Information Technology Reference
In-Depth Information
•
Permit people to determine what records pertaining to them are collected, maintained,
used, or disseminated by such agencies
•
Permit people to prevent records pertaining to them from being used or made available
for another purpose without their consent
•
Permit people to gain access to information pertaining to them in federal agency records,
to have a copy of all or any portion thereof, and to correct or amend such records
•
Ensure that they collect, maintain, use, or disseminate any record of identifiable personal
information in a manner that ensures that such action is for a necessary and lawful
purpose, that the information is current and accurate for its intended use, and that
adequate safeguards are provided to prevent misuse of such information
•
Permit exemptions from this act only in cases of an important public need for such
exemption, as determined by specific law-making authority
•
Be subject to civil suit for any damages that occur as a result of willful or intentional
action that violates anyone's rights under this act
PA74, which applies to all federal agencies except the CIA and law enforcement agencies,
also established a Privacy Study Commission to study existing databases and to recommend
rules and legislation for consideration by Congress. PA74 also requires training for all fed-
eral employees who interact with a “system of records” under the act. Most of the training
is conducted by the Civil Service Commission and the Department of Defense. Another
interesting aspect of PA74 concerns the use of Social Security numbers—federal, state, and
local governments and agencies cannot discriminate against people for not disclosing or
reporting their Social Security number.
Gramm-Leach-Bliley Act
This act was passed in 1999 and required all financial institutions to protect and secure
customers' nonpublic data from unauthorized access or use. Under terms of this act, it was
assumed that all customers approve of the financial institutions' collecting and storing their
personal information. The institutions were required to contact their customers and inform
them of this fact. Customers were required to write separate letters to each of their individual
financial institutions and state in writing that they wanted to opt out of the data collection
and storage process. Most people were overwhelmed with the mass mailings they received
from their financial institutions and simply discarded them without ever understanding their
importance.
USA Patriot Act
As discussed previously, the 2001 Uniting and Strengthening America by Providing Appro-
priate Tools Required to Intercept and Obstruct Terrorism Act (USA Patriot Act) was passed
in response to the September 11 terrorism acts. Proponents argue that it gives necessary new
powers to both domestic law enforcement and international intelligence agencies. Critics
argue that the law removes many of the checks and balances that previously allowed the courts
to ensure that law enforcement agencies did not abuse their powers. For example, under this
act, Internet service providers and telephone companies must turn over customer informa-
tion, including numbers called, without a court order if the FBI claims that the records are
relevant to a terrorism investigation. Also, the company is forbidden to disclose that the FBI
is conducting an investigation.
Other Federal Privacy Laws
In addition to PA74, other pieces of federal legislation relate to privacy. A federal law that
was passed in 1992 bans unsolicited fax advertisements. This law was upheld in a 1995 ruling
by the Ninth U.S. Circuit Court of Appeals, which concluded that the law is a reasonable
way to prevent the shifting of advertising costs to customers. Table 14.3 lists additional laws
related to privacy.
