destroyed or returned to the agency or person from whom it was received. Because of the strict penalties provided for the unauthorized disclosure of information entrusted to its care, the Committee believes it would be appropriate for the Commission to assure that its technicians and any other employees are bonded before they are permitted access to sensitive information. In addition Commission employees or contractors should be extended the same privileges and be subject to the same requirements for security clearances under the Federal Security Clearance as employees of the agency who have access to the information in question. Under no circumstances should the Commission or its employees be used by another agency for unlawfully obtaining information to which that agency would not be otherwise entitled. The internal rules and regulations of the operation of the Commission should reflect the need for careful handling of this information.
Section 105
POWERS OF THE COMMISSION
The Committee is determined that the Privacy Protection Commission must have certain powers to fully implement a study of personal information systems and to conduct oversight of the proper implementation of the Act in the Federal Government.
In order to investigate reported violations of the Act, the Commission may find it necessary to hold hearings and take testimony as well as receive evidence related to such violations before making any report to the Congress or to the Attorney General. In order to obtain sufficient information for these hearings or to assemble material for the study of information systems, the Commission is authorized to require by subpoena the attendance of witnesses and the production of books, records, papers, correspondence and documents as it deems advisable.
It is hoped that the Commission would be able to work out voluntary agreements with both public agencies and private organizations for obtaining ahy material necessary to carry out its statutory responsibilities. Should efforts at voluntary cooperation fail, however, the Committee believes that the role of the Commission is important enough to merit the force of law behind its requests. Under any circumstances, however, no subpoena shall be issued without a vote of the majority of the Commission. The Commission shall appear in court in its own name to enforce subpoenas issued pursuant to this Act, and it shall be represented by attorneys of its own choosing.
Testimony presented before this and other committees, as well as in noncongressional studies, has shown the need and value of the on-site inspection to ensure that regulations adopted pursuant to the Act are in fact adhered to by agencies in their normal day-to-day operations. By giving the Commission the power to take such other actions as may be necessary to implement the Act, the Committee has adopted this recommendation.
While criminal penalties for the violation of this Act are limited to the failure by an officer or employee of a Federal agency to disclose the existence of an information system or the unauthorized disclosure of certain sensitive personal information by a member or employee of the Commission, the Committee felt it was necessary to provide immunity from punishment under this Act pursuant to the provisions of Section 6001(1) of Title 18 of the U.S. Code. This 'whistle-blowing section' would permit the Commission to recommend to the Attorney General that a person not be prosecuted under this Act. And this section is designed to encourage the reporting of violations in order to further strengthen the reporting of violations in order to further strengthen the oversight responsibility of the Commission.
The section would authorize the Commission to adopt interpretative rules for the implementation of the rights, standards and safeguards provided by this Act. This is to assure that the rulemaking authority of the Commission is limited to the promulgation of rules and regulations governing its own operations, organization and personnel. This section was included to insure that the courts would not interpret these model guidelines or other rules which the Commission is authorized to issue as having the force of law with respect to any other Federal agency. Rather such guidelines shall offer only the Commission's best judgment regarding the possible implementation of its safeguards under the Act, and shall serve as a reference only for other Federal agencies to consider in adopting their own rules and regulations.
Section 106
COMMISSION STUDY OF OTHER GOVERNMENTAL AND PRIVATE ORGANIZATION
Section 106 requires the Privacy Commission to make and report on a study of the data banks, automated data processing programs, and information systems of the private sector as well as of regional and other governmental agencies. As discussed in this report, the decision to authorize such a study is based on the Committee deferral at this time of legislation for abuses of privacy, due process, and confidentiality in the private sector, a need particularly urgent with the growth of national data banks, application of computer technology, and use of new information management practices.
The lack of adequate empirical and legal research to support needed legislation is expected to be remedied by the Commission study and its specific recommendations as to application of the principles or guarantees of this legislation to particular sectors or subject areas, or to particular information linkages between private, State, and Federal data systems. It is further authorized to make such other legislative recommendations as it may determine necessary to protect individual privacy while meeting the legitimate needs of government and society for information. Such study may, on the basis of the Commission's research, take into account the testimony on the original bill advocating regulatory oversight by the Commission or some other Federal agency of all major data banks and information systems affecting privacy.
The Committee found a particular need for examination of the laws and practices governing the kinds of information held by private information collectors which the Federal government obtains by various means. This includes bank, health, educational, and employment records. It was partly for this reason that the Committee adopted an amendment authorizing the Commission to study what personal information the Federal Government should collect. Congressional studies revealed that most departments and agencies had little cogent knowledge on the extent of their data collection from the private sector and how their demands or their grants, contracts or agreements ultimately affected the privacy of the individual.
Despite some efforts by government and private bodies to study certain aspects of public and private information practices and computer technology, no Federal body has yet been given a broad mandate to examine the status of privacy in both the public and private sector and to recommend specific legislative or administrative action to enhance its protection. Indeed, the President's Domestic Council Committee on Privacy, established in early 1974, immediately perceived the need for a comprehensive survey and analysis of existing and planned data banks and of the laws pertaining to privacy, confidentiality and security. That Committee realized, however, that such a task would be time-consuming and difficult. It relied, therefore, on a recent survey of Federal data banks conducted by a congressional committee. The Privacy Committee of the Secretary of Health, Education, and Welfare had a similar experience. Similarly, a number of Department heads in recent years have discovered that they lack concrete and comprehensive information about their own agency's systems. Since existing executive offices have neither the authority nor the practical ability and resources to perform such functions, the Committee decided that it was necessary to create the Privacy Commission and charge it with these tasks. In doing so, the Committee has adopted a recommendation made by numerous experts and study panels for almost a decade.
