PROTECTING INDIVIDUAL PRIVACY IN FEDERAL GATHERING, USE AND DISCLOSURE OF INFORMATION REPORT OF THE COMMITTEE ON GOVERNMENT OPERATIONS UNITED STATES SENATE TO ACCOMPANY S. 3418 TO ESTABLISH A PRIVACY PROTECTION COMMISSION, TO PROVIDE

Approved For Release 2001/08/25 CIA-RDP76M00527R000700130032-5 Calendar No, 1127 93D CONG1iESS l it a F; a s 2d Session f SENATE 03, 4183 .ve PROTECTING INDIVIDUAL PRIVACY IN FEDERAL GATHERING, USE AND DISCLOSURE OF INFORMATION REPORT"' COMMITTEE ON GOVERNMENT OPERATIONS UNITED STATES SENAT7 ; TO ACCOIITPAN1r 3418 TO ESTABLISH A PRIVACY PROTECTION COMMISSION, TO PROVIDE MANAGEMENT SYSTEMS IN FEDERAL AGENCIES AND CERTAIN OTHER ORGANIZATIONS WITH RESPECT TO TIIE GATHERING AND DISCLOSURE Q1 INFORMATION CONCERNING INDIVIDUALS, AND FOR OTHER PURPOSES SEYTEMBEIt 26, 11J74.-Ordered to be printed 38-010 WASHINGTON : 1974 Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 COMMITTEE ON GOVERNMENT OPERATIONS SAM J. ERVIN, In, North Carolina, Chairman JOHN L. McCLELLAN, Arkansas CHARLES H. PERCY, Illinois HENRY M. JACKSON, Washington JACOB K. JAVITS, New York EDMUND S. MUSKIE, Maine EDWARD J. GURNEY, Florida ABRAHAM RIBICOFF, Connecticut- WILLIAM V. ROTH, JR., Delaware LEE METCALF, Monona BILL BROCK, Tennessee JAMES B. ALLEN, Alabama LAWTON CHILES, Fhirlda -SAM NUNN, Georgia WALTER D. HUDDL'LSTON, Kentucky ROBERT BLAND SMITH, Jr., Chief Counsel and Staff Director ELI E. NOBLEMAN, Counsel W. P. (Io0Div1N, Jr., Counsel J. ROBERT VASTINE, Minority Counsel BRIAN CoxBbY, SpecialCou'nsel to the Minority ,W. THOMAS FOXWELL, Staff Editor MARCIA 1.MACNAUGHTON, Chief Consuliat5t Dr. ALAN'F. WESTINN, Special Consultant Dr. CHBISTbIHERIT. PYLE,'Consultant MARE ]DRAVIN, Consultant Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 CONTENTS Page Purpose------------------------------------------------ 1 Background-------------------------------------------- 3 General statement--------------------------------------- 14 Coverage ----------------------------------------------- 17 Right of access and challenge_____________________________ 20 Law enforcement files____________________________________ 22 Privacy Commission------------------------------------- 23 Enforcement -------------------------------------------- 27 Social Security numbers__________________________________ 28 Mailing lists-------------------------------------------- 31 TITLE I-PRIVACY PROTECTION COMMISSION: Section 101-Establishment of Commission------------- 33 Section 102-Personnel of the Commission------------- 34 Section 103-Functions of the Commission------------- 34 Section 104-Confidentiality of information------------- 38 Section 105-Powers of the Commission---------------- 38 Section 106-Commission study of other governmental and private organizations--------------- 39 Section 107-Reports -------------------------------- 441 TITLE II-STANDARDS AND MANAGEMENT SYSTEMS FOR HAN- DLING INFORMATION RELATING TO INDIVIDUALS: Section 201-Safeguard requirements for administrative, intelligence, statistical-reporting, and re- search purposes_______________________ 45 Section 202-Disclosure of-information ----_ _ _ _ _ _ _ _ _ _ _ _ _ 68 Disclosure exceptions---------------- 70 Section 203-Exemptions ----------------------------- 74 Section 204-Archival records_________________________ 76 Section 205-Exceptions ----------------------------- 77 Section 206-Mailing lists____________________________ 78 TITLE III-MISCELLANEOUS: Section 301-Definitions ----------------------------- 78 Section 302-Criminal penalty________________________ 81 Section 303-Civil remedies__________________________ 82 Section 304-Jurisdiction of District Courts ------------ 833 Section 305-Effective date___________________________ 84- Estimated cost of legislation______________________________ 84, Rollcall vote-------------------------------------------- 85 Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 Calendar No,1127. 93n CONGRESS SENATE REPORT 2d Session No. 93-1183 PROTECTING INDIVIDUAL PRIVACY IN FEDERAL GATH- ERING, USE AND DISCLOSURE OF INFORMATION Mr. ERVIN, from the Committee on Government Operations, submitted the following REPORT The Committee on Government Operations, to which was referred the bill (S. 3418) to establish a Federal Privacy Board to oversee the gathering and disclosure of information concerning individuals, to provide management systems in Federal agencies, State and local governments, and other organizations regarding such information, and for other purposes, having considered the same, reports favorably thereon with an amendment in the nature of a substitute and an amended title and recommends that the bill as amended do pass. PURPOSE The purpose of S. 3418, as amended, is to promote governmental respect for the privacy of citizens by requiring all departments and agencies of the executive branch and their employees to observe cer- tain constitutional rules in the computerization, collection, manage- ment, use, and disclosure of personal information about individuals. It is to promote accountability, responsibility, legislative oversight, and open government with respect to the use of computer technology in the personal information systems and data banks of the Federal Government and with respect to all of its other manual or mecha- nized files. It is designed to prevent the kind of illegal, unwise, overbroad, investigation and record surveillance of law-abiding citizens produced in recent years from actions of some over-zealous investigators, and the curiosity of some government administrators, or the wrongful disclosure and use, in some cases, of personal files held by Federal agencies. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 ?t 1is to prevent the secret gathering of information on people or the geation of, secret information systems or data banks on Americans b employees of the departments and agencies of the executive branch. It ,is designed to set in motion for long-overdue evaluation of the nce,ds of the Federal Government to acquire and retain personal information on. Americans, by requiring stricter review within agencies of criteria for collection and retention. It is also to .promote observance of valued principles of fairness and individual privacy by those who develop, operate, and administer other major institutional and organizational data banks of govern- ment and society. S. 3418 ACCOMPLISIiES THESE PURPOSES IN FIVE MAJOR WAYS First, it requires agencies to give detailed notice of the nature and uses of their personal,data. banks and information systems and their computer resources. It requires a new Privacy Commission to main- tain and publis,i an information directory for the public, to examine executive branch proposals for new personal data banks and systems, and to report to Congress and the President if they adversely affect privacy and individual: rights. It penalizes those who keep secret such a personal information system or data bank. Second, the bill establishes certain minimum information-gathering standards for all agencies to protect the privacy and due process rights of the individual and to assure that surrender of personal infor- mation is made with informed consent or with some guarantees of the uses and confidentiality of the information. To this end, it charges agencies; To collect; solicit and 'maintain only personal information that Is relevant and'necessary for a statutory purpose of the agency; To prevent hearsay and inaccuracies by collecting information ,directly from the person involved as far as practicable; To',inforn. people requested or required to reveal information about themselves whether their disclosure is mandatory or volun- tary, what uses and penalties are involved, and what confiden- tiality guarantees surround the data once government acquires it; and To establish no program for collecting or maintaining infor- mation on how people exercise First Amendment rights without a strict reviewing process. Third, the bill establishes certain minimum standards for handling and processing personal information maintained in the data banks and systems of tie executive branch, for preserving the security of the computerized or manual system, and for safeguarding the con- fidentiality of the information. To this end, it requires every depart- ment and agency to insure, by whatever steps they deem necessary: That the information they keep, disclose, or circulate about citizens is as accurate, complete, timely, and relevant to the agency's needs as possible; That they refrain from disclosing it unless necessary for em- ployee duties, or from making it available outside the agency Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 without the consent of the individual. and proper guarantees, unless pursuant to open records laws, or unless it is for certain law enforcement or other purposes; That they take certain administrative actions to keep account of the employees and people and organizations who have access to the system or file, and to keep account of the disclosures and uses made of the information; That they establish rules of conduct with regard to theiethical and legal obligations in developing and operating a computerized or other data system and in handling personal data, and take action to instruct all employees of such duties; That they not sell or rent the names and addresses of people whose files they hold; and That they issue appropriate administrative orders, provide personnel sanctions, and establish appropriate technical and physical safeguards to insure the security of the information sys- tem and the confidentiality of the data. Fourth, to aid in the enforcement of these legislative restraints, the bill provides administrative and judicial machinery for oversight and for civil remedy of violations. To this end, the bill: . Gives the individual the right, with certain exceptions, to be told upon request whether or not there is a government record on him or her, to have access to it, and to challenge it with a hearing upon request, and with judicial review in Federal Court; Establishes an independent Privacy Protection Commission with subpoena power and authority to receive and investigate charges of violations of the Act and report them to the proper officials; to develop model guidelines and assist agencies in imple- menting the Act; and to alert the President and Congress to proposed Federal information programs and data banks which deviate from the standards and requirements of the Act; and Judicial remedies allow the enforcement of the act through the courts by individuals and organizations in civil actions challenging denial of access to personal information or through suits by the Attorney General or any aggrieved person to enjoin violations or threatened violations of the Act. Fifth, the bill requires the Commission to make a study of the major data banks and computerized information systems of other governmental agencies and of private organizations and to recommend any needed changes in the law governing their practices or the ap- plication of all or part of this legislation in order to protect the privacy of the individual. BACKGROUND The Committee on Government Operations' ad hoc Subcommittee on Privacy and Information Systems conducted hearings on June 18, 19, and 20, 1974, to consider S. 3418, cosponsored by Senators Ervin, Percy, Muskie, and Ribicoff. The hearings were held jointly with the Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 Judiciary Committee's Subcommittee on Constitutional Rights which was considering the following legislation on related issues: S. 2810, introduced by Senator Goldwater, to protect the constitu- tional right of privacy of individuals concerning whom identifying numbers or identifiable information is recorded by enacting principles of information practice in furtherance of amendments I, III, IV, X, and XIV of the U.S. Constitution; S. 2542, introduced by Senator Bayh to protect the constitutional right of privacy of those individuals concerning whom records are maintained; and S. 3116, intraduced by Senator Hatfield, to protect the individual's right to privacy by prohibiting the sale or distribution of certain information. COMMITTEE OVERSIGHT These hearings continued the oversight by the Government Opera- tions Committee of the development and proper management of auto- mated data processing in the Federal Government and its concern for the effect on Federal-State relations of national and intergovernmental data systems involving electronic and manual transmission, sharing, and distribution of personal information about citizens. Senator Ervia. announced the joint hearings as Chairman of both subcommittees,. in a Senate speech on June 11 in which he summarized the issues and described some of the complaints from citizens which have been received by Members of Congress, as follows : It is a raze person who has escaped the quest of modern government for information. Complaints which have come to the Constitutional Rights Subcommittee and to Con- gress over the course of several administrations show that this is a bipartisan issue which effects people in all walks of life. The complaints have shown that despite our reverence for the constitutional principles of limited Government and freedom of the individual, Government is in danger of tilting the scales against those concepts by means of it,,, information- gathering tactics and its technical capacity to store and distrib- ute information. When this quite natural tendency of Gov- e'rnment to acquire and keep and share information about citizens is enhanced by computer technology and when it is subjected to the unrestrained motives of countless political administratcrs, the resulting threat to individual privacy make it necessary for Congress to reaffirm the principle of limited, responsive Government on behalf of freedom. The complaints-show that many Americans are more con- cerned than Over before about what might be in their records because Government has abused, and may abuse, its power to investigate and store information. They are concerned about the transfer of information from data bank to data bank and black list to black list because they have seen instances of it. They are concerned about intrusive statistical question- naires backed by the sanctions of criminal law or the threat of it because they have been subject to these practices over a number of years. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 5 S. 3418 provides an "Information Bill of Rights" for citizens and a "Code of Fair Information Practices" for departments and agencies of the executive branch. Testimony and statements were received from Members of Congress who have sponsored legislation and conducted investigations into complaints from citizens; from Federal, State, and local officials includ- ing representatives of the Administration and certain departments and agencies, the Domestic Council Committee on Right to Privacy, the Commerce Department, Bureau of the Census, National Bureau of Standards, the General Services Administration,, the Office of Telecommunications Policy; the National Governors Conference, the National Legislative Conference, the National Association for State Information Systems, and the Government Management Information Sciences. Many interested organizations and individuals with expert knowledge of the subject advised the Committee. These included the former Secretary of Health, Education, and Welfare, Elliot Richard- son, authors of major studies, experts in computer technology, consti- tutional law, and public administration, the American Civil Liberties Union, Liberty Lobby, the National Committee for Citizens in Education, the American Society of Newspaper Editors, and others. The provisions of the bill as reported, reflect the bill as introduced, with revisions based on testimony of witnesses at hearings, consulta- tions with experts in privacy, computer technology, and law, repre- sentatives of Federal agencies and of many private organizations and businesses, as well as the staffs of a number of congressional com- mittees engaged in investigations related to privacy and governmental information systems. The Committee finds that the need for enactment of these provisions is supported by the investigations and recommendations of numerous congressional committees, reports of bar associations, and others organizations, and conclusions of governmental study commissions. To cite only a few, there are: Earlier studies of computers and information technology by the Senate Committee on Government Operations and the current hearings and studies relating to S. 3418; The hearings and studies on computers, data banks and the bill of rights and other investigations of privacy violations before the Constitutional Rights Subcommittee; The hearings and studies of computer privacy and government information-gathering before the Judiciary Administrative Prac- tices Subcommittee; The hearings on insurance industries and other data banks before the Judiciary Antitrust Subcommittee; The hearings on abuses in the credit reporting industries and on protection of bank records before the Senate Banking, Housing and Urban Affairs Committee; Investigations over many years by the House Government Operations Committee; and Finally, there are many revelations during the hearings before the Select Committee on Watergate of improper access, transfer and disclosure of personal files and of unconstitutional, illegal or improper investigation of and collection of personal information on individuals. S.R. 1183-2 Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 CIA-RDP76M00527R000700130032-5 `Particularly supportive of the principles and purposes of S. 3418 are the following reports sponsored by Government agencies: 1. "Legal Aspects of Computerized Information Systems" by the Committee., on Scientific, and Technical Information, Federal Council of Science and Technology, 1972. 2. "records, Computers and the Rights of Citizens", Report of the Secretary's Advisory Committee on Automated Personal Data Systems, Department of Health, Education and Welfare, July 1973. 3. "Databanks in a Free Society, Computers, Record-Keeping and Privacy", of the Computer Science and Engineering Board, National Academy of Sciences, by Alan F. Westin and Michael Baker. 4. Technical Reports by Project Search Law Enforcement Assistance Administration, Department of Justice. 5. A draft study by the Administrative Conference of the United States on Interagency Transfers of Information. 6. Report by the National Governors Conference. 7. Reports by international study bodies. The ad hoc subcommittee has initiated two surveys of the Governors and of the attorneys general of the States which are producing re- sponses supportive of congressional legislation on privacy and Federal computers and information technology. They also reveal strong efforts in State and local governments to enact similar or stronger legislation to protect privacy. The need for the bill is also evident from the sample of legal literature and public administration articles and press articles reprinted in the appendix of the subcommittee hearings. Finally, there are the complaints of information abuses received by many Members of Congress and diligently investigated by each of them. Dr. Alan F. Westin, director of the 1972 National Academy of Sciences Project, reported that the study suggested "six major areas of priority for public action: laws to give individuals a right of notice, access, and challenge to virtually every file held by local, State, and national government, and most private record systems as well; pro- mulgation of clearer rules for data-sharing and data-restriction than we now have in most important personal data files; rules to limit the collection of unrecessary and overbroad personal data by any or- ganization; increased work by the computer industry and professionals on security measures to make it possible for organizations to keep their promises of confidentiality; limitations on the current, unregulated use of the Social Security number; and the development of independent, `information-trus ~' agencies to hold especially sensitive personal data, rather than allowing these data to be held automatically by existing agencies." Witnesses cited the failure of legislation and judicial decisions to keep pace with the growing efficiency of data usage by promulgating clear standards for data collection, data exchange, and individual access rights. Similarly, many other witnesses before Congress agreed Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 7 with his judgment that the mid-1970's is precisely the moment when such standards need to be defined and installed if the managers of large data systems, and the specialists of the computer industry, are to have the necessary policy guidelines around which to engineer the new data systems that are being designed and implemented. Dr. Westin cautioned: To delay congressional action in 1974-75, therefore, is to assure that a large number of major data systems will be built, and other existing computerized systems expanded, in ways that will make it extremely costly to alter the software, change the file structures, or reorganize the data flows to respond to national standards. And beyond the money, such late changes threaten to jeopardize many operations in vital public services that will be increasingly based on compu- terized systems-national health insurance, family assistance plans, national criminal-offender records, and many others. In fact, these systems may become so large, so expensive, and so vital to so many Americans that public opinion will be put to a terrible choice-serious interruption of services or installation of citizen-rights measures. The spread of the data bank concept, the increasing computerization of sensitive subject areas relating to people's personal lives and activities, and the tendency of government to put information tech- nology to uses detrimental to individual privacy were detailed by Professor Arthur Miller. Ile stated: Americans today are scrutinized, measured, watched, counted, and interrogated by more governmental agencies, law enforcement officials, social scientists and poll takers than at any other time in our history. Probably in no Nation on earth is as much individualized information, collected, recorded and disseminated as in the United States. The information gathering and surveillance activities of the Federal Government have expanded to such an extent that they are becoming a threat to several of every Ameri- can's basic rights, the rights of privacy, speech, assem- bly, association, and petition of the Government. I think if one reads Orwell and Huxley carefully, one realizes that "1984" is a state of mind. In the past, dictator- ships always have come with hobnailed boots and tanks and machineguns, but a dictatorship of dossiers, a dictatorship of data banks can be just as repressive, just as chilling and just as debilitating on our constitutional protections. I think it is this fear that presents the greatest challenge to Con- gress right now. Professor Miller characterized the reported bill as "a major stop in developing a rationale regulatory scheme for achieving an effective balance between a citizen and the Government in the important field of information privacy. The creation of a Privacy Protection Com- mission with broad power of investigation, reporting, and suasion seems to me to be an effective way of developing policy in this rapidly Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 CIA-RDP76M00527R000700130032-5 8 changing environment. Also worthy of enthusiastic support is Title II of the proposed legislation. We simply cannot allow more time to pass without developing standards of care with regard to the gathering and handling of personal information. In that regard, S. 3418 goes a long way to establish the much needed information bill of rights." The four-year survey by the Constitutional Rights Subcommittee, intended as an aid to Congress in evaluating rending legislation, demonstrates the need for requiring the following Congressional action : Explicit statutory authority for the creation of each data bank, as well as prior examination and legislative approval of all decisions to computerize files; Privacy safeguards built into the increasingly computerized government- files as they are developed, rather than merely attempting to supplement existing systems with privacy protections; Notification of subjects that personal information about them is stored in a Federal data bank and provision of realistic op- portunities for individual subjects to review and correct their -own records; Constraints on interagency exchange of personal data about individuals and the creation of interagency data bank coopera- tives; The implementation of strict security precautions to protect the data banks and the information they contain from unauthor- ized or illegal access; and Continued legislative control over the purposes, contents and uses of government data systems. HEW REPORT Another report reflecting major provisions of S. 3418 is that rendered by the Secretary's Advisory Committee on Automated Personal Data Systems tc- the Department of Health, Education and Welfare. Former Secretary Elliot Richardson described their findings in his testimony. The report found that "concern about computer-based record keeping usually centers on its implications for personal privacy, and understandably 3o if privacy is considered to entail control by an individual over the uses made of information about him. In many circumstances in modern life, an individual must either surrender some of that control or forego the services that an organization pro- vides. Although there is nothing inherently unfair in trading some measure of privacy for a benefit, both parties to the exchange should participate in setting the teams." "Under current law, a person's privacy is poorly protected against arbitrary or abusive record-keeping practices." For this reason, as well as because of the need to establish standards of record-keeping practice appropriate to the computer age, the report recommends the enactment of a Federal "Code of Fair Information Practice" for all automated personal data systems. The Code rests on five basic prin- Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/2 : CIA-RDP76M00527R000700130032-5 ciples that would be given legal effect as "safeguard requirements" for automated personal data systems. There must be no personal data record-keeping systems whose very existence is secret. There must be a way for an individual to find out what informa- tion about him is in a record and how it is used. There must be a way for an individual to prevent information about him that was obtained for one purpose from being used or made available for other purposes without his consent. There must be a way for an individual to correct or amend a record of identifiable information about him. Any organization creating, maintaining, using, or disseminating records of identifiable personal data must assure the reliability of the data for their intended use and must take precautions to prevent misuse of the data.* The Advisory Committee recommended "the enactment of legis- lation establishing a Code of Fair Information Practice for all auto- mated personal data systems as follows: The Code should define "fair information practice" as ad'ierence to specified safeguard requirements. The Code should prohibit violation of any safeguard requirement as an "unfair information practice." The Code should provide that an unfair information practice be subject to both civil and criminal penalties. The Code should provide for injunctions to prevent violation of any safeguard requirement. The Code should give individuals the right to bring suits for unfair information practices to recover actual, liquidated, and punitive damages, in individual or class actions. It should also provide for recovery of reasonable attorneys' fees and other costs, of litiga- tion incurred by individuals who bring successful suits." Pending the enactment of a code of fair information practice,. the Advisory Committee also recommended that all Federal agencies apply these requirements to all Federal systems, and assure through? formal rulemaking that they are applied to all other systems within. reach of the Federal government's authority. Beyond the Federal, Government, they urged that state and local governments, the institu- tions within reach of their authority, and all private organizations, adopt the safeguard requirements by whatever means are appropriate. Revolutionary changes in data collection, storage and sharing' were described by Senator Goldwater, who was one of many wit-- nesses who called for enactment of the recommendations of the HEW Advisory Committee. He stated: Computer storage devices now exist which make it entirely, practicable to record thousands of millions of characters of information, and to have the whole of this always available, *Records, Computers, and the Rights of Citizens, U.S. Department of Health, Education, and, Welfare' 1973, p. U. