It's a living legal community making laws accessible and interactive. Click Here to get Started »
Privacy Act of 1974
The Privacy Act of 1974 (5 U.S.C.A. 552a) is a federal law that places restrictions on the federal government's collection, use, and dissemination of personal information. As with most comprehensive federal statutes, the act provides general and specific exemptions as well as an administrative appeals process.
The genesis of the Privacy Act can be traced back to 1965, when a congressional subcommittee examined privacy issues. Between 1965 and 1974, other congressional committees held hearings and issued reports on how individual privacy rights were affected by the growth of national data banks and the emergence of electronic data collection and storage. An important catalyst for the legislation was a Department of Health, Education, and Welfare report on government records and computers. The report proposed a "Code of Fair Information Practices" to be followed by all federal agencies and urged the adoption of five core principles: (1) the government should not maintain any secret records; (2) individuals must be able to see what personal information about them is stored and how it is used; (3) individuals must provide prior written consent before personal information collected for one purpose can be used for a different purpose; (4) individuals must be allowed to fix or clarify personal information about them; and (5) organizations that store or use personal data must be responsible for the information's veracity and must attempt to prevent its misuse.
Congress incorporated these principles into the Privacy Act, which applies to the executive branch of the federal government. The executive branch encompasses administrative agencies, government corporations, and government-controlled corporations. The act does not apply to records kept by state and local governments or by private companies or organizations. Only U.S. citizens and lawfully admitted aliens are given rights under the act. Accordingly, nonresident foreign nationals may not invoke the provisions of the act.
Generally, the only materials that are subject to the act are those that are maintained in a system of records. The act defines "records" to include most personal information kept by an agency about an individual. A record contains individually identifiable information, such as data on a person's education, medical history, criminal history, employment history, or financial transactions. A "system of records" is a group of records from which information can be retrieved by name, Social Security number, or any other identifying symbol linked to an individual. Most personal information that is kept in federal government files is subject to the Privacy Act. Therefore, the government may not, for example, share medical-history information from a Medicare recipient with another government agency without first obtaining the individual's written consent.
The Privacy Act gives the government the authority to withhold records from individuals if important government interests are at stake. The government may deny access based on national security or law enforcement concerns. There are two general exemptions: one that applies to all records maintained by the Central Intelligence Agency (CIA), and another that applies to federal criminal law enforcement agencies. The statute also lists seven specific exemptions that include Secret Service records involving the protection of the president, information used solely for statistical records, and various national security and law enforcement records.
Individuals who are denied access to their records may file an administrative appeal with the agency withholding the information. When a request for access is denied, the agency must explain the reason for the denial and must cite the specific statutory exemption. Individuals who can access their records, but who dispute the accuracy of the information, have the right to request a correction. The agency must acknowledge receipt of the request and must promptly make a determination whether or not to correct the record. If the agency denies the request, the individual may file an administrative appeal. If that appeal is denied, the individual has the right to judicial review by suing the agency in federal court. A lawsuit must be filed within two years from the date of the final agency denial.
Brin, David. 1999. The Transparent Society: Will Technology Force Us to Choose Between Privacy and Freedom? New York: Perseus Publishing.
Rosen, Jeffrey. 2001. The Unwanted Gaze: The Destruction of Privacy in America. New York: Knopf.
Whitaker, Reginald. 2000. The End of Privacy: How Total Surveillance Is Becoming a Reality. New York: New Press.