In all societies men . . . have lived in the interstices of their
institutions. They have counted on the mercy of error, ignorance and
forgetfulness in their dealings with their fellows and the state. They have
often been wrong in so doing-morally and/or factually. But in a world of
computers this mercy may not long exist. All our failings and achievements, our
credit-worth and our petty delinquencies, our obedience and our defiance, can
live in the constant present of the machine.
Donald G. MacRae,
"Introduction" to Spencer's The Man Versus the State. (Baltimore:
Penguin Books), 1969.
IX Action Agenda for the Secretary of Health,
Education, and Welfare
The charter directs us to specify the steps that must be taken to put
our recommendations into effect. We have done so in this chapter. For each
action outlined below, the chapter and pages of the report where the
corresponding recommendation is discussed are indicated.
We have made a number of recommendations that require the submission of
legislative proposals to the Congress as follows.
- To establish a code of fair information practice for all automated
personal data systems maintained by agencies of the Federal government or by
organizations within reach of the authority of the Federal government. The code
should embody safeguard requirements for both administrative systems and
systems used exclusively for statistical reporting and research, and should
provide injunctive relief as well as civil and penal sanctions for violation of
the code [Ch. IV, pp. 50, 53-64; Ch. V, pp. 86-87; Ch. VI, pp. 97-102] .
- To establish protection against compulsory disclosure through legal
process for identifiable personal data used exclusively for statistical
reporting and research [Ch. VI, pp. 102-106]:
- To amend the Freedom of Information Act to require that an agency
obtain the consent of an individual before disclosing data about him in
identifiable form [Ch. IV, pp. 64-66] .
- To protect individuals against unauthorized use of the Social
Security number by providing that:
- (i) an individual shall have the right not to disclose his
Social Security number unless specifically required to do so by Federal statute
[Ch. VIII, pp. 125-126] ;
- (ii) any oral or written request made to an individual for his
Social Security number shall be accompanied by a clear statement of the legal
basis for the request [Ch. VIII, pp. 125-126 ] ;.
- (iii) an individual shall have a right to redress if his lawful
refusal to disclose his Social Security number results in the denial of a
benefit, or the threat of such denial [Ch. VIII, pp. 125-126] ;
- (iv) any organization or person required by Federal law to
obtain and record the Social Security number of an individual shall be
prohibited from using or disclosing it without the individual's informed
consent, except as may be necessary to the Federal purposes for which the
number was obtained and recorded [Ch. VIII, pp. 130-132] .
- To prohibit any person or organization from using any Social Security
number, or any number represented as a Social Security number, for promotional
or commercial purposes [Ch. VIII, pp. 134-135].
- To amend Section 609 (a) of the Fair Credit Reporting Act
- (i) to give an individual the right to inspect personally the
records that any consumer-reporting agency maintains about him, and to copy
their contents or have copies made [Ch. IV, pp. 66-70];
- (ii) to delete the exceptions from disclosure to an individual
now permitted for medical information and sources of information used in
investigative consumer reports [Ch. IV, pp. 70-71 ] .
Action by the Secretary to initiate these legislative proposals should
be taken in concert with the Attorney General, the Secretary of the Treasury,
and the Chairman of the Federal Trade Commission, as appropriate.
Many of our recommendations can be implemented by the issuance of
regulations or administrative guidelines.
Regulations should be issued:
- To make applicable all the safeguard requirements for automated
personal data systems to all systems within the Department [Ch. IV, pp. 50-64;
Ch.V, pp.85-87; Ch. VI, pp. 95-102] .
- To make applicable all the safeguard requirements for automated
personal data systems to all systems that can be reached through grant,
contract, or other relations with the Department [Ch. IV, p. 50; Ch. V, p. 86;
Ch. VI, p. 96] .
- To amend the Department's regulation under the Freedom of
Information Act to provide that the consent of an individual shall be obtained
before disclosing any data about him in identifiable form [Ch. IV, pp.
Administrative guidelines should be issued:
- Establishing procedures for rigorous and thorough evaluation of
- (i) any proposal to create or expand any automated personal data
system within the Department (Ch. IV, pp. 5152 ] ;
- (ii) any proposal to use administrative personal data for
statistical reporting or research [Ch. V, pp. 82-86] ; and
- (iii) any proposal that would tend to require the creation or
expansion of an automated personal data system outside the Department in
response to requirements or needs of programs and activities of the Department
[Ch. IV, p. 521.
- Requiring that a regulation, with notice of proposed rule making, be
issued by the Department before taking any action that would tend to require a
State, locality, or other grantee to create or expand an automated personal
data system [Ch. IV, p. 52].
- Providing for the publication annually of a compilation of the public
notices of all automated personal data systems maintained within the Department
[Ch. IV, pp. 57-58; Ch. VI, pp. 99-101 ] .