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 10 for instant retrieval ... Distance is no obstacle. Communica- tions circuits, telephone lines, radio waves, even laster beams, can. be use l,to carry information in bulk at speeds which can match the computer's owTn. Time-sharing is normal . . . we are now hearing of a system whereby it is feasible for there to be sevr`althousands of simultaneous users or terminals. Details of our health, our education, our employment, our taxes, our telephone calls, our insurance, our banking and financial transactions, pension contributions, our books borrowed, our airline and hotel reservations, our professional societies, our family relationships, all are being handled by computers right now. Unless these computers, both govern- mental and private, are specifically programmed to erase unwanted history, these details from our past can at any time be reassembled to confront us ... We must program the pro- grammers while there is still some personal liberty left. The Committee has found that the concern for privacy is a bi- partisan issue and knows no political boundaries. President Ford, as Vice-President, chaired aDomestic Council Committee on the Right of Privacy which was established by President Nixon in February 1974. In recent address on the subject, lie stated : In dealing with troublesome privacy problems, let us not, however, scapegoat the computer itself as a Frankenstein's monster. But let us be aware of the implications posed to free- dom and privacy emerging from the ways we use computers to collect and disseminate personal information. A concerned involvement by all who use computers is the only way to produce standards and policies that will do the' job. It is up to is to assure that information is not fed into the computer unless it is relevant. Even if it is relevant, there is still a need for discretion. A determination must be made if the social harm done from some data outweighs its usefullness. The decision-making process is activated by demands of people on the government and business for instant credit and instant. services. Com- puter technology has made privacy an issue of urgent national signilicance. It is not the technology that concerns me but its abuse. I am also confident that technology capable of designing such' intricate systems can also design measures to assure security. FEDNET In the same address, the Vice-President called attention to FED- NET and problems involved in a proposed centralization of computer facilities which concerned several Congressional committees and which provisions in S._3418 would correct. He stated: The Government's Gen.eral Services Administration has distributed-specifications. for bids on centers throughout the country for a massive new computer network. It void , have the potential_ to store comprehensive data on individuals and institutions. The contemplated system, known as FEDNET, =gould link Federal agencies in a network that would .allow Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 15 : CIA-RDP76M00527R000700130032-5 GSA to obtain personal information from the files of many Federal departments. It is portrayed as the largest single governmental purchase of civilian data communication in history. I am concerned that Federal protection of individual privacy is not yet developed to the degree necessary to pre- vent FEDNET from being used to probe into the lives of individuals. Before building a nuclear reactor, we design the safeguards for its use. We also require environmental impact statements specifying the anticipated effect of the reactor's operation on the environment. Prior to approving a vast computer network affecting personal lives, we need a com- parable privacy impact statement. We must also consider the fallout hazards of FEDNET to traditional freedoms. Examples The revelations before the Select Committee to Investigate Presi- dential Campaign Activities concerning policies and practices of promoting the illegal gathering, use or disclosure of information on Americans who disagreed with governmental policies were cited by almost all witnesses as additional reasons for immediate congressional action on S. 3418 and other privacy legislation. The representative of the American Civil Liberties Union stated: Watergate has thus been the symbolic catalyst of a tremen- dous upsurge of interest in securing the right of privacy: wiretapping and bugging political opponents, breaking and entering, enemies lists, the Huston plan, national security justifications for wiretapping and burglary, misuse of information compiled by government agencies for political purposes, access to hotel, telephone and bank records; all of these show what government can do if its actions are shrouded in secrecy and its vast information resources are applied and manipulated in a punitive, selective, or political fashion. Despite such current concern, Congressional studies and complaints to Congress show that the threats to individual privacy from the curiosity of administrators and salacious inquiries of investigators predated "Watergate" by many years. These have been described at length in the hearing record on S. 3418. For example, under pain of civil and criminal sanctions, many people have been selected and told to respond to questions on statis- tical census questionnaires such as the following: How much rent do you pay? Do you live in a one-family house? If a woman, how many babies have you had? Not counting still births. How much did you earn in 1967? If married more than once, how did your first marriage end? Do you have a clothes dryer? Do you have a telephone, if so, what is the numbpr7 Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 12 Do you have a home food freezer? Do you own a second home? Does your TV set have UHF? Do you have a flush toilet? Do you have a bathtub or shower? The studies show that thousands of questionnaires are sent out yearly asking personal questions, but people are not, told their re- sponses are voluntary; many think criminal penalties attach to them; it is difficult, for them to find out, what legal penalties attach to a denial of the information or what will be done with it.. If they do not respond, reports show that they are subjected to telephone calls, certified follow-up letters, and personal visits. Much of this work is done by the Census Bureau under contract, and many people believe that whatever agency receives the responses, their answers are subject to the same ina..datoryy provisions and confidentiality rules as the decennial census replies. A Senate survey reveeled that in 3 years alone the Ceu i!s Bureau had provided their computer services at the request of 24 other agencies and departments for conducting voluntary surveys coverhag over 6 million people. Other independent voluntary surveys were conducted by the agencies themselves oil subjects ranging from bomb shelters, to smoking habit s, to birth control methods, to whether people who had died had slept with the window open. The form usually asked for social security number, address and phone number: One such survey technique came to light through complaints to Congress from elderly, disabled or retired people in all walks of life who were pressured to answer a 15-page form sent out by the Census Bureau for the Department of Health, Education and Welfare which asked: What have you been doing in the last 4 weeks to find work? Taking things all together, would you say you are very happy, pretty happy, or not too happy these days? Do you have any artificial dentures? Do you-or your spouse--see or telephone your parents as often as once a week? What is the total number of gifts that you give to individuals per year? How many different newspapers do you receive and buy regularly? About Low often do you go to a barber shop or beauty salon? What were you doing most of last week? Applicants for Federal jobs in some agencies, and employees in certain cases, have been subjected to programs requiring them to answer forms of psychological tests which contained questions such * as these: `Senate Report 93-724, to accompany S. 1688. "To Protect the Privacy and Rights of Federal Employees." The report describes other similar programs for soliciting, collecting or using personal information from and about applicants end em loyees. S. 1688 has beea approved by the Senate five times. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 13 I am very seldom troubled by constipation. My sex life is satisfactory. At times I feel like swearing. I have never been in trouble because of my sex behavior. I do not always tell the truth. I have no difficulty in starting or holding my bowel movements. I am very strongly attracted by members of my own sex. I like poetry. I go to church almost every week. I believe in the second coming of Christ. I believe in a life hereafter. My mother was a good woman. I believe my sins are unpardonable. I have used alcohol excessively. I loved my Mother. I believe there is a God. Many of my dreams are about sex matters. At periods my mind seems to work more slowly than usual. I am considered a liberal "dreamer" of now ways rather than a practical follower of well-tried ways. (a) true, (b) uncertain, (c) false. When telling a person a deliberate lie, I have to look away, being ashamed to look him in the eye. (a) true, (b) uncertain, (c) false. First Amendment Programs: the Army Section 201(b) (7) prohibits departments and agencies from under- taking programs for gathering information on how people exercise their First Amendment rights. Section 201(a) prevents them from collecting and maintaining information which is not relevant to a statutory purpose. The need for these provisions have been made evident in many ways. In addition to federal programs for asking people questions such as whether they "beli3ve in the second coming of Christ," there have been numerous other programs affecting First Amendment rights. One of the most pervasive of the intrusive information programs which have concerned the Congress and the public in recent years involved the Army surveillance of civilians, through its own records and those of other federal agencies. The details of these practices have been documented in Congressional hearings and reports and were summarized by Senator Ervin as follows:* *Hearings before the Subcommittee on Constitutional Rights of the Judiciary Committee, 4 Columbia Human Rights Review (1972) Hearings, 92d Cong., 2d sess. February 1971. S.R. 1183-3 Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 Despite First Amendment rights of Americans, and de- spite the consitutional division of power between the federal and state governments, despite laws and decisions defining the legal role and duties of the Army, the Army was given the power to create an information system of data banks and compute:- programs which threatened to erode these restrictions on governmental power. Allegedly for the purpose of predicting and preventing civil disturba:aces which might develop beyond the control of state and local officials, Army agents were sent. throughout the country to keep surveillance over the way the civilian population expressed their sentiments about government policies. In churches, on campuses, in classrooms, in public; meetings, they took notes, taperecorded, and photographed people who dissented in thought, word or deed. This included clergymen, editors, public officials, and anyone who sym- pathized with the dissenters. With very few, if any, directives to guide their activities, they monitored the membership and policies of peaceful organizations who were concerned with the war in Southeast Asia, the draft, racial and labor problems, and community welfare. Out of this surveillance the Army created blacklists of organizations and personalities which were circulated to many federal, state and local agencies, who were all requested to supplement the data provided. Not only descriptions of the contents of speeches and political comments were in- cluded, but irrelevant entries about personal finances, such as the fact that a militant leader's credit card was withdrawn. In some cases, a psychiatric diagnosis taken from Army or other medical records was included. This information on individuals was programmed into at least four computers according to their political beliefs, or their memberships, or their geographic residence. The Army did not just collect and share this information. Analysts were assigned the task of evaluating and labeling these people on the basis of reports on their attitudes, remarks and activities. They were then coded for entry into computers or microfilm data banks. GENERAL STATEMENT The premise underlying this legislation is that good government and efficient manageraent require that basic principles of privacy, con- fidentiality and clue process must apply to all personal information programs and practices of the Federal Government, and should apply to those of State and local government as well as to those of the organi- zations, agencies and institutions of the private sector. The need for such a general legislative formula is made necessary by the haphazard patterns of information swapping among government agencies, the diversity of confidentiality rules and the unevenness of their application within and among agencies. The lack of self-restraint in information-gathering from and about citizens on. the part of some agencies has demonstrated the potential throughout government for Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 15 imposing coercive information burdens on citizens or for invading areas of thouht, belief or personal life which should be beyond the reach of the Federal data collector. The myriad rules and regulations reflecting many years of ad hoc policy decisions to meet the information needs of administrators facing problems of the political moment will, under this bill, be replaced by it rule of law. The Committee emphasizes that enactment of such general legislation in no way precludes specific legislation to govern records for special programs in such areas as tax, finance, health, welfare, census, and law enforcement. Furthermore, it should not be construed as a final statement by Congress on the right of privacy and other related rights as they may be developed or interpreted by the courts. The Committee affirms that the present statutory division of executive branch power among the departments and agencies and bureaus promotes accountability and is most conducive to legislative oversight, Presidential management, and responsiveness to the public will. We believe that the creation of formal or de facto national data banks, or of centralized Federal information systems without certain statutory guarantees would tend to defeat these purposes, and threaten the observance of the values of privacy and confidentiality in the administrative process. The Committee therefore intends in S. 3413 to require strict reporting by agencies and departments and meaningful congressional and executive branch review of any proposed use of information technology which might tend to further such negative developments. * * * The Committee recognizes that the computer is an instrument which is absolutely essential to the proper transaction of many gov- ernment programs, and that the collection of information from the individual is absolutely necessary to carry out those programs. Also necessary to modern government is the science of management of the many aspects of information technology and its related pro- fessional personnel which have been incorporated very rapidly into the administrative processes of the Federal Government. At the same time, however, the Committee believes that in the management of computer systems and all other aspects of information technology, a special status must be accorded to the issue of individual privacy, that is, the right of an individual to have such gathering of personal information as may be collected by the Government con- fined to that for which there is a legitimate use, and then secondly, after it is gathered, to have access to that information confined to those who have a governmental end in view for its use, and thirdly, to be assured by government that there is as little leakage as possible to unauthorized persons. The present legislation is designed to foster these goals in the ad- ministrative processes of the executive branch. The Committee believes that the bill strikes a balance between governmental needs and the personal freedoms of the individual. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 16 The complexities and scale of modern government make it impossi- ble for Congress or the courts to monitor every decision made which involves personal information. The bill therefore depends partly for its enforcement on the individual data subject and makes that person a participant in government's decision to exercise its information power over an individual. The Committee is convinced that legislation cannot and should not be neutral toward trio information'teccinology by means of which the Federal Government affects individual rights. Certain kinds of in- formiition should not be collected or maintained or disclosed by government agencies because to do so is either unconstitutional, unfair, unwise, or simply bad management of the people's business. This means, furthermore, that certain computer hardware and software used to operate the information systems of government should provide features which will promote the necessary security of any part of the system ,aid the confidentiality of the information processed and handled by means, of .it,. The bill,does not rest solely on the findings of any one report or study, but on review and consideration of all of the studies cited here. The Committee is convinced that effective legislation must provide standards for and limitations on the information power of government. Providiu? a right of access and challenge to records, while important, is not suicient legislative solution to threats to privacy. Contrary to the views of Administration spokesmen it is not enough to tell agencies to gather and keep only data which is reliable by their rights for what- ever they determine is their intended use, and then to pit the indi- vidual against government, armed only with a power to inspect his file, and a right to challenge it in court if he has the resources and the will to do so. To leave the situation there is to shirk the duty of Congress to protect freedom from the incursions by the arbitrary exercise of the power of government and to provide for the fair and responsible use of that power. For this reason, the Committee deems especially vital the restrictions in secion 201 which deal with what data, are collected and by what means. For this reason, the establishment of the Privacy Com- mission is essential as in aid to enforcement and oversight. The Committee views the standards of statutory relevance for data gathering as minimum and as paving the way for more specific guarantees in each area. The Committee rejects in part and supple- ments the position of the White House representative, the Chairman of the Domestic Council Committee on Right of Privacy, who testified that "the Federal Government should collect from individuals only the amount and types of information that are reasonably necessary for public protection." He stated "I do not think it is possible to de- velop a. standard of reasonableness in any more precise way than to ask people to exercise their very best judgment and to exercise the utmost restraint in the amount of information the v collect." The Committee found many helpful definitions of privacy and con- fidentiality in seeking to define the concepts and principles developed in the provisions of S. 3418. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 17 A useful statement is offered by the report on Data Banks in a. Free Society project by the National Academy of Sciences, which dis- tinguishes them in the following terms: Privacy is independent of technological safeguards; it in- volves the social policyissues of what information should be collected. at all and how much information should be as- sembled in any one information system. (For purposes of the principles implemented by this bill for the Federal exec- utive branch, the Committee means this to include consti- tutional and statutory prohibitions or restraints.) Confidentiality is the central. issue for which technological safeguards are relevant. Where an organization has promised those from whom it collects information that unauthorized uses will not be made by persons inside or outside that agent r, making good that, promise of confidentiality requires record security controls in both manual and computerized files. "Privacy", then, is a shorthand term for the restraint on the power of government to investigate individuals, to collect information, about their personal lives and activities in society or in ways which are banned by the Constitution, or for reasons which have little or nothing to do with the purpose of government or of the agency involved, as their powers are defined by the Constitution and specific statutes. Therefore, the Committee believes that the conclusions of study groups set up in the executive branch to study computer technology must be supplemented by the complaints from citizens and evidence gathered by numerous congressional committees on the over-reach of its information power by the Federal executive branch. This charac- tetistic distinguishes S. 3418 from other proposals on "privacy." STATE LAWS S. 3418 is further needed to complement State and minicipal laws and regulations which have been adopted to protect individual privacy and confidentiality of records, and which, in some cases, provide more detailed and more effective protections than S. 3418. Governors and others have expressed concern that despite all the States may do to provide guarantees, they are not effective once the data are integrated in it Federal information system or transferred to a Federal data bank. S. 3418 will safeguard and supplement the efforts of State legislatures. COVERAGE: PRIVATE, STATE AND LOCAL As reported, the bill applies to Federal personal information sys- tems, whether automated or manual, and to those of State, local and private organizations which are specifically created or substantially altered through grant, contract or agreement with. Federal agencies, where the agency causes provisions of the act to be applied to such systems or files or relevant portions. As introduced, S. 3418 applied to all governmental and private organizations which maintained a personal information system, under supervision of a strong regulatory body, with provision for delegating power to State instrumentalities. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 118 The Committee has cut back on the bill's original coverage and ordered the Privacy Commission to make a study of State, local and private data banks and recommend precise application of the Act where needed. The original coverage reflected the recommendations of the HEW Secretary's Conuiiittee for "enactment of its code of fair information practice for all automated personal data systems," but which noted that it would "wisely be applied to all personal data systems whether automated or manual." Hearing witnesses and other commentators advocated nationwide application of the Act to protect individual privacy and other rights from invasion by Government and the institutions and organizations of society. Total coverage was advocated by the representative of the American Civil Liberties Union citing examples of cases and programs to show that information collected by State, local and private institutions can be every bit as harmful to the individual. These included the reported need for additional controls over the retail credit industry, whose five largest companies maintain files on 54 million people; the Medical Information Bureau in Greenwich, Connecticut, a major source of medical information on 13 million Americans for life insurance com- panies; the use. by the banking industry of an Electronic Funds Transfer System to centralize an individual's, charges all over the community f,nd automatically deduct them from the individual's bank account; the uncontrolled access to customer records and can- celled checks afforded by financial institutions to law enforcement officials and ether investigators in the absence of subpena and notice to the individual. Professor Miller testified in 1971 on behalf -,f a regulatory com- mission with power to embrace the activities of "non-Federal informa- tion gatherer. that might adversely affect the rights we are trying to protect. The regulators should be particularly attentive to the interlocking relationships that have begun to spring up between Federal and local data handlers in the law enforcement field and the fact that many of the Nation's major corporations maintain dossiers on millions of Americans. Close scrutiny of the latter category of data banks is beceming imperative because there is growing reason to believe that these files are exchanged both within the private sector and with law enforcement and surveillance groups at all levels of government. In short, once standards are established for Federal systems I believe that it eventually will become necessary to apply them to certain non-Federal systems." Similar findings of interlinking networks for the governmental and private sectors were found by the Academy of Sciences project. Professor Vern Countryman, in an article submitted for the hearing record, has detailed cases, congressional hearings, and practices in- volving privately compiled dossiers by commercial compilers, punitive compilers, and benevolent compilers. Reports filed for the hearing record from the Freedom of Informa- tion Center of the University of Missouri School of Journalism, describe investigative practices and intrusive data-gathering technique in the private sector. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 Problems of privacy, standards, confidentiality and security in medical and health records programs were described for the sub- committee by doctors in private practice and in State government. Extension of legislative coverage to student records procedures for gathering, disclosure, and dire process in educational records was advocated by Senator James L. Buckley and by witnesses for the Citizens Committee for Education. Other witnesses advocated coverage of State and local systems, but not of the private sector. Despite calls by these and other witnesses for total or partial coverage, the Committee was persuaded to delay a decision on total application by considerations of time and investigative resources for developing a full hearing record and for drafting the needed complex legislative solution for information abuses in the private sector, beyond those presently covered by the Fair Credit Reporting Act and its pending amendments. Former Secretary of Health, Education, and Welfare Elliot Richard- son noted the lack of a precise hearing record and suggested legisla- tion "to establish authority in an existing Federal agency or in some new instrumentality established in part for that purpose, to make inquiry, hold hearings, and report to Congress if it finds a prima facie showing of need for legislation to assure fair information practice in some particular industry or other segment of the nongovernmental organizations of America. Congress could then take whatever action toward developing additional legislation seemed necessary," Mr. Richardson endorsed coverage of State and local activities "substantially affected by their relationships with Federal agencies, as a consequence of (1) Federal fiscal contributions, (2) Federal record-keeping or data-collection and reporting requirements, or (3) cooperative arrangements among intergovernmental personal data system." Dr. Westin, while endorsing coverage of intergovernmental com- puters systems, opposed the total coverage of the original bill, citing "the impracticality and dangers involved in trying to regulate and register many tens or hundreds of thousands of files of every kind." He recommended "an instrumentality to lead private organizations to adopt codes of fair information practice as thier voluntary policies, and proposed creating a national commission on private, interstate personal data systems." This commission should, testified Dr. Westin, "examine the conduct of those nationwide personal data systems that affect the rights, opportunities, and benefits of Americans, holding hearings as necessary and with a strong, competent staff to make on- site visits and study the real practices of organizations, not just their formal policies. "The creation of such a commission should provide an extremely valuable force acting on the private sector. It would push privacy, confidentiality, and due process issues to the top of the organizational agenda, and into the design, testing, and operational thinking of data- system managers and their staffs. It would move the computer in- dustry and computer professionals into high gear, as consultants to the user organizations, developers of new techniques and materials, and innovators in cost-effective responses." Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 Numerous representatives of private organizations and of business and industry opposed the total coverage of the bill, citing the lack of hearing record, the existing requirements of the Fair Credit Reporting Act, and prohibitive costs of implementing S. 3418 in the private sector withput passing on the costs in consumer services. Most indi- cated support for or lack of opposition to, a commission study of pri- vacy invasions by the private sector. RIGHT OF ACCESS AND CHALLENGE The Committee believes that the size of the Federal Government, the sheer number of personal records it must handle, and the growing complexities of information technology require that the full protections against abuses of the power of government to affect the privacy of the individual and the confidentiality of personal information must depend in part upon the participation of the individual in monitoring the main- tenance and disclosure of his own file. To this end, we agree with the members of numerous respected study bodies that an individual should have the right to discover if he is the subject of a government file, to be granted access to it, to be able to assure the. accuracy of it, and to determine whether the file has been abused by improper disclosure. The Committee agrees with the conclusion of one government study that "In the majority of cases, the citizen's right, of access to informa- tion kept on him by the Federal Government will not interfere with the ongoing program of the agency. In addition, giving the individual a right of access often will be a desirable adjunct to any other system designed to insure file accuracy." Furthermore, the Committee adopts the timely observation of one scholar from the Council on Science of Technology study that "giving the individual maximum ability to examine what the Government knows on the person should help promote citizen confidence in ac- tivities of the Federal Government and is essential to assure that notions of due process are employed when decisions are made on the basis of personal information." So important does the Committee consider procedures required by the bill on this matter that it is determined that any exemptions from such provisions sought under the rule-making scheme of the bill must be kept to an absolute minimum and must not be made on the basis of parochial agency concerns. It finds support for this stand in the con- clusion of the report of the HEW Secretary's Advisory Committee on Automated Personal Data Systems that: No exemption from or qualification of the right of data subjects to .have full access to their records should be granted unless them is it clearly paramount and strongly justified societal interest in such exemption or qualification. . . The instances in which it can be convincingly demonstrated that there is a paramount society interest in depriving an individual of access to data about himself would seem to be rare. (pp. 61, Report.) The exemptions allowed from observance of these standards are for three purposes only, national defense and foreign policy and Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/2521 CIA-RDP76M00527R000700130032-5 certain law enforcement investigative and intelligence matters where access and challenge rights are found to damage the purpose for which the information was collected. The Committee recognizes that while many agencies afford such rights, many agencies deny them with respect to certain files. Allowing only these narrow areas for exemption may well promote the reassess- ment of existing practice,, whereby individuals are deprived of full access to records about themselves, and some agencies, in the year before the Act takes effect, may well see fit to seek special legisla- tion permitting special treatment of certain files they hold. Mean- while, the Committee is persuaded by the language of the HEW report: Many organizations are likely to argue that it is not in the interest of their data subjects to have full access. Others may oppose full access on the grounds that it would disclose the content of confidential third-party recommendations or reveal the identity of their sources. Still others may argue that full access should not be provided because the records are the property of the organization maintaining the data system. Such objections, however, are inconsistent with the principle of mutuality necessary for fair information practice. The relevance of the rights of access and challenge to the principle of accountability in government, to efficient achievement of manage- ment goals and to a public sense of social justice is recognized in a 1970 report made by the Project SEARCH group to the Justice Department. That report called for a citizen's right to access and challenge to certain law enforcement records, but it stated the follow- ing reasons for its conclusions which the committee finds worthy of general application: First, an important cause of fear and distrust of com- puterized data systems has been the feelings of powerlessness they provoke in many citizens. The computer has come to symbolize the unresponsiveness and insensitivity of modern life. Whatever may be thought of these reactions, it is at least clear that genuine rights of access and challenge would do much to disarm this hostility. Second, such rights promise to be the most viable of all the possible methods to guarantee the accuracy of data systems. Unlike more complex internal mechanisms, they are triggered by the most powerful and consistent of motives, individual self-interest. Finally, it should now be plain that if any future system is to win public acceptance, it must offer persuasive evidence that it is quite seriously concerned with the rights and interests of those whose lives it will record. The committee can imagine no more effective evidence than authentic rights of access and challenge.' Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 2~IA-RDP76M00527R000700130032-5 LAW ENFORCEMENT FILES Title II of 3418 sets general standards of fair records keeping which apply to practically all government files, including those maintained by law enforcement agencies. Although various coin- mittees of the Congress t have been considering legislation which specifically addresses confidentiality of law enforcement files, the Committee is of the view that prospects for that legislation is suffi- ciently unclear so that S. 3418 should apply in its general terms to such files until such time as the law enforcement privacy legislation is enacted. Therefore the Committee decided that, to the extent feasible, S. 3418 should apply to law enforcement files but that such application should not be inconsistent with the two major criminal justice privacy bills, introduced early this year, S. 2963 by Senator Ervin and S. 2964 by Senator Hruska on behalf of the administration. S. 3418 as amended by the Committee would apply the general standards of title II, including the general updating and accuracy requirements and provisions affording right of access to most law enforcement files. The Commil;tee recognizes, however, that there are two general classes of files maintained by.agencies with law enforcement functions, criminal history, or record files on the one hand 'and intelligence and investigative files on the other. The first class of information, defined for the purposes of S. 3418 as "criminal history information" includes routine records of arrests and court dispositions sometimes called rap sheets. As a general principle these records are subject to all the requirements of title II including the right of access provision. This is entirely 'consistent with both the Ervin and administration criminal justice privacy legislation. Indeed, Director Kelly of the FBI, in testimony before. the Subcommittee on Constitutional Rights, expressed support for the general access and challenge provisions con- tained in the two, criminal justice privacy bills and replicated in S. 3418: These bill.; provide for an individual to obtain access to his own criminal offender record, and also provide pro- cedures fo- him to challenge that record. I support these provisions. Currently, the FBI provides copies of offender record information As for the other general provisions of title II, none of these provisions are inconsistent; with the criminal justice privacy legislation in particu- lar as they apply to criminal history information. Furthermore, S. 3418 permits each agency to promulgate its own regulations implementing the Act and this should provide sufficient flexibility so that the Attorney Genei al will not undermine good law enforcement practices in promulgating regulations. Indeed, since early this year the Justice Department has been drafting regulations which address most of the basic issues raised by S. 3418. Those regulations set certain standards for the operation of any routine exchange of criminal history informa- tion by the FBI. and for the funding of criminal history record systems on the State and, local level by the Law Enforcement Assistance Administration. Although the Justice Department might have to lThe Senate Subcommittee on Constitutional Rights and House Subcommittee on Civil Rights and Constitutional Rights. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 23 carefully review these regulations, if this legislation is passed, their scope and thrust are essentially what would be required of the Department of Justice by this legislation. The second class of information generally maintained by law en- forcement agencies are intelligence, or investigative files. These files contain highly sensitive and usually confidential information collected by law enforcement officers in anticipation of criminal activity, such as by organized crime figures, or in the course of investigating criminal activity which has already occurred. It was the Committee's judg- ment, shared by most criminal justice privacy experts and reflected in the pending criminal justice privacy legislation, that all of the pro- visions of title II of S. 3418 could not be applied to such sensitive information. In particular, it would not be appropriate to allow individuals to see their own intelligence or investigative files. There- fore, the bill exempts such information from access and challenge requirements of title II. However, most of the other general accuracy and updating provisions would apply, subject, of course, to the rules and regulations issued by the agency head in the course of implement- ing such provisions. Obviously, these general provisions on law enforcement records are not entirely adequate. The two criminal justice privacy bills address this subject in considerable detail and are the result of at least two years of careful study and revision by the Subcommittee on Constitu- tional Rights and the Justice Department. However, the Committee feels that general privacy legislation must assure subjects of law en- forcement files at least these minimal rights until such time as the more comprehensive criminal justice legislation is passed. PRIVACY PROTECTION COMMISSION It is clear that many of the information abuses over the last decade could have been avoided with the help of an independent body of experts charged with protecting individual privacy as a value in government and society. Commentators on privacy for years have also cited the need for such an agency to help deal in a systematic fashion with the great range of administrative and technological problems throughout the many agencies of the Federal Government. Title I of S. 3418, as amended, establishes a Privacy Protection Commission composed of five experts in law, social science, computer technology, and civil liberties, business, and State and local govern- ment and supported by a professional staff. The Commission would be empowered to: Monitor and inspect Federal systems and data banks containing information about individuals; Compile and publish an annual U.S. Information Directory so that citizens and Members of Congress will have an accurate source of up-to-date information about the personal data- handling practices of Federal agencies and the rights, if any, of citizens to challenge their contents; Develop model guidelines for implementation of this act and assist agencies and industries in the voluntary development of fair information practices; Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 24 Investigate and hold hearings on violations of the Act, and recomm$nd corrective, action to the agencies, Congress, the President, the General Accounting Office, and the Office of Management and Budget; Investigate and hold hearings on proposals by Federal agencies to create new personal information systems or modify existing systems for the purpose of assisting the agencie Congress, and the President in their effort to assure that the values of privacy, confidentiaity, and due process are adequately safeguarded; and Make a study of the state of the law governing privacy- invading practices in private data banks and'in State and local and multistate data systems. NEED FOR A PRIVACY PROTECTION UNIT There is an urgent need for a permanent staff of experts within the Federal Government to inform Congress and the public of the data- handling practices of major governmental and private personal infor- ination systems. As a recent study by the Judiciary Subcommittee on Constitutional Rights graphically demonstrates, there has been a Proliferation of Federal information systems and data banks which, if misused, can do irreparable harm to the privacy and economic well- being of millions of persons. "Data Banks and a Free Society," the study done for the National Academy of Sciences by Professors Alan F. Westin and Michael A. Baker, similarly demonstrates such harm inherent in large personal information systems maintained at all levels of government and by private industry. Although recent attempts to turn Federal tax records into weapons of political and personal revenge have come to light, along with many other record abuses, the major threat to most Americans lies in the inadvertent, careless, and unthinking collection, distribution, and storage of records which may be inaccurate, incomplete, or irrelevant to legitimate governmental needs. This threat has grown tremen- dously as developments in telecommunications, photocopying, and computer technology have accelerated and with expanded data- swapping among` government agencies and throughout private industry. It is now clear that Congress, with its limited technical staff and multitude of function,, cannot keep track of these developments in every Federal agency and for every data bank with the depth of detail required for consistently constructive policy analysis. The Constitu- tional Rights Subcommittee data bank study and other agency-by- agency studies have each taken years to complete, and have docu- mented the frustrations of agency delays, withholding of data, and camouflage of governmental activities. Citizens also have no place to turn to find out which agencies or companies maintain, distribute, and use personal information about them. Agencies and businesses would similarly benefit from the existence of an authoritative source of infor- mation about their record-keeping practices which would protect them from misinformed and inflamatory criticism. In addition, there is an urgent need for a staff of experts somewhere in government which is sensitive both to the privacy interests of citizens and the informational needs of government and which can furnish expert assistance to both the legislative and executive branches. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 25 In recent years, controversies over privacy and government data banks have arisen after executive branch decisions have been made. The Commission will serve the important purposes of raising and resolving privacy questions before government plans are put in operation. Agencies need help to incorporate newly-refined concepts of individual liberty into their current procedures without unnecessary disruption and confusion. Congress and the President need help in identifying those areas in. which privacy safeguards are most urgently needed and in drafting legislation specifically tailored to those problem areas. There are now over 100 privacy bills before Congress. Most are of unquestionable merit, but only a few can receive the kind of sustained attention to survive the legislative gauntlet. The proposed Commission would help Congress deal with those bills in two ways. First, it would obviate the necessity of enacting many of them into law by inducing agencies and industries to adopt their own fair information practices. Second, the Commission would help Congress and the President by narrowing down the range of legislative options and drafting bills designed to achieve a good "fit" between privacy values and other values in the context of often unique data-keeping activities. It may well be that regulatory functions will eventually have to be added to the Commission's powers in order to assure that privacy, confidentiality, and due process become an integral part of govern- mental and private data systems. However, the Committee has decided not to address this area in the legislation pending the Com- mission's study. The original version of S. 3418 would have created it Federal policy hoard with regulatory powers to investigate and issue cease and desist orders for violations of the Act. The Committee believes that it does not have sufficient evidence to support a case for vesting broad regulatory powers in a board charged with administrating the Act. Rather, a much more effective and less cumbersome procedure will permit an individual to seek enforcement of his rights under pro- cedures established by each Federal agency. Ultimate enforcement of those rights and challenges to agency judgments would rest with United States District Courts. By taking this action, the Committee did not mean to preclude a future decision by the Congress to vest regulatory functions in the Commission to assure that privacy, confidentiality, and due process become an integral part of govern- mental and private data systems. Public administration and privacy experts have urged a cautious approach to regulation on two grounds. First, there is much more that privacy advocates need to know about information systems before they are in a position to make demonstrably constructive regulatory policy proposals. Second, there is substantial evidence that agencies and companies are not inherently hostile to letting individuals have more of a say in what the files say about them, provided that the changes can be made in an orderly, efficient, and economically sound manner. The work of the Secretary of Health, Education, and Wel- fare's Advisory Committee on Automated Data Systems, Vice Presi- dent Ford's Domestic Council Committee on the Right of Privacy, and the National Academy of Sciences Project on Computer Data Banks, clearly demonstrate that the right of privacy has its advocates within the executive branch. Testimony before the Committee by Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 26 State officials was nearly unanimous in citing a need for higher stand- ards and better regulation of privacy practices in their jurisdictions. Statements by private industry representatives have persuaded the Committee that. a substantial measure of industry cooperation can be anticipated. Thus, the Committee believes that it would be a mistake for the Privacy Protection Commission to begin its work in an adversarial posture, either as a regulatory or ombudsman-type agency. Those roles may come in time, but they should be the product of specific legislation and come only after efforts to achieve voluntary reforms have failed. Meanwhile, awareness that the Commission might be vested by Congress with regulatory powers at some future time should have a salutQry effect on those agencies which may be tempted to ignore its suggestions, or which fail to give its model guidelines the deference due them. LOCATING THE PRIVACY UNIT The Committee has concluded that the best place to vest these new functions would be in an independent commission. The decision was arrived at with some reluctance, because members of the Committee share the unwillingness of many Members of Congress to create still more independent commissions. On balance, however, the commission route seemed th. best solution for the abuses and potential threats which have been documented. Having concluded that an expert staff and an independent body was needed somewhere in the Federal Government to supply information and advice and conduct investigations, the Committee considered three alternatives, as described in testimony before Committee by Dr. Christopher 13. Pyle. The first was to place the unit in the General Accounting Office, modeled on the Office of Federal Elections. The second was to locate it in the Office of Management and Budget, much like the Statistical Policy Division which polices Federal ques- tionnaires. The third alternative was to create an independent commission. The Committe-, chose not to recommend vesting the investigatory and advisory functions in the GAO because it would be unwise to dilute the GAO's important auditing function with this kind of sub- stantive policy assigmnent. Except in rare instances, responsibility within Congress for policy development should rest with its com- mittees. Also, placing the investigative role in the GAO might limit the unit's ability to study multi-state and commercial information systems not dependent upon the Federal budget, which is the focus of the GAO's attention. Similar considerations persuaded the Committee that the unit could not achieve its full potential as part of the Office of Management and Budget. Moreover, the Committee was of the opinion that the privacy protection unit, should be available to congressional committees as well as executive agencies-a relationship which could not be guar- anteed by making it part of the President's staff. On the other hand, by creating the unit as a commission, its reports and expertise could be available to both the GAO and OMB. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 27 The Committee received suggestions that creation of such an in- dependent commission should be delayed in order to develop legislation charging it with the functions of dealing with classification and freedom of information issues, as well as privacy and civil liberties. While they pose significant problems, these other two subject areas go to different considerations of government. Creation of a privacy commission is recognition of the fact that the Congress intends to afford access to the decision-making centers of government to in- terests which promote the privacy of individual Americans against overly-intrusive or arbitrary government information policies. To dilute the quality of that access, as institutionalized in the structure by the Privacy Commission, would defeat the purpose of the legisla- tion. It would reduce the viability of privacy as a matter of concern in the Federal Government. By thus denying itself the full strength of the investigative help needed to protect privacy and due process in the years ahead, Congress would dilute, in turn, the quality of protec- tions which it and the other branches of Government might otherwise afford to those amendments in the Bill of Rights which safeguard privacy. The administration has opposed the creation of a commission partly for reasons of cost. It is the Committee's belief, however, that the Com- mission is vitally needed to promote the quality of legislative and administrative oversight which will provide a privacy bulwark for Americans in the years ahead. It is expected, furthermore, that the savings it will effect in the Federal Government will far outweigh the immediate cost. The Act is enforceable in the courts with the aid of Congress and the Privacy Commission. As Elliot Richardson, former Secretary of three executive branch Departments, informed the Committee: The requirements of fair information practice are so much in the interest of organizations, as well as of the individuals about whom records are maintained, that there should be little difficulty in agencies adhering to them and little occasion for court enforcement suits. Enforcement provisions are needed, however, to create a strong and reliable incentive to overcome the initial bureaucratic resistance to change that might otherwise prove to be a crucial obstacle to the prompt and full achievement of fair information practice. Frivolous suits, no doubt a matter of concern to some, would be promptly subject to motions for summary dismissal. Except for the act of keeping secret data banks and improper dis- closure by Commission employees, there are no criminal penalties in the Act. As introduced, the original bill contained strong criminal penalties for employees and others who violated or contributed to the violation of the Act. These penalties were deleted in Committee for two main reasons: the difficulties of effective enforcement through such criminal prosecutions and the possibility that the threat of prosecution may preclude that "Whistleblowing" and disclosure of wrongdoing to Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 11  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 28 Congress and the press which helps to promote "open government." Instead, the mandates of S. 3418 are enforceable through the civil challenges of the Attorney General or of private citizens with real or suspected grievances or claims of violations of the Act. Given the diffi- culties of time and resources, private enforcement through litigation is not likely to affect more than glaring violations of the Act. Much will depend on the zaal and the good faith of the Attorney General and the President in enforcing the terms of the new law. As always, the press and communications media will contribute to the enforcement of the Act through its investigation and exposure of wrongdoing, a function eased by the requirements in S. 3418 that decisions be made on the open record by responsible officials and that precise notices be published containing the details of` government policy where it affects personal privacy. Administratively, the agencies may be called to arrcount by Congress and the President through the monitoring and investigative activities of the Privacy Commission and its reporting of violations. Despite these guarantees, the Committee acknowledges there is no way that the Congress, the press, or the public can assure strict administrative observance of the exercise of the power of the Federal Government pursuant to the standards of the Act. There will no doubt be some diversity of views as to what constitutes compliance within particular agencies. Realistically, therefore, the implementation of the Act rests, finally, with the departments and agencies of the executive branch and the good faith, ethical. conduct and integrity of the Federal employees who serve in them. SOCIAL SECURITY NUMBER AND IDENTIFIERS As introduced, S. 3418 made it unlawful for any person to require an individual to disclose or furnish his Social Security account number for any purpose in connection with any business transaction or commercial or other activity, or to refuse to extend credit or make a loan or to enter into any other business transaction or commercial relationship with an individual because of refusal to disclose or furnish the number, unless the disclosure or furnishing of the number was specifically required by Federal law. The Committee considers this usage of the number of a government file one of the most serious manifestations of privacy concerns in the Nation. However, it received conflicting evidence about the effects of this section, particularly the inordinate costs to the Federal Govern- ment and private businesses of changing to another identifier and reprogramming computers or reindexing files. In view of the lack of ready independent data about the probable costs and effects of such a prohibition and in view of stricter limitations on transfer of and access to government files, the section was deleted in Committee by an 8 to 1 vote. At the same time, the issue was designated as a priority issue for study by the Privacy Commission and for report to Congress of specific legislative recommendations to meet the serious public concerns reflected in the original bill. In sub- section 106 (b) (1) (C) , the Commission is required to examine and analyze "the use of license plate numbers, Social Security numbers, Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/259CIA-RDP76M00527R000700130032-5 universal identifiers, and other symbols to identify individuals in data banks and to access, integrate or centralize information systems and files." The Committee realizes that the number is a major element in the national debate over privacy since a common numerical identifier or symbol to designate and index each person is an essential feature of a national data bank, or indeed, of any information system which allows creation of an instant dossier or which permits quick retrieval of all personal information which flows through that system about an individual. In recent years the Social Security number has been the identifier most used in common by government agencies and private organiza- tions to improve efficiency of services, aid management functions, prevent fraud and reduce errors in identification of people. Citizens' complaints to Congress and the findings of several expert study groups have illustrated a common belief that a threat to indi- vidual privacy and confidentiality of information is posed by such practices. The concern goes both to the development of one common number to label a person throughout society and to the fact that the symbol most in demand is the Social Security number, the key to one government dossier. , Of major concerti is the possibility that the number may become a means of violating civil liberties by easing the way for intelligence and surveillance uses of the number for indexing or locating the person. In this connection, a Constitutional Rights Subcommittee report on the intelligence-gathering by the military from its own agents and the files of other Government agencies, shows that individuals were often indexed in the Army computers by their Social Security numbers. Complaints to the Constitutional Rights Subcommittee also showed that government pressures people to disclose their Social Security number on administrative, statistical, and research questionnaires of all kinds, including income tax forms, IIEW ques- tionnaires asking whether elderly people buy newspapers and wear false teeth, and many others. Every serviceman is now identified by his Social Security number, a development of intense concern to some groups who were not able to persuade congressional committees or the Pentagon to reverse the course. A cross-section of such complaints appearing in the subcommittee hearings shows that people are pressured in the private sector to surrender their numbers in order to get telephones, to check out books in university libraries, to get checks cashed, to vote, to obtain drivers' licenses, to be considered for bank loans, and many other benefits, rights or privileges. In many cases in the private sector, he is informed that the number is necessary for identification purposes, yet on its face, the Social Security card states that it is not to be used for identification purposes. This proviso was initially included in the Social Security program to prevent reliance on the card for identification because a person could acquire several of them under several identities and there frequently was no agency investigation of the information provided in order to obtain a number. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 30 A list of the Federal Government's uses of the number, authoriza- tions, and the texts of applicable statutes, Executive order, and regu- lations appears in the appendix of the hearings together with excerpts of Government reports on this subject. The HEW Secretary's committee found that "the Federal Govern- ment itself has been in the forefront of expanding the use of the number, that its actions have actively promoted the tendency to depend more and more upon the number as an identifier-of workers, taxpayers, automobile drivers, students, welfare beneficiaries, civil servants, servicemen, veterans, pensioners, and so on." It concluded: "If use of the SSN as an identifier continues to expend, the incentives to link records and to broaden access to them are likely to increase. Until safeguards such as we have recommended.. . . have been _ implemented, ar_d demonstrated to be effective, there can be no as- surance that th consequences for individuals of such linking and accessibility will be benign. At best, individuals may be frustrated and annoyed by unwarranted exchanges of information about them. At worst, they may be threatened with denial of status and benefits without due process, since at the present time record linking and access are, in the main, accomplished without any provision for the data subject to protest, interfere, correct, comment, and in most instances, even to know what linking of which records is taking place for what purposes." While specific laws mandate or have been interpreted to permit the use of the number in a few Federal programs, most agencies have pro- ceeded to use it by regulation or directive. Executive Order 9397 of 1943 found it "desirable in the interest of economy and orderly ad- ministration that the Federal Government move towards the use of a single unduplicated numerical identification system of accounts", and ordered that "any Federal department, establishment or agency shall, whenever the head thereof finds it advisable to establish a new system of permanent account numbers pertaining to individual per- sons, utilize exclusively the Social Security account numbers." While some have cited this order as authority for the Federal usage, the HEW report found otherwise, noting, "It has been suggested that Executive Order, 9397 was intended to apply only to instances when Federal agencies seek to number records, such as employment, at- tendance, performance, or medical records.... To interpret the order as applying to all kinds of Federal agency record systems is arguably beyond the meaning of its language. In any case, it appears that Fed- eral agencies are free to use the SSN in any way they wish, and no instance has come to our attention in which the order has been in- voked to compel or limit an agency's use of the SSN." (p. 117) The HEW Secretary's committee came to the following conclusions about the need for legislation on this matter: "If the SSN is to be stopped from becoming a de facto Standard Universal Identifier, the individual must have the option not to disclose his number unless required to do so by the Federal Government for legitimate Federal program purposes, and there must be legal authority for his refusal. Since existing law offers no such clear authority, we recommend specific, preemptive, Federal legislation providing that the individual has the right to refuse to disclose his SSN to any person or organiza- Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 31 tion that does not have specific authority provided by Federal statute to request it ... and the right to redress if his lawful refusal to disclose his SSN results in the denial of a benefit." The report contained other recommendations about the need for constraints on the use of the number and on its dissemination, and it cited the need for congressional review of all present Federal require- ments for use of the number to determine whether they should be continued, repealed, or modified. The Committee expects the Privacy Commission study to undertake such a study for the public and private sector. A number of departments and agencies opposed the provision in S. 3418 limiting the use of the Social Security number. These included the Commerce Department, Civil Service Commission, Defense Department and the Securities and Exchange Commission. All cited the need for use of the number as an identifier to achieve administra- tive ends, and the inordinate and prohibitive costs of reprogramming with an alternative number. Numerous private business, banks and industries uniformly opposed this section. Computer and data professionals from State and local government also opposed the provision, testifying that such prohibitions on its use "would impose a tremendous financial burden on the States and an alternate identifier would have to be developed." The bill now prohibits Federal agencies from selling or renting mailing lists except as authorized by law, but does not require names and addresses to be kept confidential, thus allowing inspection where these are public records. It requires private organizations maintaining a mailing list to remove the individual's name upon request. A major avenue by which personal privacy and confidentiality may be invaded is the practice of the Federal Government of selling and renting names, addresses and personal data in their files for use in commercial and other mailing lists. Such practices may cause a viola- tion of the tacit or formal agreement by which the agency collected or acquired the information for its own authorized purposes. Laws pro- moting open records in government have resulted or may result in administrative contracts on agreements to sell the data in bulk, either as a convenience to commercial or other users, or to publicize and promote the purposes of the agency. While a few examples might be found in which the sale or rental of mailing lists by Federal agencies without specific statutory authority serves a useful purpose, the Committee concludes for several reasons that such action is totally inconsistent with the purposes of the bill as amended. One of these purposes is to entitle an individual to a large measure of control over who, outside of a Federal agency maintaining information about him, has access to his personal information. Mailing lists constitute such personal information when, for example, they represent a group of individuals possessing a certain set of character- istics. The disclosure of this personal information can be damaging to the individual. Therefore, section 206(a) of the bill, as amended, pro- hibits the sale or rental of lists of names and addresses by Federal agencies unless the sale or rental is specifically authorized by law. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/2532CIA-RDP76M00527R000700130032-5 Legislation on this subject has been offered for a number of years. These problems are addressed in S. 3116, introduced by Senator Hatfield and pending before the Constitutional Rights Subcommittee. Senator Hatfield stated "the real thrust of S. 3116 is not what is received in one's mailbox but privacy and the question of individuals' right to control what is known about them." He cited the stockpiling of personal information in the businesses who compile and sell lists and other data for commercial purposes. Primarily, this means selling or renting lists to the direct mail industry. The Committee was told that "lists for this industry are compiled from every imaginable source-telephone, books, magazine sub- scription lists, credit card lists, church rosters, club memberships, government agencies, newspaper, announcement of birth, death, graduation and from seemingly, inviolate sources such as doctors, dentists, and schools. This flourishing business exists largely without the knowledge of the people who are providing the profit, the people whose names and personal data keep this wheel turning." Testimony from the Direct Mail Marketing Association shows that it is their recommended practice to remove. a person's name from their list if requested to do so. However, only some people know about this service, and the distribution of information through lists is so wide- spread that people who do manage to get off lists through such a service, have no way of controlling what all the other companies do. The bill now requires no more of the private 'sector than that an organization engaged in business in interstate commerce shall remove the individual's name from a mailing list, upon request. Where lists are maintained by private companies, the Committee believes that the decision as to who should be allowed to rent or buy them is a decision best left up to each individual business. However, where such lists are maintained by government agencies, or where names and addresses are sold or rented, the Committee firmly believes that the decision must not be left to individual agency administrators. Subsection 206(b) requires all persons or organizations engaged in interstate commerce to comply with the written request of an individ- ual who wishes to have his name and address removed from their lists that are used for direct mail solicitation. This provision represents a sound business practice which is followed by many of the largest and most respectable direct mailers in the country. The Direct Mail Marketing Association, which represents several thousand users of direct mail marketing and advertising in America, has stated in writing to the Senate Government Operations Committee that its Mail Preference Service is specifically designed to permit an individual to have his name removed from its members' lists upon request. The Committee has been advised by representatives of the Direct Mail Marketing, Association and by numerous prominent direct mailers that this practice creates more profitable lists by allowing for the removal of names of individuals who are unlikely to purchase goods or services from the soliciting organization. The purpose of this provision is to extend this practice to all organi- zations and to expand the protection to all individuals. It is consistent with the best practice in American industry and with the programs and standards of the Association representing those companies with direct interest in this problem. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 33 The Committee believes such a requirement is a simple and fair one which will not necessitate a revision of private business procedures. Mail order businesses may continue to compile mailing lists and solicit through the mail. The widespread sentiment on this subject for action was noted by Congressman Frank Horton, sponsor of House bill, H.R. 3995, who reported 65 House members sponsoring the bill, 34 Repub- licans and 31 Democrats. A survey of mailing list practices of Federal departments and agencies made by the Congressman and another by the House Gov- ernment Operations Subcommittee chaired by Congressman Moor- head, were offered by Congressman Horton for the hearing record. The threat to individual privacy from the selling and renting of names and personal information from government files and the use of mailing lists by the mailing list industry was found to be an appro- priate subject for privacy legislation by the National Academy of Sciences Project Report. The Committee agrees with the report that the standard of the Direct Mail Marketing Association, mere re- moval of one's name, is not enough for Government agencies. As the Academy report states, "For many people, this does not resolve the basic privacy issue: when individuals give information about them- selves to government agencies for one purpose, usually under legal compulsion to report, should their names, addresses, and data about their occupations, ownership, military service, or other activities be made available to organizations that would use the information for purposes that these individuals consider intrusive? "In time of major problems of housing, education, crime, race relations, pollution, and peace, it may seem a disturbingly trivial matter to worry about government records leading to the receipt of mail advertisements that some individuals do not want. But the issue symbolizes something we cannot afford to ignore-how do we make the individual's informed consent a more respected and controlling feature in organizational society? Our approach to this problem should not be to make matters confidential which have long been considered open for public access; rather, it should be to find a way to accom- modate those who feel their privacy is intruded upon by such direct mail practices. (Report, p. 385)" SECTION-BY-SECTION ANALYSIS TITLE I-PRIVACY PROTECTION COMMISSION Section 101 ESTABLISHMENT OF COMMISSION Title I establishes a Federal Privacy Commission, an independent -body which the Committee deems absolutely essential?to aid in the administrative and enforcement of the act, and to conduct a study of other private and governmental information systems. Section 101 provides that the five full-time members of the Com- mission would be appointed by the President subject to confirmation by the Senate. In order to assure the kind of expertise necessary for dealing with the legal, political, social and technological aspects, a commissioner should be considered for selection in part by reason of Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 34 his knowledge in one or several of the areas of civil rights and liberties, law, social, sciences, computer technology, business, and State and local government. Not more than three of the members of the Com- mission shall be fro}n the same political party. Commissioners shall serve for terms of three years and for no more than two terms. The President shall select the Chairman of the Commission from its members and he shall be the official spokesman of the Commission in its relations with, Congress, the Federal Government and the general public. In this capacity, the Chairman would be expressing the view of the entire Commission. Of course, this would not prevent any other Commissioner from speaking his views, testifying, or providing in- formation to Congress, the Executive or the public. In all other respects, the Chairman shall have equal responsibility and authority in all decisions and actions of the Commission with other members and each member shall have one vote on the Commission. PERSONNEL OF THE COMMISSION Section 102 authorizes the Commission to appoint an Executive Director and other officers and employees and prescribe their functions and duties. The Executive Director will be compensated at a rate not in excess of the maximum for a GS-18 Federal employee. In addition WAS own employees, the Commission may contract for the services of ex?erts and consultants to carry out its responsibilities. Where these are technicians charged with the inspection of physical and technical security of arrangements, computer equipment and systems, they should be bonded in cases where this is found appro- priate. Section 103 FUNCTIONS OF THE COMMISSION One of the principal reasons for establishing a Privacy Protection Commission was to fill the present vacuum in the administrative process for overseeing establishment of governmental data banks and personal information systems and examining invasions of individual privacy. Subsection 103(a)(1). Requires the Commission to publish, and sup- plement annually, a United. States Directory of Information Sys- tems. Each agency is required under subsection 201(c) to notify the Commission of the existence and character of each existing system or file which it maintains on individuals, or any significant expansion or modification of the system. The Commission is directed to publish this information in the Directory of Information Systems toether with a listing of all statutes which require the collection of' such information by a Federal agency. This is to carry out one of the fundamental principles of the Act that the existence of Federal personal record-keeping systems should not be kept secret from the Congress, the press, or the public. In particular, it is designed to give the citizen one set of accessible documents and one central location where one may reasonably be expected to find out just what agencies are likely to have' a file on one and what they are likely to have done with it. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 35 It also provides a published standard for testing and evaluating Federal collection, use and disclosure of personal information in the hands of government. The Committee considers this requirement a substitute for the original requirement of notice to everyone on whom any Federal agency maintains a file, a notice ideally designed to promote the concept of substantive due process throughout govern- ment. However, consideration of testimony from experts and of agency objections concerning costs and administrative feasibility of such a requirement resulted in its deletion and replacement by the function of the Commission in this section. Subsection 103(a) (2). Authorizes the Commissioners to investigate and hold hearings on reports received of violations of the Act. No adjudicatory powers are vested with the Commission-and enforcement of the Act rests with the Federal courts. If the Commissioners deter- mine that a violation has occurred, they may report that violation to the President, to the Attorney General, to the Congress, to the General Services Administration where the duties of that agency are involved, and to the Comptroller General if it deems it appro- priate for any auditing functions of that agency. S. 3418, as originally introduced, would have given the Commission the power to issue cease and desist orders to stop violations of the Act. The Committee decided, however, to provide for general enforcement of the Act's safeguards, and for the implementation of the exemption provisions, through the administrative channels of each agency, with ultimate review of any challenges in a United States District Court. Subsection 103 (a) (3). MODEL GUIDELINES. The Commission has not been given the power to issue rules and regulations that would b binding on other Federal agencies. However, it is directed to develop model guidelines for implementing the provisions of the Act with interagency consultation and the assistance of appropriate experts in special subject areas. The Committee would expect that other Federal agencies would look to these guidelines before adopting their ,own rules and their procedures by which individuals could exercise their rights under this legislation. The Commission is further directed to assist Federal agencies in preparing regulations to meet the technical and administrative requirements of this Act. It is expected that the Commission will retain or contract for expert assistance in information management and technology and other fields in order to provide resources that may not be available to each agency. Subsection 103(b). Requires the Commission to review, and report on proposed data banks and substantial alteration of existing ones. For this reason, subsection 201(g) requires that Federal agencies report to the Commission on proposals to establish data banks and personal information systems, to significantly expand existing data banks and information systems, to integrate files or establish programs for records linkage within or among agencies, or to centralize resources and facilities for data processing. The review anticipated here is for several purposes. The Com- mission is directed to review these reports in order to assess the potential impact of any such proposal on the privacy, due process, and other personal or property rights of individuals or on the confi- dentiality of personal information. This would include the physical, Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 36 technical and administrative security of the data bank or computer- ized information system. The Committee acknowledges that there are many definitions of privacy and that there is no one precise definition as it relates to the exercise by an individual of rights guar- anteed to him under the Constitution or of his right to own and possess property. Each amendment to the Constitution carries with it guarantees aganst governmental invasions of a particular aspect of individual privacy. Until the concept of privacy can be defined with more precision, the Committee believes that there ii a need to study any threatened invasion of a broad range of individual rights by Federal information activities or practices. In testimony before the Committee on Government Operations and before other committees of the Senate, questions have been raised about the impact of Federal information systems on State programs and powers as well as on the separation of powers existing between the judicial, executive and legislative branches of the Federal Government. Any proposal to establish or alter an information system should be examined in light of its potential to affect the Federal system: to take power or responsibility from the States or to grant responsibilities which should properly be carried out by a Federal agency. Similarly, any major proposal to expand or create new information- handling technology by Federal agencies for personal data should pose questions for the Commission to attempt to answer regarding the ability of the three branches of government to discharge their responsi- bilities under such a new system. It is for all of these reasons that agencies must describe in their notices the following matters, under subsection 201(g) : (1) the effects of such proposals on the rights, benefits, and privileges of the individuals on whom personal information is maintained; (2) the software and hardware features which would be required to protect security of the system or file and con- fidentiality of information; (3) the steps taken by the agency to acquire such features in their systems, including description of consultations with representatives of the National Bureau of Standards and other computer experts; and (4) a description of changes in existing interagency or inter- governmenta. relationships in matters involving the collec- tion, processing, sharing, exchange, and dissemination of personal information. Based upon its review of these proposals, the Commission should submit any findings and recommendations regarding the need for new legislation or administrative action to control or regulate new informa- tion-gathering techniques and technology to the President, the Con- gress, and the General Services Administration. Subsection 103(e). The Commission is directed to report to the Con- gress the failure of any proposed data bank or information system to comply with the purposes, standards and safeguards of the Act. In most cases a rev:.ew by the Commission of proposals to establish or expand information systems should take no longer than sixty (60) days and should afford the agency sufficient opportunity to alter its proposal if a question regarding compliance with this Act is raised. Approved For Release 2001/08x25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 37 This estimate of time is predicated on the full and. prompt disclosure to the Commission of agency proposals sufficiently in advance of a final policy decision by the agency to proceed, with the proposal to permit adequate review by the Commission. If it is necessary for the Commission to report a failure to comply with the Act, the agency proposing an information system change shall not proceed with this proposal until sixty (60) days after receiving that notification. This is to afford the Congress and responsible executive branch officials an opportunity to act on the agency proposal. If the Commission does not make a determination that the Act has not been violated by an agency proposal, this should not constitute an endorsement of or approval of any invasion of privacy which might result from the implementation of the newer alternate information system. In carrying out its functions under the Act, the Commission is encouraged to consult to the fullest extent practicable the heads of departments, agencies and instrumentalities of the Federal Govern- ment, of State and local governments and of private businesses and other organizations which may be affected by S. 3418. In order to carry out the duties assigned by the Congress, the Commission must be provided access and the opportunity to personally inspect a wide range of confidential material, information maintained by public agencies and private organizations and businesses. In