Records, Computers and the Rights of Citizens: Report of the HEW Advisory Committee on Automated Personal Data Systems

Table of Contents

Transmittal Letter to Secretary

FOREWORD by Secretary Caspar W. Weinberger

PREFACE

COMMITTEE MEMBERS

SUMMARY AND RECOMMENDATIONS

I. RECORDS AND RECORD KEEPERS
Historical Development
Types of Records About People
From Record Keeping to Data Processing
Systematic Management

II. LATENT EFFECTS OF COMPUTER-BASED RECORD KEEPING
Too Much Data
Easy Access
Technicians as Record Keepers
The Net Effect on People

III. SAFEGUARDS FOR PRIVACY
Personal Privacy, Record Keeping, and the Law
A Redefinition of the Concept of Privacy
Mechanisms for Providing Safeguards
The Costs of Safeguards

IV. RECOMMENDED SAFEGUARDS FOR ADMINISTRATIVE PERSONAL DATA SYSTEMS
Establishing Automated Personal Data Systems
The Safeguard Requirements
Safeguard Requirements for Administrative Personal Data Systems
Relationship of Existing Laws to the Safeguard Requirements
A Note on Mailing Lists
A Note on Intelligence Records

V. STATISTICAL REPORTING AND RESEARCH USES OF ADMINISTRATIVE DATA SYSTEMS
Dimensions of the Problem
Mandatory or Voluntary Data Collection?
Assuring Sound Secondary Uses of Administrative Data Systems
Recommendations

VI. SPECIAL PROBLEMS OF STATISTICAL REPORTING AND RESEARCH SYSTEMS
Background Observations
The Need to Protect Data Subjects from Injury
The Need for Freer Access to Data in Government Files
Recommendations for Statistical Reporting and Research Systems
Safeguard Requirements for Statistical-Reporting and Research Systems
Statutory Protection Against Compulsory Disclosure

VII. THE SOCIAL SECURITY NUMBER AS A STANDARD UNIVERSAL IDENTIFIER
Criteria for a Standard Universal Identifier
Implications of a Standard Universal Identifier
The Social Security Number (SSN) as an SUI
History of the Social Security Number and Its Uses

VIII. RECOMMENDATIONS REGARDING USE OF THE SOCIAL SECURITY NUMBER
Specific Recommendations on the Social Security Number
Right of an Individual to Refuse to Disclose the Social Security Number
Issuance of Social Security Numbers
Constraints on Use and Dissemination of Social Security Numbers
Prohibition of Non-Data-Processing Uses of the Social Security Number

IX. ACTION AGENDA FOR THE SECRETARY OF HEALTH, EDUCATION, AND WELFARE
Legislation
Administrative Action
Additional Action
Organizational Responsibility
Immediate Action

APPENDICES

A. Meetings and Activities of the Secretary’s Advisory Committee on Automated Personal Data Systems, (PDF)

B. “Computers and Privacy”: The Reaction in Other Countries

C. Confidentiality and the Census, 1790-1929

D. The National Driver Register (PDF)

E. Computerized Criminal Information and Intelligence Systems (PDF)

F. Correctionetics: A Blueprint for 1984,

G. The Law Relating to HEW Personal-Data

H. Mailing Lists (PDF)

I. Bibliography on Record Keeping and Personal Privacy (PDF)

Biographical Notes on Members of the Secretary’s Advisory Committee on Automated Personal Data Systems and Index (PDF)

Preface

This is a report about changes in American society which may result from using computers to keep records about people. Its central concern is the relationship between individuals and recordkeeping organizations. It identifies key issues and makes specific recommendations for action.

