Our work aims to research right of privacy, the Privacy Act, and relationship between Privacy Act and First Amendment. At first we should say that the public’s right to know is limited, then, by the right to define one’s own identity and choose one’s relationships, without governmental interference. An individual therefore has an interest in the initial collection of information, the accuracy of the information, and the uses that the government makes of the information, as well as the extent to which the government reveals the information. Attitudes to privacy differ among cultures. Many dictatorships evince little regard for human rights. In European countries, people tend to accept the advantages of governments’ acquiring personal details about individuals and resent such information coming into the hands of commercial enterprises; in the United States, however, there is more resistance to the notion of governmental intrusion into private lives and relatively less concern about private-sector exploitation of personal information (Varney, 1996).
So Congress adopted the Privacy Act. This act mandated that U. S. federal information systems protect the confidentiality of individually identifiable health information. Federal systems are obliged to establish appropriate administrative, technical, and physical safeguards to ensure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity that could result in substantial harm, embarrassment, inconvenience, or unfairnes to any individual on whom information is maintained (Health Care Financing Administration, 1998). The Privacy Act was followed by the Right to Financial Privacy Act (1974), the Privacy Protection Act (1980), the Electronic Communications Privacy Act (1986), the Video Privacy Protection Act (1988), and, more recently, the Telephone Consumer Protection Act (1991), the Telecommunications Act (1996), the Health Insurance Portability and Accountability Act, commonly called “HIPPA” (Center for Medicare and Medicaid Services, 1996), and the Children’s Online Privacy Protection Act (1998).
The right of privacy is asserted to prevent any interference with an individual’s right to be left alone. There are four different types of invasions of privacy: intrusion upon a person’s seclusion or solitude or into his private affairs; public disclosure of embarrassing private facts about a person; publicity that places a person in a false light in the public eye; and appropriation of a person’s name or likeness for commercial or similar use (Prosser, 804-815). The government can define a person’s public identity by disseminating information that it has acquired legitimately or by compelling public disclosure of information in the individual’s possession. Short of catching the government in the act, the only way to learn of government surveillance is to obtain direct evidence-documents or official testimony–of the government’s activities. The usual ways to obtain documents of federal activities, such as those of the FBI, are through the Freedom of Information Act (FOIA) and the Privacy Act. These laws require all agencies of the government to provide information they have pertaining to the request. FOIA and Privacy Act requests are usually handled by separate offices within the agency set up specifically to deal with such requests. The FBI, for example, has a Freedom of Information-Privacy Acts section that handles all such requests. A FOIA correspondence to the FBI should not be disseminated to the FBI investigation sections, and FBI investigations should not have access to FOIA requests. Any “person” can request their own files from any executive branch “agency.” “Person” under the FOIA includes U.S. citizens, permanent resident aliens, foreign nationals, as well as corporations, unincorporated associations, universities, and even state and local governments and members of Congress. The Privacy Act applies only to individuals who are U.S. persons.
The Constitution does not specifically address the right of privacy nor the control of information.
Unlike the U.S. Constitution, a few state constitutions have an explicit provision protecting the right of privacy. Some state courts have interpreted the search and seizure provisions in their constitutions as providing more privacy protection than the same or similar provision in the U.S. Constitution (Elison and Nettik, 8). Most states have freedom of information laws affording similar access to state and local government files. Some states have constitutional or statutory provisions granting general privacy rights. Most states have freedom of information statutes that contain a privacy exemption similar to the privacy exemption in the Freedom of Information Act. In some instances, these privacy exemptions act as “an adjunct to separate privacy legislation.” About ten states have privacy laws similar to but not as comprehensive as the Privacy Act. However, all states have a number of specific laws that grant or restrict access to certain information. The states are most likely to restrict access to information and records such as financial information, criminal history records, juvenile records, education records, health information, insurance records, employment relationship, and adoption records. Finally, all states require that court files and records in adoption proceedings be kept confidential.
A fair amount of confusion abounds about the terms privacy and confidentiality.
Privacy. According to the U. S. General Accounting Office (1999), privacy is “the specific right of an individual to control the collection, use, and disclosure of personal information” (p. 4). Consumers may not be sufficiently aware of what they should protect from whom, and why. Before involving a client in personal therapy using psychotechnologies, a professional should obtain informed consent that covers privacy and confidentiality.
Confidentiality. “Confidentiality is the right of an individual to not have personally identifiable medical or other information disclosed to others without that individual’s express informed consent” (Winker et al., n.d. ). Confidentiality can be seen as the tool for protecting privacy (National Telecommunications and Information Administration, 1997). A client’s informed consent can authorize relaxation of confidentiality for specific information. HIPPA has many provisions under which information of various degrees of sensitivity may or must be released even without the patient’s consent. A 1997 report to the U. S. President from the Advisory Commission on Consumer Protection and Quality in the Health Care Industry recognized the need for consumer protections. In 1997, the U. S. Congress passed the Balanced Budget Act (Public Law 105–34), which added language to the Social Security Act. Congress and state legislatures have recognized the importance of the right of privacy by passing laws regulating the collection, maintenance, use, and disclosure of individual’s records. Congress has adopted the Privacy Act of 1974. Congress has passed many other laws dealing with privacy that are not discussed. These include Family Education Rights and Privacy Act of 1974, Fair Credit Reporting Act, Right to Financial Privacy Act of 1978, Tax Reform Act of 1976, and Cable Communications Policy Act of 1984.