performing its functions the Commission has the difficult task of balancing its need for information with the rights of privacy of citizens. It may, for example, be necessary for it to examine the actual contents and use of certain files held by agencies. Obviously, the Commission itself is bound by the requirements of the Act, including civil and criminal liability for any improper use or divulgence of information it receives in carrying out its responsibilities. The Committee expects the Commission to perform its tasks comprehensively, but has guarded against the creation of an Information Czar. The Commission is not intended to maintain its own files on individuals, or to retain any such personal information in its own possession. The Committee regards this legislation as a means to guard against the integration of separate files on citizens into com- plete dossiers. The Commission's powers should not be used to frus- trate this purpose. In addition, there is no intent to requite a national depository for the technical and commercial, and trade documents, or the programming secrets of government organizations and the private sector. Subsection 103 (d) (1). Mutual cooperation will be important to the successful completion of the study of information systems and the implementation of the safeguards by the agencies covered by the Act. With regard to the Federal Government, the Commission may wish to form an interagency council to work to implement the provisions of the Act. It is expected that the Commission will also serve as a clearing- house for various Federal agencies and others to share information on methods of dealing with problems in administering the Act as well as assisting in the exchange of administrative and technological material related to handling of personal information. Subsection 103(d) (2). It is probable that the Commission will need to study and initiate research projects to determine the best procedures for agency implementation and enforcement of this Act. Because of the highly technical nature of information in system management, re- s.x. 118e Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/258CIA-RDP76M00527R000700130032-5 searpjl,efforts, may also be directed toward developing procedures for ,gnarddiing against unauthorized access to information systems and procedures for implementing the standards and safeguards provided title to this 1t ct. Where t ege.b4ve.already been undertaken by the a ation l+ urgatq of Standards and other Federal ofFices, the Commis- :son' show t ke appropriate advantage of those resources to prevent cluplicatign o efforts and to; aicl in the coordination of Federal efforts in this area. ,Subsection 1033(d) (3). T11eaCommittee added to the functions of the Commission the, duty to determine, in connection with its research :activities, what specific` categories of information should be prohibited .by statute from,collection 1jry Federal agencies on the basis that the collection of such ii foz nation would violate an individual's right of .privacy. Section, 104 CQNFIDENTIALITY OF INFORMATION In order to fulfill its obligations properly under this Act, the Com- mission must hrye access to all data, reports, and other information rec'ue`st.ed of any 'department', agency or instrumentality of the executive branch as`well as of any independent agency. Since this lered as,fquitd?necessary. This will, for instance, allow for devel- opment'by Commission experts, in consultation with other Federal officials, of careful, workable definitions of such terms as "accurate," $(dme Y/Y '.icomplete," and "relevant." Sue a. process is also envisioned for determining precise details of e,cgntents.of. tJte.notices.of data banks required to be filed for the ede ,al ReVister and with the Commission. These can be discussed and determined with the assistance of the Commission in accordance Spith, n agency's unique problems and record-keeping methods. Su sectign, (1). Provides that each Federal agency shall collect, solicit ,and znant6n,gnly such personal information as is relevant and necessary to accomplish a statutory purpose of the agency. This sectipn,; therefore, governs the first phase of the process which is the gathering of the information in the first place. The provision rearms the basi4, principles of good management and public admin- istration by assuring that the kinds of information about people which an, agency seeks to gather or solicit and the criteria in programs for investigating people are judged by an official at the highest level to be relevant to the.needs. of the agency as dictated by statute. Second, it requires a decision that the collection of information or investiga- tion of people along certain information lines is necessary in that the needs of the agency and goals of the program cannot reasonably be met through alternative means. Where there am difficulties in linking a personal data program to statutory authority, it is to be expected that some agencies may face hard decisions of whether or not to seek additional authority, to reject certain programs Eaitirely or to alter investigative standards. A third ,element in this decision process is the fact that the infor- mation which officials propose to collect must be maintained and Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/211 CIA-RDP76M00527R000700130032-5 integrated., into the agency record-keeping system. Thus the decision on the relevance and need for certain gathering of information and investigating of citizens requires consideration of how that data will ,overlap or conflict with existing data banks and information programs ;of the agency. This section is designed to assure observance of basic principles of -privacy and due process by requiring that where an agency delves into an area of personal privacy in the course. of meeting government's needs, its actions may not be arbitrary, but rather, must be author- ized, and found to be not only reasonable, but warranted by the overriding needs of society as the agency is responsible for adminis- tering to those needs. The provision is the legislative reflection of the conclusion of ?a panel of the Committee on Scientific and Technical Information of the Federal Science Council which recommended that "an agency should formulate as precisely as possible the policy objectives to be Served by a data-gathering activity before it is undertaken. Agencies ,are encouraged to think carefully about the legitimacy of the activity, the significance of the data for the agency's program, the potential burden on the respondents and the possible availability of the data ,from some other source. This may make it possible to achieve a reduction in the burden being put on citizens and to harmonize govern- ,mental questionnaires and surveys. Great care should be exercised in framing information requests to be certain that the desired in- formation is captured initially and that multiple requests for informa- tion is captured initially and that multiple requests for information Ware avoided, and that no more sensitive personal information is .collected than necessary." Subsection 201(a) (2). Provides that each Federal agency shall collect information to the greatest extent practicable directly from the subject -where.the information may result in adverse determinations about the individual's rights, benefits, and privileges under Federal programs. This section, as originally introduced, had no qualifications, but reflected the basic principle of fairness recommended by several reports, that where government investigates a person, it should not .depend on hearsay or "hide under the eaves", but inquire directly .of the individual about matters personal to him or her. In order to meet agency objections about the needs of certain civil and criminal law enforcement programs requiring intelligence and investigative information to be collected from other sources, the section was limited to instances where the information sought could affect a person's qualifications to be considered by government for employment or other rights, benefits and privileges. This is the minimum standard of fair procedure, although there may be instances where it cannot be observed. It is expected however that these will be kept to a minimum. Cases may arise for instance, where it is not practical (1) for logistical, or financial reasons, or (2) for reason of conflicting, more restrictive, statutory requirements which cannot, after consultation with the Commission, be resolved, or (3) where the information is on hand from other disclosures made by the individual and he has spec fically consented at the time of disclosure or later to have it used for other or related purposes within the agency or bi another agency. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 :CIA-RDP76M00527R000700130032-5 At the same time as it assures accuracy and fairness to data subjects b 'this provision, the Committee does not wish to defeat the purposes 'o 'the Federal provision, the Act to promote the efficient, economical ei eh'ange and sharing of information; nor does it wish to impose undue burdens on individuals from whom information is solicited. However when the cause of ordinary efficiency and small economies is weighed against the interest of personal privacy and confidentiality of sensitive information, the Committee expects the balance -would tilt in favor of the latter. However, the Act looks to a conscientious weighing of the interests by administrators, and to decisions made on the record pursuant to the discretion allowed by this section. Even where information is acquired from other sources, an agency should, in the interest of the standards of accuracy and efficiency to be promoted under subsection 201(b) make efforts to have it reviewed by the -subject individual. For example, by sending him a copy of the information and affording him an opportunity to affirm, deny or explain it. Such review may constitute compliance with subsection 201(a)(2). This section reflects the committee'.} adoption of the conclusion of tag COSATI panel that "Information should not be collected on a hearsay basis or from people who have only a tenuous association with the data subject and therefore are not in a position to report data from a high probability that it will be accurate." Subsecti,on.20;C(a),(3). Requires that each Federal agency shall inform any individual requested to disclose personal information for any pur- pose whether that disclosure is mandatory or voluntary, by what stat- utory authority it is solicited, what uses the agency will make of it, what penalties and specific consequences for the individual, which are known to the agency, will result from the nondisclosure, and what rules of confidentialitywill govern the information. This requirement, in various forms, has been universally recom- mended by commentators and government and private groups, the HEW Report, information specialists, congressional witnesses and others, as basic to the protection of the individual from the arbitrary information power of the Federal Government. The Committee intends it to remedy the many documented com- plaints from citizens that they were pressured, coerced, or induced by deceptive means into responding to governmental questionnaires seeking highly personal information for administrative programs, or for census and other statistical and research purposes of the Federal agencies; that they were not told and, furthermore, were frequently unable to learn, even with legal assistance, whether compliance was voluntary or mandatory, what statutes authorized it, what penalties attached to nonresponse, or exactly why the Federal Government wanted the information in the first place. The section anticipates that Federal requests or requirements for personal information henceforth shall be accompanied by written or oral notices presented in obvious or highly visible manner, which use the specific terms "mandatory" or "voluntary" in describing the nature of the individual's desired response, and providing the other requisite information concerning the authority of the agency to con- duct the survey, initiate the inquiry, or, in the case of administrative programs, to ask particular questions of the applicant. The Committee believes that an agency- should be able to ccmm.unicate to the indi- vidual, without intimidation, whether he is required to comply with Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 49 a request for information and what the likely consequences are of his refusal. To further clearify the consequences of those options, the notices should also include an explanation of the limits on the agency's ability to keep information confidential; for example, under com- pulsory legal process. The Committee is not impressed with executive branch arguments and those of some information users which hold that such candor on the part of government represents "poor psychology" and will destroy the integrity of statistical surveys and other data programs, or that it will discourage cooperation with official inquiries. The Committee believes, rather, that just the opposite results will be obtained. Fur- thermore, the spirit of constitutional considerations of due process and self-incrimination should pervade the conduct of such inquiries for administrative, regulatory, or other such governmental data programs. In defining the purposes of this section, the Committee endorses the recommendations of the HEW report that "the requirement is in- tended to discourage organizations from probing unnecessarily for details of people's lives under circumstances in which people may be reluctant to refuse to provide the requested data. It is also intended to discourage coercive collection of personal data that are to be used exclusively for statistical reporting and research." We also endorse the explanation of the COSATI panel of the need for such protections to avoid "the use of coercion or intimidation in the course of gathering information." We agree with the Panel that: "unless disclosure has been made mandatory by Act of Congress, personal information must never be extracted from an individual without securing his informed, express consent * * * In gathering information from individual citizens, Federal agencies have an obliga- tion to disclose to them the purpose for which the information is being collected, to state clearly the use or uses to which it will be put, to identify the governmental and non-governmental individuals and organizations that will be given access to it, and to indicate whether the individual's name will be associated, either directly or indirectly, with the information. "The type of disclosure is particularly important when the indi- vidual's participation in a data-gathering activity is voluntary in character, and is one way of assuring that the voluntary consent of the individual is meaningful. It enables him to evaluate the risk he may be assuming by revealing personal information, and in some cases, per- mits him to weigh that risk against the advantages of participating in a particular governmental program. It also should contribute to pre- venting alienation and should encourage participation in the data- gathering process. For the same reasons, it is imperative that the agency's understanding with the individual be honored. "When an individual is required to furnish information by act of Congress as is true for the decennial census, informed consent of the type described in the preceding paragraph is not necessary. None- theless, it is desirable to provide individual respondents with as much information concerning the data activity as possible." Of particular concern to people subjected to governmental inquiries is the general lack of precise information afforded at the time of collec- tion about the penalties for and consequences of nondisclosure. Where compliance is mandatory or where untrue response is punishable, with Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 50 penalties ranging from $100 to $500 to $1,000 and a year in jail, basic due process principles require that the individual be put on notice of such penalties, The same constitutional considerations require that where such penalties accompany demands for personal data, that demand must be based on statutory authorization. The Committee considers it basic fairness that any agency provide whatever information it has at hand about the immediate consequence of not respond:ng to an inquiry or particular question. While it may usually be convenient to provide this warning on the face of a written inquiry upon iaitial collection, in some cases, the Committee recog- nizes that it may be more practical to supply such information prompt- ly at a later time upon request of a data subject who may voice ob- jection or conc,,rn about some phase of a written or oral inquiry, or to some particular question. Clearly, the agency cannot be reasonably expected to tell all foreseeable or imaginable consequences of nondis- closure or disclosure. It can however, advise when nondisclosure will preclude any consideration of an applicant for employment, or for a right, benefit or privilege, or when nonresponse may be accorded some weight in official consideration of the application. To cite one example: A Federal employee requested to complete a research questionnaire stating which political candidate he or she prefers should be told at the outset that the response is voluntary, that it will not affect employment, and will not go into any government file. However, even such notice will not preclude an employee electing to challenge the inquiry for possible violation of the limitation in subsection 201(b) (7) on inquiries on first amendment activities. Similarly, couples applying for Federal housing loans have the right to know if they have to answer questions on whether they intend to have children and if they practice birth control, why the agency requires such information and whether or not they lose the chance for the loan if they don't disclose such information. Subsection ,201(b) (1). Requires each Federal agency that maintains an information system or file to insure, that is issue any requisite regu- lations, and take affirmative administrative action for the purpose of assuring, that personal information maintained in the system or file, or disseminated from it, is to the maximum extent possible, accurate, complete, timely and relevant to the needs of the agency. This requirement complements that of subsection 201(a) (1) impos- ing such a duty on agencies and is deemed necessary to the effective ex- ercise of any right of the individual to challenge a record, or a data bank on these grounds through the agency or the courts. The standard cf relevancy is that statutory basis for an information program required by subsection 201(a) (1). The scope of these two sections encompasses all phases of the information system. The stand- ards of relevancy here relate to the constitutionality and legality of the entire information program, as well as, the reasonableness of mainte- nance or any particular piece of personal information, given the stat- utory jursidiction of the agency. The standards of accuracy, completeness, and timeliness, as well as relevancy are directed to the quality of the information in an individual's own file. The section thus looks to a double- rouged consideration, first to the authorized needs of the agency, and second, to the scope of the administrative need for information in order to make a decision on that individual. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 51 The condition that such a goal be pursued to the "maximum extent possible" is attached to promote an extra measure of caution and zeal beyond the ordinary standard of care which governs all other in- formation handling. But it is also designed to allow the agency the freedom to determine through its own regulations and directives, as adapted from the Commission model guidelines, what is reasonably "possible" within the limits of the statutory duties placed on the agency, of its resources, of technological feasibility, and of adminis- trative practicality. The Committee recognized, for instance, that it is administratively and logistically impossible to keep current and timely the statistical information maintained for historical and archival purposes. Yet an agency may well question an investigative data bank or file on people which was long ago outdated and is now seldom used, and which services no program or one which is maintained only in case the individuals once again deal with the agency. It is hoped that with the inclusion of such a broadly-termed mandate linked to the right of the individual to challenge, there will begin a long-overdue evaluation of agency program needs for stale, irrelevant, and untimely information. When combined with the subsection 201(a) (1) duty to confine infor- mation gathering to only personal information relevant and necessary to accomplish a statutory purpose, the Committee has provided agencies and the courts with a standard against which the individual may challenge information in a file or data bank. Subsection 201 (b) (2). States that agencies shall require employees to refrain from disclosing records or personal data in them, within the agency other than to officers or employees who have a need for such record or data in the performance of their duties for the agency This section is designed to prevent the office gossip, interoffice and interbureau leaks of information about persons of interest in the agency or community, or such actions as the publicizing of information of a sensational or salacious nature or of that detrimental to character or reputation. This would cover such activities as reading results of psychological tests, reporting personal disclosures contained in personnel and medical records, including questionnaires containing personal financial data filed under the ethical conduct programs of the agency. It is designed to halt the internal blacklisting that frequently goes on in agencies and on Federal installations on persons who do not comply with the organizational norms and standards for some reason, such as not participating in savings bonds drives or charity campaigns; and the listing of results of employee tests or performances; It is designed to help prevent the easy exchange of data about the same individual between regional managers of different pro- grams within a bureau or department and the consequent informal or inadvertent, administrative integration of data for purposes. of making al governmental decision about that person. This might be true, for instance, of a farmer who had filed information or been the subject of official inquiry in several agricultural programs in one county. The section envisions that if an employee dealing with official information about a person is requested to surrender that person's record to someone who clearly has no need for it, he should 'decline or seek to define the purpose of the requested disclosure. One of the Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 52 results of this section may be to promote a sense of ethical obligation on the part of Federal officials and employees to ascertain when improper disclosure of information within the agency may be sought or promoted for personal, political or commercial motives unrelated to the agency's administrative mission. It is not intended to conflict with other statutes, rules and regula- tions governing employee conduct or information practices but is meant to implenent and reinforce them. The sta-idard of refraining from certain behavior implies, by definition, not indulging in impulses to engage in positive behavior to the contrary, in this case, in not taking positive action or making specific administrative or personal efforts to disclose, personal information acquired in the course of one's duties when such disclosure is not required. Subsection 20i (b) (3). Requires any Federal agency that maintains a personal information system or file to maintain a list of all categories of persons, including individuals and agencies authorized to have regular access to personal information in the system or file. The original bill required Federal agencies to record each and every access to any information system or file. By requiring instead simply a list of the categories of employees and of other agencies and persons who on a regular basis are permitted. to examine files within a system of personal information, the bill meets the objections of agencies that a strict accounting of every access was not administratively practi- cable or feasible in view of the necessary routine in daily access to a file by varous identifiable groups of people and by many employees for purposes of entering or withdrawing information. The problem of requiring identity and purpose of access by reporters and others in the public exercising inspection rights under that and other acts made it more feasible to require a list which would be available to the public and to individuals who are subjects of the files. Where employees are concerned, the kind of list envisioned would make it possible to identify for any particular day the employees oc- cupying a position and performing duties requiring such access to a particular file or authorized to have such access. Since this is deemed merely good management and responsible personnel practice for all Federal systems and is a practice observed in many agencies anyway, it is not expected to present difficulties in compliance. With regard to the definition of who are "regular" users beyond the agency, outside of the public and press, the type of regular use en- visioned is that such. as where, by statute and written agreement for information-sharing among agencies, there is access by terminal for the purpose of implementing such agreement. The Commission, in the course of developing model regulations for guidance of agencies in implementing tha Act, will assist in promoting a workable definition of such users by reference to the specific situations presently authorized. S bsection 201(b) (4). Requires any Federal agency that maintains a personal information system or file to maintain an accurate accounting of the date, nature, and purpose of nonregular access granted to the system, and each disclosure of personal inform,tion made to any person outside the agency, or to another agency, including the name and address of the person or other agency to whom disclosure was made or access was granted. An exception is recognized for those accesses and disclosures involved in public inspection or copying Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : fiIA-RDP76M00527R000700130032-5 pursuant to law or regulation, which includes the Federal and State open records laws and regulations implementing them. This section is included as an essential element of the Code of Fair Information Practice and the "Information Bill of Rights" in order to promote the full implementation of the right to seek to obtain a meaningful correction of inaccurate records, not only in the offering agency, but wherever in government and private organizations the inaccurate information may have been transmitted. The kind of audit and "audit trail" envisioned here is one that makes it technically and administratively possible to audit and inspect the nature and pattern of transfer of personal information whether in manual or computerized form outside the agency system, to be integrated in another agency's system, or to other persons in other agencies of government. Furthermore, such record of access and disclosure helps assure against administrative departure from the stated uses, access controls, and users required to be filed in the Federal Register and with the Privacy Commission, and to guard against illegal seizures of infor- mation. It is designed to make oversight of information practices of government more manageable and efficient. Subsection 201 (b) (5). Requires a Federal agency that maintains a personal information system or file to establish rules of conduct and notify and instruct each person involved in the design, development, operation, or maintenance of the system or file, or in the collection, use, maintenance, or dissemination of information about an individual, of the requirements of this Act, including any rules and procedures adopted pursuant to this Act and the penalties for noncompliance. This notice would include consultants, contractors, and those outside the agency involved in such activities. This section, another essential element in the Code of Fair Informa- tion Practice, merely recognizes principles of good public administra- tion that the most effective hierarchial management of an