- Directing the Social Security Administration:
- (i) to undertake a positive program to issue Social Security numbers
to ninth-grade students in schools, provided (a) that no school system be
induced to cooperate in such a program contrary to its preference; and (b) that
any person shall have the right to refuse to be issued a Social Security number
in connection with such a program [Ch. VIII, 127-1281;
- (ii) to undertake no positive program of issuing Social Security
numbers to children below the ninth-grade level [Ch. VIII, p. 1281;
- (iii) to limit affirmative measures taken to issue Social Security
numbers pursuant to subparagraph (B) (i) (II) of Section 205 (c) (2) of the
Social Security Act, as amended by Section 137 of Public Law 92-603, to
applicants for or recipients of public assistance benefits supported from
Federal funds under the Social Security Act [Ch. VIII, pp. 128-130] ;
- (iv) to provide SSN services only to organizations or persons
required by Federal law to obtain or record the Social Security number, and
then only as necessary to fulfill the
- (v) to monitor all future legislative proposals dealing with the
Social Security number and to recommend actions to be taken by the Secretary to
assure that such proposals will be enacted only after full and careful
consideration in well advertised hearings that elicit substantial public
participation [Ch. VIII, pp. 129-130].
In addition to the steps necessary to put our recommendations into
effect, there are some further steps the Department can take to assure that the
goals of the recommendations are fully achieved. These include:
- Communicating opposition to any proposal for the adoption of any
nationwide, standard, personal identification format, with or without the SSN,
that would enhance the likelihood of arbitrary or uncontrolled linkage of
records about people, particularly between government or government-supported
automated personal data systems;
- Making comments on proposed Federal legislation having implications
for personal privacy in record keeping which will seek to assure incorporation
in such legislation of safeguard requirements of the kind recommended in this
report for all automated personal data systems;
- Encouraging attention in all forms of educational activity to the
individual citizen's stake in his personal privacy, to the practical exercise
of his rights with respect to the records maintained about him, and to the
social impact of computerbased record-keeping systems;
- Supporting research on the use and impact of computerbased
record-keeping systems in such areas as education, health services delivery,
public assistance, juvenile delinquency prevention, and community mental
- .Encouraging the development of standards of ethical behavior and
professional competence for data-processing personnel;
- Enhancing the capacity of the Federal government to design and
develop computer-based record-keeping systems without reliance on outside
- Monitoring the application of the safeguard requirements to
determine whether they are having their intended effect and, most important,
whether they are themselves a source of any adverse social consequences;
- Cooperating with the States in developing uniform State legislation
to establish the recommended code of fair information practice for all
automated personal data systems that would not be reached by Federal
legislation. Among the organizations through which such cooperation might be
undertaken are the National Conference of Commissioners on Uniform State Laws,
the Advisory Commission on Intergovernmental Relations, the Council of State
Governments, the National Governors Conference, the National Legislative
Conference, and the National Conference of State Legislative Leaders.
- Urging the Office of Management and Budget to direct all Federal
agencies to require their grantees and contractors to operate automated
personal data systems with all the safeguards we recommend for systems
supported by the Department. In the interest of convenience and simplicity for
grantees and contractors, the Office of Management and Budget might prescribe
government-wide grant and contract conditions incorporating the safeguard
requirements we recommend, just as it now prescribes conditions in such areas
as intergovernmental planning and financial management. While such action may
not be feasible until there has been some experience in applying the safeguard
requirements, we would expect to see the Department take a lead role in
promoting uniform, government-wide safeguard requirements for automated
personal data systems of Federal grantees and contractors.
Responsibility for taking the actions necessary to implement our
recommendations will have to be assigned to many officials of the Department
who are already burdened with other duties. They will need guidance and
assistance. The Secretary will need to designate someone who can devote
substantial time and effort to assuring that these actions are taken in a
timely and effective fashion. Therefore, an official in the Office of the
Secretary should be given responsibility to serve as a combination advisor,
monitor, and catalyst to assure that the concerns addressed in this report
receive continuing attention, and specifically, to assure that automated
personal data systems within the Department, and within grantee and contractor
agencies, are operated in accordance with the safeguards we recommend. This
official should have adequate authority, staff, and support to conduct these
This official should be directed to embark on a positive program of
heightening concern within the Department for the issues raised in this report.
This program should reach to all who now do, or are apt in the future, to use,
direct, or contribute to the use or development of automated personal data
systems, at all Civil Service grade levels and in all operating agencies.
We expect that the Secretary may wish to have the report reviewed by
many key officials of the Department, including the heads of each of the
Department's operating agencies. Following such a review, a detailed plan to
carry out the foregoing action agenda will have to be formulated.
Once such a plan has been adopted, responsibility will have to be
assigned to someone to oversee its execution. To start this process we
recommend that the Secretary:
- Assign responsibility for distributing the report for review to the
Executive Secretary of the Department; and
- Assign responsibility for preparing a detailed plan to carry out the
action agenda to an official in the Office of the Secretary.
Table of Contents