The Privacy Act of 1974 (Privacy Act) was passed by Congress to regulate the government’s use of large volumes of personal information. Some misuses and abuses of information by military, intelligence, and law enforcement agencies in their surveillance of citizens and the Watergate scandal spurred the passage of the law. The Privacy Act allows individuals to discover what records the federal agencies have about them; to stop the use and disclosure of those records in certain circumstances; and to review and correct such records. The act also sets forth certain procedures to be followed in the collection and maintenance of information. However, certain agencies and certain types of records are exempt from the provisions of the act. The act also sets forth certain procedures to be followed in the collection and maintenance of information. However, certain agencies and certain types of records are exempt from the provisions of the act.
The main provision of the Privacy Act states, “No agency shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains (5 U.S.C. § 552a(b)). ” Basically the law prohibits disclosure of any record covered by the act to any person other than the subject individual unless the individual consents. The act, however, lists twelve exceptions in which records could be disclosed without the consent of the subject. The Privacy Act must also be read with reference to its definition section. The definition of agency is identical to that used in the Freedom of Information Act and includes any executive department, military department, government corporation or controlled corporation, other establishment in the executive branch of government (including the executive office of the president), or any independent regulatory agency. A record means “any item, collection, or grouping of information about an individual that is maintained by an agency (5 U.S.C. § 552a(a)(4)). ” Perhaps the most significant definition is that of a system of records, which is “any group of records under the control of any agency from which information is retrieved by the name of the individual or by some identifying number, symbol, or other identifying particular assigned to the individual (5 U.S.C. § 552a(a)(5)). Presumably, the real threat to an individual’s privacy interests occurs when the computer is fed a particular individual’s name and can collect and retrieve all the information in the system about that person. Thus, it has been held that there is no prohibited disclosure if the disclosure originates from a source other than the record contained in a system of records. In addition to these persons, agencies, and entities, which may receive information from a system of records without the subject individual’s consent, the Privacy Act provides that some systems of records may be exempt from certain of the act’s requirements. An individual may disclose personal information to an agency either because an act of Congress mandates such disclosure or because the agency has otherwise requested such information. Unless disclosure has been made mandatory, an agency cannot collect personal information from individuals without securing the individuals’ informed, express consent.
We should also relationship between the Privacy Act and the First Amendment. The First Amendment in and of itself does not bar intelligence investigations aimed at combatting terrorism or other violations of federal law. The Privacy Act of 1974 prohibits the government from maintaining files on persons of activities protected by the First Amendment. The First Amendment does not immunize individuals or organizations from legitimate criminal investigation. If the government has the requisite indication that individuals or groups are engaging in criminal activity, it can investigate them even if they are also engaged in First Amendment activities. The Privacy Act prohibits the government from maintaining files on persons engaged in activities protected by the First Amendment. Also under the Privacy Act, the government cannot maintain files on activities protected by the First Amendment. Congress has given the FBI certain “national security” exemptions from the standard requirement of a court order for obtaining financial or electronic communications information on Americans. For example, the Right to Financial Privacy Act and the Electronic Communications Privacy Act (ECPA), which prevent access to financial records or records of telephone calls or of electronic communications without a warrant, give the FBI authority to obtain such records simply by making a written request to a bank or communications common carrier for such information.
In the fall of 1989 the FBI admitted that it does a routine “name check” on anyone who writes a letter to the FBI director or other high level official. The FBI did similar checks on at least 266 persons who were involved in opposing the FBI’s use of librarians to monitor high tech spying activity (known as the Library Awareness Program) to see if they were part of a Soviet plot to undermine the FBI (Johnston, A1). The FBI’s practice of inquiring about and keeping records on persons who write letters or criticize FBI policy violates section (e)(7) of the Privacy Act and the First Amendment. Section (e)(7) of the Privacy Act states explicitly that no agency of the federal government can keep any “record describing how any individual exercises rights guaranteed by the First Amendment unless expressly authorized by statute or by the individual about whom the record is maintained or unless pertinent to and within the scope of an authorized law enforcement activity” (5 U.S.C. § 552a(e)(7)). This law embodies the principle that the government may not investigate or keep records on political activity for its own sake. The exception in section (e)(7) for “an authorized law enforcement activity” allows the FBI to maintain files on persons and groups involved in First Amendment activities, so long as the information pertains to some legitimate law enforcement purpose. ” For example, as a way of preventing crime before it happens, police agencies keep files on groups and individuals whom they feel might pose a threat based on the political activities of those groups, to which they can refer when a potentially threatening occasion arises. However, in 1987 the FBI did agree to a legal stipulation (which does not have the same force as a final court order) requiring that it transfer from the FBI to the National Archives and place under a five-year seal the complete files and records pertaining to a group who brought a case under the Privacy Act (Wilkinson, No. CV 80-1048-AWT).