The Secretary’s Advisory Committee on Automated Personal Data Systems was established by former Secretary of Health, Education, and Welfare Elliot L. Richardson in response to growing concern about the harmful consequences that may result from uncontrolled application of computer and telecommunications technology to the collection, storage, and use of data about individual citizens. The formation of the Committee rests upon a public interest determination made by Secretary Richardson which provides in part as follows:

The use of automated data systems containing information about individuals is growing in both the public and private sectors …. The Department itself uses many such systems, and in addition, a substantial number .. are used by other organizations, both public and private, with financial or other support … from the Department … At the same time, there is a growing concern that automated personal data systems present a serious potential for harmful consequences, including infringement of basic liberties. This has led to the belief that special safeguards should be developed to protect against potentially harmful consequences for privacy and due process.

The Committee was asked to analyze and make recommendations about:

• Harmful consequences that may result from using automated personal data systems;
• Safeguards that might protect against potentially harmful consequences;
• Measures that might afford redress for any harmful consequences;
• Policy and practice relating to the issuance and use of Social Security numbers.

The Committee’s membership encompassed a broad range of expertise and experience and an equally diverse range of viewpoints. Some members came from the social service professions where large-scale data banks are a fact of life, not a probable future development. Others came from management backgrounds in both government and private industry. Many have had practical experience in operating or using automated personal data systems in settings ranging from a nationwide credit-bureau network to the program management information system of a State government. Others came from the academy, and from parts of the research community concerned with applying knowledge developed by the information sciences. Two members of the Committee were State legislators; one was a labor union official; others were lawyers and. private citizens.

Given this diversity, it should be no surprise that at our first meetings, in the spring of 1972, the views of individual members on the significance of applying computer technology to personal-data record keeping sometimes differed sharply. Many, indeed probably most, did not initially feel a sense of urgency about the potential ill effects of current practices in the design and operation of automated personal data systems. Some agreed that computer-based record keeping poses a latent danger to individual citizens, but looked ‘optimistically to technological innovations, particularly access-control devices, to prevent problems from arising. Others painted dramatic portraits of the potential benefits of large-scale data networks to citizens in a densely populated, highly mobile society-benefits that would accrue to all social I and economic classes, enhancing knowledge, increasing the efficiency of social services, and expanding personal freedom.

Slowly, however, the attitudes of the members changed. Shared concerns took root as we heard testimony from over 100 witnesses representing more than 50 different organizations, and as we reviewed a substantial collection of written materials, including reports by similar commissions in this country, Canada, Great Britain, and Sweden. The Committee also gathered information on related studies and fact-finding efforts through a special inquiry to approximately 250 trade and professional associations and public interest groups. (Appendix A lists the individuals who appeared before the Committee and the groups and organizations to which our letter of inquiry was sent.)

Out of this array of personal contacts, written communications, and published documents, our report to the Secretary has emerged. We perceive ourselves as sharing concerns and perspectives expressed in other recent reports on computer-based record keeping; among them Privacy and Computers (1972), the report of a task force established jointly by the Canadian Departments of Communications and Justice; Data and Privacy (1972), the report of the Swedish Committee on Automated Personal Systems; and Databanks in a Free Society (1972), the report of the National Academy of Sciences Project on Computer Databanks.

Our undertaking has required the cooperation of many agencies and organizations and the assistance of many individuals to all of whom we are grateful. We thank all those in HEW who helped us, noting particularly the generous cooperation of Al Guolo, James J. Trainor, Mrs. Lottie C. Owen, and James D. Smith. The Assistance of those who worked as our immediate staff and consultants deserves special acknowledgment as follows:

For general research support and helping to make our meetings productive-Paul J. Corkery, John P. Fanning, Courtney B. Justice, Nancy J. Kleeman, Terrence D.C. Kuch, Carolyn Lewis, William L. Marcus, John J. Salasin, Leonard Sherp, Frederick H. Sontag, Lindsay Spooner, Jeffrey L. Steele, and Lynn Zusman;

For legal research and drafting – John P. Fanning;

For helping to prepare and edit drafts of the report and for preparing appendices – John P. Fanning, Terrence D.C. Kuch, Daniel H. Lufkin, Lindsay Spooner, and Patricia Tucker;

For typewriting and proofreading draft after draft of the report – Claire 1. Hunkin, Rose Schiano, and Patricia Young;

For painstaking administrative support – Beverlyann Garfield, Ronald C. Lett, James F. Sasser, Rose Schiano, and Helen C. Szpakowski.