The Commission is directed to complete the privacy study not later than three years from the date of its organization.It is authorized to make periodic reports of its findings to the President and to the Congress, which will allow it to submit reports and specific recommendations on subject areas as they are completed, and not all at once at the end of its term.
The reports shall include recommendations for applying the requirements and principles of the act to the information practices of organizations under study, whether by legislation, administrative action or by voluntary adoption of those requirements and principles.
Need for Study
Governors and other State and local officials have cited the dearth of because of their interstate nature, are difficult to analyze or control by State privacy laws and regulations. It is thus expected that the Commission's studies, especially those aspects analyzed by States, will assist the States in their own efforts to protect personal privacy.
Representatives of private industries, businesses and organizations have also indicated that such a study would better enable them to meet their ethical and legal obligations to protect individual privacy in an information-rich society while taking full advantage of the benefits of computer technology.
Guidelines for Study
The Committee is aware of the range of possible areas for investigation and of means of conducting such study. Therefore, subsection (b) establishes restraints, limitations and certain research guidelines for the Commission study so that the final product in each case may be responsive to the particular legislative and administrative needs of Congress, the executive branch and agencies of State and local governments.
As a specific requirement, the Committee is to examine and analyze the interstate transfer of information about individuals whether by manual or electronic means. As an example, interstate corporations and multi-state governmental units and private regional data banks for the purpose of approving credit applications, hiring personnel, examining claims for insurance, and other transactions affecting decisions about the rights, privileges or benefits of individuals. A second example would be the experimental Electronic Funds Transfer System now being developed under the auspices of the Department of the Treasury and the Social Security Administration to electronically transfer social security benefits and other welfare payments from government to bank.
The Commission study is by no means directed to all data banks on people or all personal information systems. Rather, the Commission is charged to study only those which significantly or substantially affect the privacy and other personal and property rights of citizens. The Committee has heard and reviewed much testimony which indicates that interstate and national information networks affect the lives and substantive rights of individuals in a variety of ways. The Committee believes that the Commission should focus its attention on the affects of the collection, use, storage and transfer of information on the rights of individuals.
Social Security Numbers
Particular practices and subjects which the Committee has found are of special concern to the public are designated to be given priority. The Commission is required to study the use of social security numbers, license plate numbers, universal identifiers, and other symbols used to identify individuals in information systems and to gain access to integrate or centralize systems and files. One of the most important problems that has arisen in the Committee's consideration of privacy legislation is the built-in potential among personal information systems for the creation of a national data bank. A single national system could be advanced by the use of a common identifying number or symbol unique to each individual. The Committee intends that the Commission examine the use of social security numbers and other similar identifying symbols or codes in light of their possible use as universal identifiers, or as indexing tools which may ease the breach of confidentiality or make government record surveillance over the individual easier. The Commission should review laws, regulations and decisions affecting these matters and, in particular, examine the costs and feasibility of halting or restraining present trends in such practices and developing less threating alternatives in the interest of guaranteeing individual privacy and confidentiality of personal information.
Statistical Data
The Commission is also required to study the matching, integration and analysis of federally produced statistical data with other sources of personal information to reconstruct individual responses to statistical questionnaires for uses other than those for which the information was collected. The Committee was presented with circumstantial evidence in Volume II of the 1971 President's Commission on Federal Statistics which indicates that it is possible, through sophisticated computerized techniques to estimate with reasonable accuracy personal information relating to identifiable individuals using multiple sources of statistical and nonstatistical information published by Federal and State agencies. Such information yields to its user significant information about individuals heretofore held in confidence and thus violating a pledge of confidentiality made by Federal agencies collecting the information for statistical purposes. Commercial firms are rapidly improving this technology, thus creating the need for careful attention to its direction and ultimate capability and its impact on privacy. The Committee intends that particular attention be paid to such developments by certain direct mail marketers, and that the Commission recommend measures to preserve the guarantees of confidentiality provided by existing census statutes and regulations and promised by organizations conducting statistical surveys.
The Committee believes that legislation on privacy issues should give due regard to the preservation of the Federal system and should allow States to provide stronger controls as they see fit or to experiment with their own legislation to meet problems unique in those States. At the same time, they should be afforded all of the information which such a national study can make available. In conducting its study, the Commission is required to examine the laws, Executive orders, regulations, directives, and judicial decisions which govern the activities under study by the Commission and determine the extent to which they are consistent with the rights of privacy and due process, and other guarantees of the Constitution which this Act seeks to promote. The Committee is cognizant that many laws, regulations and judicial decisions affect the collection of information about individuals and the rights of individual privacy. To fully exercise its study function, the Committee feels that the Privacy Commission should examine these and take them into account as necessary in making its recommendations. In In acquiring such information, the Commission may seek the advice and aid of governors, attorneys general, judges, mayors and others with unique control over or knowledge of the public policy and law on privacy matters.
Federal-State Relations
The Commission is directed to determine the extent to which major governmental and private personal information systems affect Federal-State relations or the principle of separation of power