The FBI will search public records in much the same fashion as it does its own records. Public records include newspapers, books, print and electronic media, phone directories, title registries, and the like. To the extent that any person is allowed to look at these records, the FBI is no less entitled. The only issue, then, is not whether the FBI can look at them, but for what purpose it is looking at them. Under section (e)(7) of the Privacy Act, the FBI could not keep public records in its files solely for the purpose of monitoring the exercise of “rights guaranteed by the First Amendment.” A judicial warrant is now required by law to obtain either a pen register or a trapand-trace (18 U.S.C. § 3121). A warrant is not necessarily required for pen registers and trap-and-trace devices in foreign counterintelligence and international terrorism investigations. Federal law has created certain national security exceptions from the standard warrant requirement when investigating financial or electronic storage information of Americans; these also require the attorney general’s approval. For example, the Right to Financial Privacy Act (RFPA) and the Electronic Communications Privacy Act (ECPA), which prevent access to financial records or interception of electronic communications without a warrant, give the FBI a blanket exception to the warrant requirement for such information in national security cases. The Privacy Act also contains a provision stating federal agencies shall “maintain no record describing how any individual exercises rights guaranteed by the First Amendment unless expressly authorized by statute or by the individual about whom the record is maintained or unless pertinent to and within the scope of an authorized law enforcement activity” (5 U.S.C. § 552a (e)(7)).
In the research paper we analyzed right of privacy, the Privacy Act, relationship between the Privacy Act, and specifics of national security. Finally, two observations can be made with regard to the relationship between the Privacy Act and the Freedom of Information Act. First, the Privacy Act is not an Exemption 3 statute of the Freedom of Information Act. Thus, if individuals cannot gain access to records relating to themselves under the Privacy Act because of an exemption, they might still obtain release of those same records under the Freedom of Information Act. 258 Second, if person requests information under the Freedom of Information Act that relates to an individual and release of the information is required because the information does not fall within one of the act’s nine exemptions from mandatory disclosure, the Privacy Act will not prevent disclosure. The Privacy Act mandates that each agency must separately publish in the Federal Register, at least annually, a notice of the existence and character of its systems of records. An individual may then request access to those records contained in a system of records. The agency must either allow the individual to review and copy the records or deny access on the grounds that the agency has properly exempted the records from access, that the records were gathered in reasonable anticipation of litigation, or that the records are archival records. Individuals denied access may appeal the agency’s decision. The act provides both civil remedies to enforce these rights and criminal penalties under certain circumstances. The Privacy Act contains a few provisions that attempt to limit the material that the federal government can request of an individual. An agency cannot maintain a record describing how any individual exercises rights guaranteed by the First Amendment unless expressly authorized by statute or by the individual about whom the record is maintained or unless pertinent to and within the scope of an authorized law enforcement activity. An agency cannot maintain information in its records unless the information is relevant and necessary to accomplish a purpose of the agency required to be accomplished by statute or by executive order of the president. The act specifically requires that the information collected be accurate, relevant, timely, and complete “as is reasonably necessary to assure fairness to the individual.” Finally, agencies must collect information to the greatest extent practicable directly from the subject individual when the information may result in adverse determinations about an individual’s rights, benefits, and privileges under federal programs.
Johnston, D. “Documents Disclose FBI Investigations of Some Librarians,” New York Times, November 7, 1989: Al.
Elison, L. and Nettik Simmons, D.”The Right of Privacy”, 48 Montana Law Review 1, 8, 1987.
“HCFA Internet security policy.” Health Care Financing Administration. 1998, November 24. Retrieved March 5, 2002, < http://www.hcfa.gov/security/isecplcy.htm
“Medical records/privacy: Access needed for health research, but oversight of privacy protections is limited” (Publication No. B-280657). U. S. General Accounting Office. 1999, February 24. Retrieved May 5, 2000, < http://frwebgate.access.gpo.gov
Prosser, W. Handbook of Torts. New York, 1971.
“Telemedicine report to Congress.” National Telecommunications and Information Administration. 1997, January 31. Retrieved August 30, 2001, <http://www.ntia.doc.gov/reports/telemed
Varney, C. A. Consumer privacy in the Information Age: A view from the United States. (1996). Retrieved April 16, 2003, < http://www.ftc.gov/speeches/vamey/priv&ame.htm
Wilkinson, V. F.B.I., No. CV 80-1048-AWT, Cent. Dist. CA., March 19, 1987.
Winker, M. A., Flanagin, A., Chi-Lum, B., White, J., Andrews, K., Kennett, R. L., DeAngelis, C. D., & Musacchio, R. A. Guidelines for medical and health information sites on the Internet. 2003, July 25. Retrieved November 20, 2003, < http://www.ama-assn.org/ama/pub/category/1905.html
5 U.S.C. § 552a (e)(7), 1988.
5 U.S.C. § 552a(e)(7) ( 1988).
5 U.S.C. § 552a(b) 1988
5 U.S.C. § 552a(a)(4) 1988
5 U.S.C. § 552a(a)(5) 1988
18 U.S.C. § 3121 et seq. (1988)