organization results from informing employees of their responsibilities and how they relate to overall agency obligation and of their duties regarding the information they process and to the techniques, equipment and instru- ments with which they carry out their assignments. While most agencies may have ethical conduct rules with respect to the information under the control of civil servants, these do not neces- sarily always reflect the ever-expanding information needs of govern- ment or the increasing mechanization and computerization of govern- ment records, with the vast numbers of specialists and technicians brought rapidly into Federal agencies to deal with them. Nor do these codes reflect the developing professional codes of ethical conduct for those involved in application of computer technology and sophisticated information-processing techniques in the public and private sectors. It is expected that the Commission, in drafting its model guidelines, would incorporate these and would encourage their more extensive adoption by agencies in their rules implementing the Act. This section thus envisions positive action by the agency, beyond mere publication of implementing regulations, to notify people administratively, perhaps by a handbook for which each person is responsible, and by a special session instructing them on changes made in existing programs by the new Act. It is expected they would be in- Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25: CIA-RDP76M00527R000700130032-5 formed of administrative sanctions and other penalties applicable by reason of statutes and regulations governing performance and behavior of Federal personnel. Subsection 201 (b) (6). Requires any Federal agency that maintains an information system or file to establish appropriate administrative and physical safeguards to insure the security of the information sys- tem and confidentiality of personal information processed and handled in it and to protect against any reasonably foreseeable or anticipated threats or hazard:m to their security or integrity which could result in substantial harm, embarassment, inconvenience, or unfairness to any individual on whom personal information is maintained. [The analysis of this subsection is supplemented by that for subsection 201 (f).] Once privacy, confidentiality and due process policy issues have been resolved, the administrative measures and technical features needed to implement those decisions are required to be taken by the agency under this section. These may include, for example, establish- ing and enforcing rules of access, adding computer software that ap- propriately screens requests for access and that keeps accurate and complete records of access and disclosure, and installing locks and similar security devices. Many agencies will no doubt find their present measures adequate for many existing systems and files. Others may need supplementary action. All must make such considerations part of their decisions to create new systems and data banks. The Committee recognizes the variety of technical security needs of the many different agency systems and files containing personal infor- mation as well as the cost and range of possible technological methods of meeting those needs. The Committee, therefore, has not required in this subsection or in this Act a general set of specific technical stand- ards for security of systems. Rather, the agency is merely required to establish those administrative and technical safeguards which it determines appropriate and finds technologically feasible for the ade- quate protection of the confidentiality of the particular information it keeps against purloining, unauthorized access, and political pressures to yield the information improperly to persons with no formal need for it. Once it determines the need for certain physical and technical features for the computerized or mechanized stages of their systems, or for their manual files, agencies would be expected, in compliance with the Act, to seek such features where necessary through the budget process or as alternatives to existing methods. The Committee- is cognizant of the advice of the Director of the National Bureau of Standards Institute for Computer Sciences and Technology, and intends that the term "appropriate safeguards" should incorporate a standard of reasonableness and "refer to those safeguards which represent current state-of-the-art procedures at any given time, despi.e any weaknesses that may exist in the technology at that time." However, the Committee does not intend to discourage the active pursuit of new and more useful safeguards. While this interpretation represents a retreat from the absolute requirement of obtaining such technological features, the Committee agrees that given present cost factors and considerations of economy, such an approach- suggests that we could look forward to increasingly higher standards of `reasonableness' as new technologies are further developed to make our systems progressively more secure. But it Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 CFIA-RDP76M00527R000700130032-5 would also permit the immediate application of all of these techniques where they can contribute-even in their present form-to better protection of data confidentiality and individual privacy. The Act thus provides reasonable leeway for agency allotment of resources to implement this subsection. At the agency level, it allows for a certain amount of "risk management" whereby administrators weigh the importance and likelihood of the threats against the avail- ability of security measures and the consideration of cost. The Act makes the wisdom and legality of these decisions reviewable by the Commission and Congress where they involve major changes in computerization and file management of data on people. It thus makes Congress, with the advice of the Commission, the final arbiter of the decision weighing cost, economy, technological feasibility against privacy and other civil liberties. The Committee is furthermore aware of the problems of requiring computers dedicated to one use or one sensitive category of informa- tion. Further, it agrees with the National Academy of Sciences Report that "it would hardly advance civil liberties in this country, if in the name of protecting confidential files, civilian government agencies and private organizations were to adopt the authoritarian environ- ments and intrusive personnel policies used by defense and intelli- gence agencies to safeguard their information systems." The Committee was persuaded on the need for such standards by the testimony of computer experts and by reported cases of file by theft, tapped transmissions and disclosure problems in the use of time- sharing facilities. As the National Academy report recommendation summarizes numerous expert opinions: Both managers and policymakers should be aware that the payoff in sensitive personal information to be obtained by insiders violating confidentiality rules and outsiders breaching system security is going to increase in the coming yyears. More comprehensive information about people will be collected in the kind of large-scale record systems that are growing up, such as the omnibus charge-card systems and national welfare assistance programs. Furthermore, as more organizations make use of the low cost and flexible services that are available in commercial time-sharing facilities, more high-payoff targets such as the membership and contributor lists of various kinds of organizations will be appearing in time-sharing systems, requiring more atten- tion to the security problems in multiple-user commercial facilities than this area has received thus far. (Report, p. 395) The range of alternatives available to agencies to promote adequate systems security has been described at length for the Committee record and in other congressional hearings. For convenience and expertise, the National Academy of Science report can be cited here as indicative of the Committee judgment that it is not tying the administrative or logistical hands of the executive branch with strict impossible standards, but is leaving it for the agencies and the Federal Government to request needed specific features from manufacturers in the course of the Federal procurement process. The report states: Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/256 CIA-RDP76M00527R000700130032-5 What seems clear is that adequate computer technology already exists to provide both the hardware and software protections that are needed to afford effective levels of secu- rity for personal data in the kinds of record systems we have been considering. To give several examples of particular relevance to civil liberties issues, much more could be done by computer manufacturers to put record-field access control features into the software operating systems of computer systems, so that users could exercise greater control over the authorization tables that govern access to the data base for each use.-. Similarly, much more could be done by soft- ware developers to provide the programs for real-time monitoring against unusual volumes of use or unusually low yields of `hits,' in order to warn systems managers about what may t e unauthorized uses or improper `browsing' in sensitive files. (Report, p. 395) The Committee does not, therefore, mean to relieve any adminis- tration officials of responsibility for promoting the purpose of this subsection. We are aware of the availability of administrative and technological means of promoting this purpose, and are mindful, in particular, of Justice Department technical reports by the Project SEARCH Group and reforms effected bey law in the computerized information systems of the States of New York, Massachusetts, Minnesota, and others. The Committee has taken note of laudable activities in the executive branch to foster administrative observance of standards of confi- dentiality of information and systems security. Such efforts and management guidelines have heretofore been dependent upon the good will of officials of the department and agencies and upon their zeal, time and discretion in use of resources. This Act will not impede these efforts, but will provide the needed legal support to aid in their achievement. Subsection 201(b)(7). Provides that no Federal agency that main- tains a personal information system or fileshall establish any program for the purpose of collecting or maintaining information describing how individuals exercise rights guaranteed by the first amendment unless the head of the agency specifically determines that such pro- pram is required for the administration of a statute which the agency is charged with administering or implementing. This section combined with the application of the principles of relevancy under subsection 201 (a), reflects the preferred status which the Committee irtends managers of information technology to accord to information touching areas protected by the First Amendment of the Constitution. It is aimed at protecting Americans in the enjoy- ment of the privacy of their thoughts, habits, attitudes and beliefs in matters having nothing to do with the requirements of their dealings with an agency peeking information. It is designed to assure that where such investigations are undertaken, the decision is made by a responsible official who is accountable on the record rather than by the culminative ad hoc, case-by-case decisions of investigators and drafters of questionnaires which can easily become the commonlaw of an agency's practice in lieu of agency-level decisions. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 57 This section is directed to the planning stage of any executive branch programs being designed for the principal purpose of identify- ing Americans who exercise their rights under the First Amendment and of taking note of how and when such activities are exercised. It is directed at programs which would (1) require gathering of such data from other agencies or (2) would require questions to be asked of the subject individual or of others about his or her personal political beliefs and philosophy, about legitimate activities of the individual in participating in community events, in religious practices, in seeking redress of grievances through such methods as signing petitions to be sent to Government agencies, Members of Congress or State legisla- tures; picketing under lawful circumstances; associating with others of like mind for the purposes of exchanging social, economic or politi- cal views; engaging in lawful demonstrations with others of like mind for the purpose of expressing opinions about governmental, social or economic policies; or expressing written or spoken opinions about such matters through the press, including letters to editors and comments on radio and television programs. This section's restraint is aimed particularly at preventing collection of protected information not immediately needed, about law-abiding Americans, on the off-chance that Government or the particular agency might possibly have to deal with them in the future. This, of course, applies not only to the agency's own programs, but also to its partici- pation in such programs undertaken by other agencies. It is directed to overly-broad inquiries made in the course of administering programs requiring judgments on individuals for de- termining employment and other rights, qualifications, benefits, or privileges under Federal statutes. Next, the section is directed to inquiries made for research or statistical purposes which, even though they may be accompanied by sincere pledges of confidentiality are, by the very fact that govern- ment make the inquiry, infringing on zones of personal privacy which should be exempted from unwarranted Federal inquiry. The initiatives for such programs can be highly visible within an agency. They have come to the attention of Congress in formal regu- lations, in draft regulations, in informal directives and orders establish- ing programs or specifying certain criteria for gathering information deemed helpful to an agency. The requirements of this section, then, impose a duty on administrators to review such sensitive information programs at the earliest possible stage for their possible reception by the public and the subject individuals as threats to first amendment principles. Since agency heads and administrators who may doubt their au- thority will consult their general counsels and the Attorney General as chief legal officer of the Government, it is expected that this section will impose no onerous burden on decision-makers. It is further expected, however, that not only the rigid letter, but the spirit of the Bill of Rights will prevail in their decisions and that where there is dispute about whether to solicit or try to collect the information, the scale will tilt toward observing the privacy of citizens and toward seeking alternative methods of fulfilling the administrative goals of the Federal Government. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 58 The Committee does not expect that compliance will be met by a one-time administrative finding that an agency requires such informa- tion. Instead, there are expected to be specific determinations for new programs or alterations in existing ones, for directives on investigative standards, and for specific inquiries to be included on questionnaires sent for administrative, statistical, or research purposes. The standards are applicable whether the information is sought for another agency's list, or by means of investigative questionnaire, lie- detector, oath, personality test, or any other similar technique. Such determination will of necessity require reference to require- ments of authorizing program statutes, "housekeeping statutes" of the departments and agencies, and pertinent judicial decisions. At a minimum, it expects that compliance will begin with creation of a special reviewing proe.ess for such matters at the highest level in each agency and that efforts would be made to seek to learn reaction to similar programs by Congress, the press and public. Where authority is found to be lacking to make such inquiries as are deemed necessary for a statutory purpose, nothing prevents a department or agency from proposing to the President and from seeking of Congress legislation granting the requisite authority. In drawing the particular restrictions on data gathering set forth in this section, the Committee does not intend to preclude future deci- sions that other types of personal information shall not be collected by Federal agencies. Notices Subsection 201(c). Provides for the notices describing the personal information systems and data banks maintained by the departments and agencies of the executive branch. The provision incorporates the recommended language contained in the draft administration bill, and specific recommendations of the HEW privacy committee. The duties herein are required to enable the privacy commission to carry out its duties, as discussed above, pur- suant to subsection 103(a), of publishing the Federal directory of personal information systems and data banks. It is the Committee's intent to specify separately each matter to be included or considered for inclusion in such notices. The categories, however, are broadly stated to allow agencies to adapt their statements to fit their particular systems and files. The Committee intends that no agency should be exempt from the requirement to develop such information needed for the required notices and to se:_ad it to the Commission. In addition, agencies are required to provide such information for publication in the Federal Register simultaneously when the Act becomes effective. Annually thereafter, they are to supplement such notice or, if there has been no change in their personal information systems or data banks, they should either sta;le this or reissue their previous statement. While such simultaneous action may cause an initial logistics problem, the Committee believes.it is necessary if the public notice function and the exercise of the rights which it serves are to be meaningful. Congress has received complaints about the difficulty which organizations and individuals have in keeping track of the scattered, obscurely-worded public notices filed by agencies which may affect privacy and civil liberties. In addition, citizens have complained that regional and Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 59 local employees of the agencies do not have available in their offices sufficient information about other data banks, investigative or data- collection programs, or information practices of their departments or agencies. Since the Federal Register is not always available to the average citizen and since the urgency of a problem might preclude his seeking information from the Commission's guide to data banks, the Com- mittee intends that notices with the requisite information should be available for distribution upon request. It is expected that the contents of notices filed with the commission would of necessity be more detailed and elaborate than that provided for such agency distribution. Such a document might be abbreviated with an indication of where the individual may seek additional information. The notice to the Commission should contain a listing of all statutes which require the collection of such personal information by the agency. This is to enable the Commission to carry out its function pur- suant to subsection 103 (a) to publish such list for each data bank and personal information system. This requirement was included by Committee amendment so that Congress and the public may know whether or not the agencies are collecting the information at the discretion or whim of administrators or if there is some statutory basis for it. This requirement to provide such legal data on a systematic basis will enable Congress, if it so desires, to reexamine or modify such statutory authority. Such information on hand will also assist the Commission in its investigation of the complaints of violations of the Act, and in its study of the practices of. State and local and private sector organization in which it is to review the statutes and legal authorities for data programs. Subsection 201 (d). States the basic right of the individual to inspect and correct the personal information which the Government has on record about that person. Its provisions are minimum standards and are not intended to preempt or preclude laws and regulations providing even stronger protections for such rights. These provisions reflect the cumulative recommendations of many experts in constitutional law and of governmental and private groups studying the issues of privacy and due process over many years. They also take into account experience with access and challenge provisions of the Fair Credit Reporting Act, as well as the many recommenda- tions from the Federal Trade Commission, the public, and Members of Congress for strengthening and clarifying that Act. As originally introduced, the bill provided that each agency notify all individuals about whom personal information is kept in the orga- nization's files. This provision would most clearly have guaranteed that each individual would know what files of personal information are being kept, and f y whom, and for what purposes. However, the Committee recognizes the merit of the objection raised by Federal agencies that individual notification would be unjustifiably costly. The Committee relies instead on the initiative of concerned individuals to learn whether they are the subject of government files. Using the Directory of Information Systems as a guide, any individual that writes a letter to any department or agency or official of the Federal Government asking to know what files exist on him shall receive a full Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 60 accounting, on behalf of the addressed department or agency and all of its subsidairy governmental organizations, grantees and con- tractors, of prEcisely what files do exist. Subsection ,201(d) (1). Requires each Federal agency which maintains an information system or file to assure that an individual who requests them may exercise rights set forth under this subsection. This re- quirement of "assurance" means no more nor less titan that an agency must (1) issue appropriate implementing regulations and (2) take affirmative actiDns to apply then. First, the person has the right to be informed of the existence of personal information on him or her, to know whether or not the agency even has a separate file. In addition, lull access to that file is to be afforded and the right to inspect it in a form which is comprehensible. This means that, unlike the existing practice in some agencies and under the Fair Credit Reporting Act, a person does not have to rely on a clerk's review of the file and a sur amary of what is in it. In addition, an agency may not just present a punched card or a collection of symbols on a print-out from a computerized system, or shorthand notes, but rather, must see that the information is presented in a form which the layman may reasonably understand. The Committee agrees with the definition of "inspection" provided by numerous reports on privacy and summarized by the Academy of Sciences Report in the following terms: where. government files are concerned, we think inspection should mean the right of the individual to see a copy or display of the actual record in full, and to obtain an official copy of it for a nominal fee. Having an official describe the contents of the record to the individual but not let him examine it himself does not meet the test of open- ness or provide the psychological sense of having satisfied oneself about what is really there. (Report, p. 370) The person is entitled to know the names of all recipients of personal information about such individual, including the recipient organiza- tions and their formal or informal relationship to the system or file, and the purpose and date when the information was given out. This requirement would not apply, of course, where the accounting of access and disclosure under subsection 201(b) (4) need not be main- tained because o.-: the exemptions provided in subsection 202(b). It would involve allowing the individual to examine whatever access log is maintained for the file, together with a list of organizations exempted from entry in any log. The individual also has the right to know the sources of the per- sonal information. If such source is required to be kept confidential by statute, then the individual may be informed only of the nature of the sources. The data subject may be accompanied by someone of his choice, in order to have the support or advice of a friend, relative, or attorney, in inspecting and evaluating the information and making his way through what may amount to a paper maze. The Committee believes this is necessary for effective exercise of 'rights under the Act. In some cases, the data may be so derogatory or otherwise sensitive from a privacy standpoint that the individual may be asked to furnish Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 61 written permission authorizing discussion of the file in that person's presence. The person has the right to obtain the disclosures and access re- quired to be given under the Act in person with proper identification, or by mail upon written request. An agency may set reasonable stan-lard charges for document duplication. This section provides the further right to be completely informed about the uses and disclosure the agency has made of the information so that the individual may trace and correct the further uses of any inaccurate information, or take any necessary action to retrieve it from improper disclosure. The degree of "completeness," of course, would depend on what information the operative official has to his knowledge, or can reasonably obtain. In addition, the handling of such cases would be governed by the agency regulations defining what is deemed complete, timely and relevant to the agency needs in using the information for any purpose. Subsection 201 (d) (2). Describes the actions required of an agency as a minimum response to a person who lets the agency know in some oral or written fashion that he or she wishes to challenge, correct or explain personal information about that person contained in a system or file. Some statutory requirements or regulations may provide greater rights. These procedural rights are recognized as minimum in the recommendations of major commentators and studies. All of them are directed to implementing the basic principles of privacy and due process; that a Government agency should not take note of personal matters at all, and that it should, on the other hand, have information which is accurate and relevant as needed to make fair administrative decisions. Subsection 201(d) (2) (A). The agency is to investigate the alleged inaccuracy by any reasonable means available and to record the current status of the personal information. Such investigation may require no more than a telephone call to another agency to ask them to verify the data. It may require no more than a review and re- cording of documentation, affidavits, authoritative materials, or records supplied by the individual. It may mean no more than chock- ing other records and questioning investigators of the agency to clarify vague reports or correct inaccuracies. It may mean no more than reviewing the actions of a computer programmer who deleted or reduced to a minor role relevant information necessary to present a complete and fair account of a situation. The agency regulations, with the guidance of the Commission's guidelines will provide standards for this and other actions of the reviewing official. The subsection is not intended to require an agency to extend its investigative powers beyond its statutory jurisdiction or beyond the reach of its fiscal and administrative resources. Rather, one of the purposes is to provide fairness to the agency by assuring that administrative means are afforded which allow the agency to protect itself from charges of inaccuracy and untimeliness by taking the necessary action to verify and update the challenged information. Subsection 201 (d) (2) (B). Requires the agency to correct or eliminate any challenged information that its investigation shows to be incom- plete, inaccurate, not relevant to its statutory needs, not timely or necessary to be retained, or which can no longer be verified. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 62 The finding of a need for retention can include the uses required by the agency's needs for meeting administrative, research or statistical obligations. The deciding officer should be able to do more than cite a presumed ne3d; rather, the officer should be able to cite a statutory or other legal requirement supporting the decision. Subsection 2O1 (d) (2) (C). If the investigation (foes not resolve the dispute, the agency, under this subsection is to accept and include in the record of such information, a statement of reasonable length provided by the data subject setting forth his or her position on the dispute. Wherever possible, such supplemental information is to be included or entered in the original file. In some cases, where computer pro- gramming already undertaken prevents the entry of such disputed information, it may be necessary to store it in a separate file, with an appropriate entry in the formal record of the existence elsewhere of relevant information. Subsection 2 62 (d) (2) (D). Requires the agency to report the chal- lenged information and to supply the supplemental statement in any subsequent dissemination or use of the disputed information. Following correction or elimination of challenged data, the agency shall, at the request of the individual, inform previous recipients of its elimination or correction. This requirement is not considered an unreasonable one since the data is conditioned and limited by the informed request of the individual who will have some knowledge of previous recipients and present users from exercising his right to know such matters under subsection (d) (1), and from inspecting whatever monitoring the agency is required to mabitain under subsec- tion 201(b) (3) and (4). In addition, the responsible agency officials will have discussed with the person the uses to which the data has been put, to their knowledge, and given him reliable advice on the need for pursuing the corrections with another agency or person. The provision is intended further to reduce the time and resources the individual must expend in correcting his records with each user, office, bureau or agency which may have received it. It will prevent the repetition of the access and challenge efforts for the same purpose. No time limit was set on the provision, since it may be important to learn if one user received the data under some joint program ten years previous, while those disclosures made in the t;vo years previous may be of no ecnsegi.ience. The deciding official should make some effort within an agency to trace formal or informal programs for exchanging or sharing data which would reasonably involve dis- closures from the individual's file for any purpose. Where such information would not be required to be kept before this Act or would not be kept under the exemptions of this Act, it would recognizably be impossible or difficult to comply with such requirements. In such cases, what is envisioned is a good faith effort to assist the individual. Subsection 201(d)(2)(F). Establishes machinery for appealing and reviewing the failure to resolve a dispute or the decision of an official to deny a request to correct or supplement information. Many scholarly proposals to afford the right of access and challenge of records have incorporated such a right within .an administrative scheme giving the individual the right to appeal to an independent regulatory body. This was the intent of the original bill which gave Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 ~PIA-RDP76M00527R000700130032-5 the individual the right to file a statement and provided appeal rights to the Federal Privacy Board, which had cease and desist powers. The Committee, after considering testimony on the wisdom of alternative methods of regulation, decided against making the new Commission a Federal "ombudsman" complaint body, although it may now receive complaints illustrating patterns of violations of the Act. Instead, the individual may seek review within the agency and direct judicial review by the Federal District Court in the event the agency rejects the challenge to its records. At the request of the individual, the agency must provide a hearing within 30 days of the request and the individual may appear with counsel, present evidence and examine and cross-examine witnesses. If, after such a hearing, the challenged record is found inadequate under 201(d) (2) then the agency must purge it from the file and from the agency system, or modify it as found appropriate. The actions or inactions of any agency on a request to review and challenge personal data in its possession is made reviewable by the appropriate United States District Court by subsection 201(d) (2) (F) (iii). The language of this subsection reflects that in an administration- sponsored omnibus criminal justice bill and was recommended by several witnesses and legal experts. It is the Committee intent to substitute for regulatory agency review, a responsive speedy, agency process for resolving citizen's complaints about improper, illegal, or careless information practices of the Federal Government. Where many agencies may provide a review process after a harmful decision is made with the information, this section anticipates special initiative by agencies to extend existing processes, or to establish new procedures to encompass requests for access and challenge at, an earlier stage in the management of the information. As discussed previously, the Committee deems such access and challenge rights essential to enforcement of the Act, and as an aid to monitoring the system, and to promoting the reduction in the bulk of outdated, irrelevant files which agencies keep. While agencies may exempt themselves through a rulemaking process, in certain areas, and with respect to particular records, the Committee does not consider the grant of such discretion a mandate to exercise it to the limit, but rather, to exercise it sparingly, with due regard for the principle of democratic government and the recognized right of all citizens to knowledge about the activities of government, a right more precious when the activities relate to information uniquely pertaining to the citizen. Subsection 201 (e). Provides for the coverage of the Act to apply to certain information systems or files of contractors and grantees or others when a Federal agency provides by a contract, grant or agree- ment for the specific creation or substantial alteration of such infor- mation system when the primary purpose of the grant, contract or agreement is the creation or substantial alteration of such an infor- mation system. When such conditions apply, the agency shall, consistent with its authority, cause the requirements of subsections 201 (a), (b), (c), or (d) to be applied to such system and then only to the relevant portions Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25CIA-RDP76M00527R000700130032-5 of such systems or data banks as are specifically created or substantially altered by such g;ra.nt, contract or agreement. In cases when contractors and grantees or parties to an agreement are public agencies of State and local governments, the requirements of subsections (a), (b), (c) and (d) shall be deemed to have been met if the Federal agency. determines that the State or political subdivisions of the States have adopted legislation or regulations which impose similar or stronger requirements for the security of information sys- tems and the confidentiality of personal information contained therein, and for the individual's right to have access to records and to chal- lenge their accuracy. Subsection 201 (J) (1). This subsection is intended to assure knowledge by Congress, th.3 executive branch, and interested groups of new Federal data banks and pooling of informational and computer resources to constitute centralized data systems not foreseen by Congress. It is to prevent a de facto national data banks on individuals free of the restraints on Federal power established by Constitution and statutes. It is intended further to prevent creation of data banks and new personal information systems without statutory authorization from Congress and without proper regard for privacy of the individual, confidentiality of data, and security of the system. The section therefore requires any Federal agency to report to the Commission, the General Services Administration, and to Congress on proposed personal data banks and information systems or files, on proposed significant expansion of existing ones, on integration of major files, on programs for significant records linkage within or among agencies, or for centralization of resources and facilities for automated data processing. Explanation of this subsection should be supplemented by reference to the analysis of subsections 103(c) and 201(b)(6). .Such notices shall also describe the agency's judgment, positive or negative, of any effect it perceives that such proposal might have on the rights, bepef ts, and privileges under Government programs of the people who are the subjects of information involved in the change. For instance, does it mean that another agency which makes decisions on other rights of a person will now have terminal access to data of an agency for purposes of making its decisions and thus raise due process issues of relevancy' Will it allow creation of a data bank for investigative or intelligence, or research purposes which might, by its very existence; have an intimidating effect and raise first amend- ment question- of records surveillance? Will common storage facilities by agencies enable common usage not envisioned b the data subject or facilitate theft or improper access? On the other hand will the changes promote more effective exercise of individual rights, and fairness in decisions about the person? What is anticipated is a check-off by the agency on the possible enhancement of or threat to the civil liberties and civil rights of citizens, including, due process rights, from such changes. The notice shall also state what administrative and technological features and measures are deemed necessary to protect the security of the information system or data bank and the confidentiality of the information. Such a statement should represent the ideal situation given the kinds of personal information and the promise of confi- Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 65 dentiality accorded it by law or by understanding with the subject individual. The report would then include the agency's best judgment on how best to achieve these goals within the limits of available tech- nology, resources, and legislative authority. The subsection requires a description of the formal and informal actions, negotiations, and representations and their outcome, undertaken to obtain necessary features. This should include accounting of any consultation with computer and system experts, including the agency's own staff mem- bers and those employed by the National Bureau of Standards, the General Services Administration, by computer manufacturers, and professional organizations on computer and information technology; and any others within and without the executive branch, such as specialists in public administration and constitutional law. The Committee recognizes that no level of security can be specified as absolutely adequate and that this often depends on what is available to promote the type of security needed for certain types of information. It is expected that a set of criteria on the degree of sensitivity of personal data in the system would be developed on the basis of the historical breaches of confidentiality of that type of information. It is clear from the various public records and studies that there are some information systems in which there have been breaches for personal gain or political motives or other unauthorized purposes. There is clearly a need to safeguard these files as a first priority. The report to be filed with the Commission would detail the agency plan, given the historical threats or the likelihood of them. Clearly, the files in the Social Security Administration, while sensitive, might not have the same level of possible security breaches as the Passport Office Lookout File or the Civil Service Commission Investigative Index. Attached to that report would be the description of the agency's consultations with the National Bureau of Standards including any recommendations made by Bureau officials and other computer experts on desirable standards for safeguarding information. Some unnecessary concern has been expressed by certain agencies as to how soon they would have to install such safeguards and whether they would be able to function at all after enactment of the bill until they obtained such features in their systems. For some files or systems, it would be appropriate to define stages and goals to achieve the. full level of security. Good-faith compliance can be done in a stage process where necessary, but it is expected that there would be a program of steady and consistent efforts to attain the desired standards. From the available studies, and from the reports of unauthorized access, it is apparent that few Federal data banks and information systems are living up to existing standards. Testimony to the Com- mittee, the National Academy report and others have shown that there are well-known techniques for controlling authorization of people to use data, to monitor inquiries into the data system, to do current monitoring of the level of use of any participant to detect unusual and possibly unauthorized activity, and other audit-trail techniques. These are all available methods of providing security of systems for adminis- trative, technical, and physical purposes. These and many other techniques are what agencies should be expected to apply to their own situations, within the framework of the Commission model guidelines. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 66 Many of the techniques involved in administrative and physical security would apply to tape central records rooms such as the card index of the Civil Service Commission, the manual fingerprint file of the FBI, and the U.S. Army Records Center. However, computer systems pose special problems because of on- line terminal communications. Therefore, the growth useful standards and procedure could be nourished. The notice should include a description of changes in existing inter- agency or intergovernmental informational relationships, whether these are pursuant to Executive order, statute, agreement, or custom. This is to afford the Commission, interested groups, and the Congress an opportunity'to evaluate the impact of such computerization or changes in information systems on the observance or principles of separation of powers and of federalism including their impact on powers and authority of State and local governments. It is expected that precise details to be included in such reports may be arranged with the Privacy Commission, pursuant to considera- tion of logistical and administrative feasibility. The Committee intends, by requiring the filing of such notices and the Commission review of them, to assure to Ne extent possible under this Act the promotion of the public policy reflected in the National Academy of Sciences report that: "All aspects of important new record systems should be subject to examination. as to their civil liberties implications and as to citizen reaction to their various features. As with computerization itself, the process of establishing new record systems or changing old ones in executive agencies ought to become more visible and deliberate * * *" (Report, p. 399). Subsection 201(f) (2). Provides that the agency must delay the pro- posal for 60 days if the Commission, after reviewing the agency's notice and investigating its implications under the terms of the Act and the mandate to the agency under subsection 201 (b) (6), as discussed above, notifies the agency that the proposal does not comply with the standards for privacy, confidentiality, and system security established under the Act or by regulation pursuant to it. This allows the Commission time to file any investigative reports on the matter as required pursuant to title I. Nothing in this Act then prevents agency officials from proceeding with this proposal, nor, on the other hand, does anything in the Act require them to proceed with it. This subsection merely provides for a moratorium of 60 days where the Commission, under its mandate, finds a proposal so fraught with actual or potential constitutional, legal, or administrative diffi- culties that it ought to be specifically examined or authorized by Congress, or ought to receive the further attention of appropriate high level executive branch officials. Subsection 201(g) . Provides that each Federal agency covered by this Act which maintains a personal information system or file shall make reasonable efforts to serve advance notice on the subject of information before it disseminates or makes available a file or any data on that person pursuant to compulsory legal process. The purpose of this section is to permit an individual advance notice so that he may take appropriate legal steps to suppress a subpoena for his personal data. ~~ hen it undertakes itself to notify the individual, it may require that the cost burden of such efforts must be borne by the requesting agency or person. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 67 The committee intends subsection (g) to impose stricter require- ments upon the disclosure of information to protect it from the searches of random investigators who may obtain information from friendly employees or who may simply flash a badge or use influence to obtain such information. However, the subsection is not intended to require compulsory legal process where it is not presently required. Nor is it intended to loosen any present restrictions imposed by statute or regulation whereby information may only be obtained through court order or other legal process. This subsection reflects the Committee's agreement with the IIEW report recommendation which was found necessary "to assure that an individual will know that data are being sought by subpena, summons, or other compulsory legal process, so as to enable the person to assert whatever rights are available to prevent disclosure of the data if such actions seem desirable. This section is intended to apply to all personal information held by an agency, including administrative, statistical and research data. It is intended to be a separate safeguard independent of any other exemptions in the Act in order to carry out the principle that an individual should be put on notice whenever any agency official is under judicial compulsion to surrender data, and to know whenever personal data will be put to uses unknown to the individual and not specified by the agency in its published notices. In summary, it is designed to assure that the person will be able to exercise rights under this Act to check the data for accuracy or to monitor its further use and redisclosure by the requesting agency or person. Since it is not intended to subtract from existing legal safeguards covering such information demands, it is also intended to allow the individual to exercise any existing rights under Federal and State laws and regula- tions to challenge the issuance of administrative or judicial orders. Subsection 201 (h). Provides that no person may condition the grant- ing or withholding of any right, privilege, or benefit, or make as a con- dition of employment the securing by any individual of any informa- tion which may be obtained through the exercise of any right secured under the provisions of section 201. It reflects the committee's inten- tion to protect the data subject from coercion by Government agencies or private businesses and organizations who may condition rights, privileges, benefits or considerations otherwise due the person equally with all other citizens upon the obtaining of a personal file or data. This subsection reflects the concerns of administration and agency spokesmen who feared that opening up the individual's personal files which have been protected from disclosure to that person or to others in society would subject the person to all kinds of demands for medi- cal and other personal records. Since the committee's intent is to make certain inroads into the well-meaning paternalism of Federal agencies so that an individual may be advised what information the agency is collecting or holding, this subsection provides a right against such coercion which is enforceable in the Federal District Court in a civil action pursuant to section 303(c). This subsection is not intended to prevent an individual from seeking and obtaining rights under section 201, but is designed to provide a legal remedy for what are believed to be unreasonable and coercive pressures on that person sufficient to state a cause of action before a Federal judge. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25: CIA-RDP76M00527R000700130032-5 68 DISCLOSURE OF INFORMATION Subsection 202(a). Provides that no Federal agercy shall disclose, transfer or disseminate personal files and information to any person, agency or private organization unless certain conditions are m.et. In conjunction with subsection 201(a) (3), this section is intended to pro- mote the informed consent of the individual to the uses to which government puts the personal data it collects or creates. It is thus, expected to exert some check on excessive or illegal reach of govern- mental power ove.? the individual, and on illegal or inadvertent central- ization of investigative programs and linkage of data Federal banks with those in the State and local governments and the private sector. By allowing the individual to know where the data is flowing, the provision should also assist in preventing the illegal or improper use of data by agency officials and employees who have no business with the file or information. Subsection 202(a) (1). Requires the agency to make written request to the individual and obtain his or her written consent. Compliance with this safeguard may be at the time of initial collection. Subsection 202(a) (2). Requires the agency to make no such dis- semination unles.3 the recipient of the information has adopted rules in conformisy with the Act for maintaining the security of its information systems and files and the confidentiality of the informa- tion. This mandate, similar to recommendations of several reports and commentators, is to assure continuance upon transfer to another agency or to a governmental or private organization for a Federal purpose, of the protection to which the information is entitled be- cause of the original understanding with the citizen or the origi- nating agency or organization. It is intended to apply to transfer of a particular file of any individual as well as to the transfer of mass data from one automated information system to another, and to the linkage of information systems. If the formal or informal security procedures of the receiving agency clearly or impliedly would allow the data to be used in ways not intended by the individual and not advanced by the agency in its dealings with the person, then no transfer could be made. This would also apply to intergovernmental data-sharing such as transfer of internal revenue files to State and local governments Without assuring proper protection for the con- fidentiality of the data. While the original bill and the IIEW Report envisioned an agency's. determining "substantial" assurance of observance by the other agency of such protections, the Committee was told by computer experts and agency representatives that it would be difficult for one agency to en- force such conditions within another agency. Thus, the subsection requires the agency to look to published rules for its judgment on the wisdom of transfer, but anticipates that compliance with the subsection. would usually result in creation of interagency negotiations and a record of formal agreement for the conditions of transfer and for pro- tection of the data, in the receiving agency. Subsection 202(a) (3). Prohibits dissemination unless the information is to be used only for the purposes set forth by the sender or by the recipient pursuant to the requirements for notice tinder subsection Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 69 201(c). Again, the same considerations of enforcement and privacy guarantees applicable to the previous subsection apply to this one. The agency transferring is expected, at the minimum, to protect the individual and the public interest by assuring that the uses for which the now agency or user states that it wishes the data are consistent with those for which formal notice has been given by either the transferring agency or the receiving agency or user. Additional guarantees beyond those of this section may be pursued, and, indeed, are encouraged. The Committee recognizes that some agencies take such further precautions as a matter of course for transfer of personal information. This is particularly true of data transferred pursuant to the Federal personnel security program and Executive orders dealing with classified information. Nothing in this section is intended to reduce the strength of those administrative protections for guarantees of privacy and confidentiality. Executive branch spokesmen and others have advocated that these conditions for interagency and other types of disclosure should be in the alternative. They believe that more consent of the individual may be enough, or that notice to the public at large of the agency's intended use, or mere requirement of administrative and technical protections for the information, would each alone be sufficient as the general rule governing transfer of personal data. The Committee has disagreed with this approach in the belief that there may be an aura of compul- sion or possible threat of intimidation, or an apparent unfair induce- ment of the individual attached to a request or requirement to sur- render personal information for one governmental purpose. This may amount to improper Federal pressure to consent to any and all uses to which the agency may put the data, including that attendant upon interagency or intergovernmental transfer. The best way of guarding against this kind of implicit governmental pressure and affording the individual adequate protection is to require all three conditions. In addition, this prevents an agency from merely citing a notice of in- tended "use" as a routine and easy means of justifying transfer or release of information. Administration spokesmen were concerned that this might expand interagency data-swapping. By allowing the agency to cite a "use" disclosed by its published notice, the bill is not intended to broaden dissemination and interagency transfer whore they must be pursuant to or are required or limited by over 150 Federal statutes. Since subsection 201 (a) requires that personal information collected or maintained by the agency be relevant to a statutory purpose, the notice of use and purpose filed with the Commission for the particular information system or data bank will, of necessity, incorporate those statutory uses, and reliance on that notice for transfer authority would represent compliance with subsection 202 (a) (3). The Committee therefore recognizes the great variety of uncoordi- nated ad hoc, and sometimes poorly authorized patterns of data transfer among agencies. This section does not require such transfers and sharing among agencies, nor does it preclude the additional re- quirement of other guarantees for safeguarding the individual as well as the originating agency. It is designed to assure, in the future, that one government agency does not use the personal information given by the individual or by third parties to another agency to make what might be a. detrimental decision affecting qualifications, rights, bene- Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 afforded under existing laws and practices will not be affected by any provisions of this Act. It assures that the General Accounting Office as an am of Congress will be able to continue to meet its information needs for auditing and inspecting agency programs as required by the Budgeting and Accounting Act and other statutes. This subsection therefore provides that the accounting of access and disclosure required in subsection 201(b) (4) and the conditions which subsection 202(a) attaches to disclosure to other persons and to inter-agency transfer shall not be applied when disclosure would be to the Comptroller General or any of his authorized representatives in the course of the performance of the duties of the General Account- ing Office. It affirms that nothing in this Act shall impair access by the Comptroller General or his representatives to records maintained by an agency, including records of personal information, in the course of performance of their duties. This subsection reflects the advice of the Comptroller General that such a provision is needed to protect the existing powers which he exercises on behalf of Congress, but that it will not enhance or detract from such powers. Subsection 22(e). This subsection is designed to provide a general guide for construing the duty imposed on agencies by this section and those imposed by the Federal Reports Act and other statutes to pro- mote efficiency and economy by combining data requests and sharing the results and thus reduce repetitive demands on citizens. It is to reflect the Committee's intent that the requirements of this section are to be interpreted as a mandate to continue enforcement of the duties imposed by other statutes, and that they should not prevent agencies from taking whatever management steps are needed to implement the two goals in drafting their questionnaires and in planning and carrying out their information programs. In addition, it has been included to meet the concerns of Administration spokesmen that the minimum safeguards for interagency disclosure under this section might be interpreted by agencies as an indication that they could relax their efforts to comply with the present restrictions placed on some ex- changes of information between agencies for the purpose of promoting confidentiality of certain kinds of records. The Committee believes that there are a number of administrative devices for assuring observance of the two sets of values in Federal information programs, but we have not attempted to close all of the administrative loopholes which allow violation of confidentiality. Subsection 202'f). Provides an exemption from the written request to the individual prerequisite for disclosure with respect to requests by law enforcement agencies. Obv'ously it would be inappropriate to require a law enforcement agency to get permission of the subject of a criminal history record prior to obtaining a copy from another law enforcement agency. Such a requirement would in effect prohibit the routine exchange of records through the FBI's Identification Division or the National Crime Information Center (NCIC). Like- wise, it might frustrate legitimate criminal investigations if a law enforcement agency were required to get permission from the subject of a file maintained by a non-law enforcement agency before the former agency could gain access. (e.g. FBI access to l tax return). Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/2: CIA-RDP76M00527R000700130032-5 Subsection 202(f). Recognizes both types of law enforcement, dis- closure, or access to files by distinguishing between routine and non- routine exchanges of information with law enforcement agencies. The Committee.assumes that most routine exchanges with law enforcement agencies involve law enforcement records such as rap sheets or criminal histories and is between two law enforcement agencies; and that the less routine disclosure to a law enforcement agency involves a law enforcement agency request of a non-law enforcement agency. There- fore subsection (e) permits law enforcement disclosure in the former circumstance, where there is a program of routine exchange, if there is a formal agreement between the two agencies respecting such ex- change. The subsection permits law enforcement access in the second circumstance, non-routine requests only where written requests and permission are given on. a case-by-case basis by the agency maintaining the record. The Committee is of the view that the agency which maintains the records should assure, via the, written permission or the formal agreement that the recipient has complied with subsection 202(a) (2) and adopted rules on security, confidentiality, and privacy. If the exchange is on a routine basis, the two agencies should adopt a formal agreement between themselves setting out which records will be exchanged, how the records may be used and the privacy, confiden tiality, and security regulations which the recipient agency has adopted. The sanction for failure to comply with the agreement should be interruption of routine exchange by the maintaining agency. This formal agreement concept is based upon the terminal users agreement now used by NCIC and by state and local law enforcement agencies which operate data banks. The Commission and the Attorney General would, of course, have to determine whether an existing terminal agreement adequately meets the requirements of this subsection once this bill is enacted and how that concept will be applied to manual files. Any such agreements would in effect be public documents since they would be incorporated into the public notice given on the infor- mation systems as required by subsection 201(c). Although the Committee believes that public notice and exposure of such routine exchange will act as a check on abuses of such arrange- ments, the committee hopes that routine exchange will be restricted to essential law enforcement records such as rap sheets and that those records will only be exchanged by such agreement between law en- forcement agencies. All other types of access should be via the written request according to the agency procedure. In requiring that the agency rule on each request on it case-by-case basis, it is hoped that secret law enforcement access, that is disclosure without notification to the subject of the file, will only be permitted in the most exigent and essential circumstances. In each such case, the agency must find that such circumstances exist and that the law enforcement agency has described the information requested in sufficient particularly to, meet the requirements of the subsection. The subsection specifically requires that the law enforcement agency set out in its written request of the agency "the particular portion of the information desired and the law enforcement activity for which the information is sought."' Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 74 SECTION 203 EXEMPTIONS Subsection 2ffl..(ck). The Committee believes that it is fundamental to the implementation of any privacy legislation that no system of per- sonal information be,operated or maintained in secret by a Federal agency. The existence and certain characteristics of each system should be a matter of public record, and testimony before the Committee has indicated that this information can be made public without compro- mising critical information used by agencies responsible for the na- tional defense or foreign policy of the country. The potential for serious damage to the national defense or foreign policy could arise if the notice describing any information system included categories or sources of information required by subsection 201(c) (3) (E) or provided individuals access to files maintained about them as required by subsection 201(a). The Committee does not by this legislation intend to jeopardize the collection of intelligence information related to national defense or foreign policy, or open to inspection information classified pursuant to Executive Order 11652 to persons who do not have an appropriate security clearance or need to know. This section is not intended to provide a blanket exemption to all information systems or files maintained by an agency which deal with national defense and foreign policy information. I 'Zany personnel files and other systems may not be subject to security classification or may not cause damage to the national defense or foreign policy simply by permitting the subjects of such files to inspect them and seek changes in their contents under this Act. Ir} order to obtain an exemption from subsection 201(c) (3) (E) or 201(d), it must be shown that the applice,tion of those subsections would damage or impede the purpose for which the information is maintained. Subsection 263(b). Exempts from full compliance with the access and challenge provisions of section 201 and the disclosure provisions of section 202, that information which an agency head determines is in- vestigative information or law enforcement intelligence information. Both terms are precisely defined in the definitions section of the bill contained in Title III. All of,these definitions are based in large part on the criminal jusice privacy bills (S. 2963 and S. 2964) discussed earlier in the section of the report dealing with law enforcement. The effect of this subsection is to require the agency head to de- termine "first what portion, of files maintained rn any information system in his agency or which his agency might fund on the State or local level contains information which falls within the definitions- "Investigative inform ation" or "law enforcement intelligence informa- tion." Investigative information might include information in a file maintained by a legitimate law enforcement agency, defined as an agency which can.make an. arrest for violation of.a Federal or State statute., Investigative Amfor;nation, might also. be maintained by an agency which is xuot a law enforcement agency but which is gathering the information in the course of investigating activity which falls within its regulatory jurisdiction. For example, this section would permit the Chairman of the SEC to exempt from access and challenge files maintained by his agency on individuals whom it is investigating for violation of the SEC laws. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 75 The exemption for intelligence information is restricted for the most part to law enforcement agencies. It was the Committee's view that there were no regulatory or non-law enforcement agencies which had a legitimate right to maintain intelligence files and that therefore none of their investigative files should be exempt from the access, challenge and disclosure provisions via reliance on exemptions for intelligence information. Once the agency head determines that he has information lep'ti- mately in one of his information systems which falls within these definitions then he must, via the rulemaking process, determine that application of the challenge, access and disclosure provisions would "seriously damage or impede the purpose for which the information is maintained". The Committee intends that this public rulemaking process would involve candid discussion of the general type of informa- tion that the agency maintains which it feels. falls within these defini- tions and the reasons why access, challenge or disclosure would "seriously damage" the purpose of the maintenance of the information. The Committee hastens to point out that even if the agency head can legitimately make such a finding he can only exempt the information itself or classes of such information (e.g. all wiretap transcripts mairr- tained at FBI) and not a whole filing system simply because intelli- gence or investigative information is commingled with information and files which should be legitimately subject to the access, challenge and disclosure provisions. The subsection 203 (b) qualifies the exemption from access and disclosure for investigative information in two important respects. First, investigative information may not be exempted under this sec- tion where the information is maintained longer than is necessary to commence criminal prosecution. This qualification recognizes the amendments to the Freedom of Information Act recently adopted by the Senate (the so-called Hart amendment). Second, the subsection states that the Act is not intended to disturb the rules of criminal and civil discovery of investigative files presently permitted by the Federal Rules of Criminal and Civil Discovery and, other State or Federal court rules, administrative regulations or statutes such as the so-called "Jencks" statute (18 USC 3500). Subsection 208 (c) (1). The head of any agency may deterrpine that an information system the or personal information maintained by that agency qualifies for an exemption finder subsection (a) or (b) of this section. To secure the exemption, a notice of proposed rule-making must be published in the Federal Register at least 30 days prior to holding rule-making proceedings and provide a copy of that notice to the Privacy Protection Commission to afford the Commission the opportunity to comment. Where possible, agencies are encouraged to provide up to 60 days' notice of hearings to. Afford. all interested parties an opportunity to comment or appear. The notice of the proposed rule-making shall conform to the re- quirements of sections 553(b), (c) and (c); 556, and 557 of Title 5, United States Code and shall include a specification of the nature and purpose of the system file or.infornuition.to be exempted'as pro- vided by subsection 201.(c) of this Act After the, period of notice, the agency'. shalt give interested Persons an opportunity to participate in the rule-making through submission of written arguments or through oral presentation at a public hearing. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 76 After consideration of the relevant matter presented, the agency shall incorporate in the rules adopted a concise general statement of their basis and, purpose. 3SECTION 204 ARCHIVAL . RECORDS Subsection 20)':(a). Provides for certain applications of the Act to archival records. Federal agency records which are deposited and accepted by the Administrator of General Services for storage, proc- essin and servicing in accordance with section 3103 of title 44 of the United States Code are to be considered as though maintained by the agency which deposited the records and subject to all of the provisions of this Act, where they apply to such agency records. The Administrator of General Services is prohibited from disclosing such records or any information in them, except to the agency which maintains the records or pursuant to the rules established by that agency. Subsection 204(b). Provides that Federal agency records pertaining to identifiable individuals which were transferred to the National Archives of the United States as records which have sufficient histor- ical or other value to warrant their continued preservation by the Federal Government are to be considered to be maintained by the National Archives for the purposes of this Act. Except for the required annual public notice set forth in subsection 201(c),`the only provisions for the act which shall apply to such records are subsections 201(b) (5), requiring the establishment of rules of conduct and appropriate train- ing for employees and 201(b) (6), requiring the establishment of appropriate adimistrative, technical and physical safeguards to pro- tect the confidentiality of personal information. These provisions are, to a large extent, already a part of existing rules of the National Archives and hence should pose no unwarranted administrative bur- den.The Committee finds no reason why the Administrator should not establish rules of conduct and notify the employees and others involved in any phase of the information system or file of the require- ments of the Act concerning the need for respect for the needs of privacy, confidentiality and for security of the system. In addition, there is no valid reason why the Archives should be exempt from the requirement to establish the appropriate safeguards to insure the security of the system. Along with all other agencies, the National Archives is subject to the notice requirements of the bill. Subsection 204(c). Provides that the National Archives shall notify the Commission and give public notice of the existence and character of the personal information systems and files which it maintains for its. own internal uses and for other purposes and cause such notice to be published in the Federal Register. While it realizes the difficulties of describing these precisely, the Committee intends such notice to in- clude at least the information specified by subsection 201(c) (3) (G),. (I) and (J). The Administrator of the General Services Administration testified. against application of the bill to records under GSA control or to those in the National Archives. This is particularly true of the Archives. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 77 records which are generally over 50 years old and are not well orga- nized. The Committee consulted with GSA staff and has learned that records at the Archives are inadequately indexed and involve large volumes of data in more than 20,000 separate filing systems,?-hence the Committee believes that the administrative cost of compliance by the Archives would far outweigh any potential benefits, particularly since records cannot be disclosed by the Archives unless they are at least 50 years old. However, the Committee intends that the Administrator of General Services take special precautions to ensure that records older than 50 years not be disclosed when disclosure is likely to cause dis- creditation or injury to an elderly individual or the living relatives of deceased individuals. In the case of Bureau of the Census records assembled subsequent to the year 1900, disclosure ought to be subject to the approval of the Secretary of Commerce. The Committee believes that this section adequately meets the problems he described in his testimony. It is designed to further the interest of historians and others in preserving the integrity of historical records and in promoting access to them, within the constraints of the needs for individual privacy, for confidentiality and due process of law. Section 205 provides certain general exceptions and clarifies legisla- tive intent. Subsection 205(a). Shows the Committee's intent that the exemptions provided in the Freedom of Information Act to the required dis- closure of Federal information on certain subjects, and that permitted for protection of personal privacy may not be used as authority to deny all individual personal information otherwise available under this Act. Subsection 205(b). Reflects the Committee's intent that the Act does not affect existing requirements to disclose, disseminate, or publish in- formation which an agency is required to collect for the purpose of making such disclosure. This subsection was included at the request of the Securities and Exchange Commission and other regulatory agencies to assure that this Act will not affect their statutory duties to publish information. Subsection 205(c). Exempts from the access and challenge provisions information collected, furnished or used by the Census Bureau for statistical purposes or as authorized by the Federal Census statutes. While statistical records are subject to other safeguards and require- ments of the Act, the Committee believes that the complex statutory and administrative scheme presently governing census and statistical information needs careful legislative review before attempting to apply the provisions for access, challenge and review of such records. The Director of the Census Bureau referred to the millions of statistical records now in existence and the very specific procedures and rigorous safeguards applied to them. The Census Bureau records are not used to make decisions about individuals but are used to furnish to those individuals extracts of otherwise confidential information about them- selves, and their immediate families. Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 78 SECTION 206 MAILING LISTS Subsection 206(a). Prohibits, unless specifically authorized by law, the practice by Federal departments and agencies of selling or renting names and addresses which they acquire during their transactions with individuals or which they obtain through their dealings with other agencies. The Committee believes this provision is consistent with the intent of the bill to prevent disclosures of personal information without consent or specific authority. As discussed in this report the clear difficu.ty in obtaining consent free of the appearance of intimidation and the impossibility of assuring limited use once the data is sold or rented, makes it .advisable to require specific approval by Congress when the agency undertakes to sell or rent this data in bulk. This stipulation should not be construed to require an agency to withhold from the public names and addresses which are otherwise permitted to be made public. The provision is not intended to affect the protection already afforded and the authorized uses now designated for the names and addresses of individual postal customers maintained by the Postal Service to facilitate mail delivery, mail forwarding, and address and mailing list correction services. Present law prohibits the Postal Service from making available to the public any mailing or other list of names and addresses, except as specifically provided by law. Subsection X06 (b). Deals with the disclosure and use of names and addresses by any person, includin businesses and organizations, engaged in interstate commerce, who maintains a mailing list. It requires removal of the, individual's name and address from such list, upon written request of that individual. The bill thus provides a right to individuals which heretofore has been granted by some organiza- tions, and which has been recognized by the Direct Mail Marketing Association as a desirable standard for organizations which use mailing lists. This provision does not attempt to regulate the maintenance of files and personal records of State and local governments, or of organi- zations or their use of names and address for communicating with customers, clients and others with whom they have commercial transactions or official business. TITLE III-MISCELLANEOUS Section 301 Section 301 contains the definitions applicable to the bill. The Committee has used the term "personal information" through- out the bill to mean any information about the individual that identifies or describes any characteristic including but not limited to education, financial transactions, medical history, criminal or em- P loyment record, or any personal information that affords a basis or inferring personal characteristics such as finger and voice prints, photographs, or things done by or to such individual. Such definition Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/2 5: CIA-RDP76M00527R000700130032-5 includes the record or present registration, or membership in an organization or activity, or admission to an institution. It is intended to include within these terms any symbol, number, such as a social security number or character, address, by which the individual is indexed in a file or retrievable from it. The reference to personal characteristics does not exclude a file that contains only names and is headed by a general label for a category of records. If the heading or the nature of the file represents a judgment on the individual or a subjective view, then that file would be subject to the bill. A file headed "security risks" or one labeled "malingerers," or one coded for people to be dismissed at the earliest opportunity, even if the file only contained names, would be covered. This could, for instance, include a list of people who do not buy bonds, or do not contribute to charitable causes. Thus it could cover a list which contained names only but which, by its nature, conveyed something detrimental or threatening to the reputation, rights, benefits or priv- ileges or qualification of the individual simply by reason of being listed on it. There are many data banks and files with names main- tained strictly for housekeeping purposes, and it is expected that the Commission model guidelines will make some distinctions for the degrees of sensitivity of such files, and will allow for the development of special treatment for files where the potential for abuse and harm is very great, and those for housekeeping purposes such as who works on a holiday or who has it parking space. The term "individual" means a citizen of the United States or an alien ].awfully admitted through permanent residence. This term is used instead of the term "person" throughout the bill in order to distinguish between the rights which are given to the citizen as an individual under this Act and the rights of proprietorships, businesses and corporations which are not intended to be covered by this Act. This distinction was to insure that the bill leaves untouched the Federal Government's information activities for such purposes as economic regulations. This definition was also included to exempt the coverage of the bill intelligence files and data banks devoted. solely to foreign nationals or maintained by the State Department, the Central Intelligence Agency and other agencies for the purpose of dealing with nonresident aliens a,nd peo le in other countries. The term "information system" was aopted to indicate the applica- tion of the bill to all of the components and operations whether automated or manual or otherwise maintained, by which personal information, including the name or identifier, is collected, stored, processed, handled or disseminated by an agency. Rather than focus on a single record or subject file, the Committee has adopted an approach focused on the total information system which includes all phases of information collection, storage, handling, processing, dessimination and transfer. It includes records which are computerized, mechanized, microfilmed and photographed. The bill thus is directed to the overall programs and policies of executive branch departments and agencies including the design, development, and management of an information system, as well as to the mainte- nance of one particular file on an individual, or the atliering of informa- tion on one data subject. With such a definition, the duties and responsibilities imposed by the bill apply to administrators, computer Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5  Approved For Release 2001/08/25 : CIA-RDP76M00527R000700130032-5 80 programmers and all manner of employees including technicians, clerks, guards. Given the broad scope of the bill, an alternative use of the. term `.`system of record" would create confusion as to its possible application to such things as inventories and extraneous matters. The use of the terms "information system" and "files" allows for distinctions where needed for the application of certain standards to an'entire information system of an agency, department, or establish- ment, including its bureaus, offices, employees, and equipment, and for the application of them to a particular file, that is, a series of records, on a particular subject. The terms "file" and "data bank" in public usage are frequently interchangeable. Under this bill, "file" may mean an individual record or a series of records containing personal information about individuals which may be maintained within an information system. "Data bank" means a collection of files pertaining to individuals. Used in the bill, it connotes a recognizable entity for management purposes, specifically located within an agency or organization or to one of its components; it means a collection of files usually contributed to by different users and available to them according to a plan of access. The term "Federal agency" means any department, agency, instru- mentality, or establishment in the executive branch of the Govern- ment of the United States. The definition includes any officer or employee of ar. agency-. In addition to the general purpose of this provision to define the application of the Act, it is also intended that the definition assist in placing the responsibility for intra-agency handling of information on the head of the department or agency. The term "investigttive information" has a special and narrow mean- ing under this mill. It has been discussed at length in the section of the report entitled "Law- Enforcement Files". It means information associated with an identifiable individual compiled by- (1) an agency in the course of conducting a criminal investi- gation of ra specific criminal act where such investigation is pursuant to a statutory function of the agency. Such information may pertai:a to that criminal act and be derived from reports of informants and investigators, or from any type of surveillance. The term does not include criminal history information nor does it include initial reports filed by a law enforcement agency de- scribing a spe-iific incident, indexed chronologically and expressly required by State or Federal statute to be made public; and (2) by an agency with regulatory jurisdiction which is not a law enforcement agency in the course of conducting an investi- gation of specific activity which falls within the agency's regula- tory jurisdiction. For the purposes of this para