Finally, we wish to note especially the dedication and complete personal commitment to all aspects of the Committee’s undertaking by David B.H. Martin, Special Assistant to the Secretary, who served as Executive Director for the Committee, and Carole Watts Parsons, Associate Executive Director. Without their patient prodding and tireless efforts, this report could not have been completed.

Willis H. Ware, Chairman Secretary’s Advisory Committee on Automated Personal Data Systems

SECRETARY’S ADVISORY COMMITTEE ON AUTOMATED PERSONAL DATA SYSTEMS*

WILLIS H. WARE, Corporate Research Staff, The Rand Corporation,
Santa Monica, California, Chairman

LAYMAN E. ALLEN, Professor of Law, University of Michigan Law School,
Ann Arbor, Michigan

JUAN A. ANGLERO, Assistant Secretary for Planning & Development, Department of Social Services,
Commonwealth of Puerto Rico

STANLEY J. ARONOFF, Ohio State Senator,
Cincinnati, Ohio

WILLIAM T. BAGLEY, California State Assemblyman,
Sacramento, California

PHILIP M. BURGESS, Professor of Political Science, The Ohio State University,
Columbus, Ohio

GERTRUDE M. COX, Statistical Consultant,
Raleigh, North Carolina

YL PATRICIA CROSS, Senior Research Psychologist, Educational Testing Service,
Berkeley, California

GERALD L. DAVEY, President and Chief Executive Officer, Medlab Computer Services, Inc.,
Salt Lake City, Utah

J. TAYLOR DeWEESE, Philadelphia, Pennsylvania

GUY H. DOBBS, Vice President, Xerox Computer Services,
Los Angeles, California

*ROBERT R.J. GALLATI, Director, New York State Identification and Intelligence System (NYSIIS),
Albany, New York

FLORENCE R. GAYNOR, Executive Director, Maitland Hospital,
Newark, New Jersey

**JOHN L. GENTILE, Deputy Director, State of Illinois Department of Finance,
Springfield, Illinois

*FRANCES GROMMERS, M.D., Visiting Lecturer, Harvard School of Pub lic of Public Health,
Boston, Massachusetts

JANE L. HARDAWAY, Commissioner, State of Tennessee Department of Personnel,
Nashville, Tennessee

JAMES C. MARA, Administrator of Educational Accountability, State of Florida. Department of Education,
Tallahassee, Florida

PATRICIA J. LANPHERE, Assistant Supervisor, Bureau of Services to Families and Children, State of Oklahoma Department of Institutions, Social and Rehabilitative Services,
Oklahoma City, Oklahoma

ARTHUR R. MILLER, Professor of Law, Harvard Law School,
Cambridge, Massachusetts

DON M. MUCHMORE, Senior Vice President, California Federal Savings and Loan Association,
Los Angeles, California

JANE V. NOREEN, St. Paul, Minnesota

ROY SIEMILLER, Vice President, Labor Relations, National Affiance of Businessmen, Washington, D.C.

MRS. HAROLD SILVER, Denver, Colorado

SHEILA M. SMYTHE, Vice President, Associated Hospital Service of New York,
New York, New York

JOSEPH WEIZENBAUM, Professor of Computer Science, Massachusetts Institute of Technology,
Cambridge, Massachusetts

DAVID B.H. MARTIN, Special Assistant to the Secretary of Health, Education, and Welfare, Executive Director

CAROLE W. PARSONS, Associate Executive Director

*Dr. Grommers served as Chairman of the Committee from May, 1972 to January, 1973; she was unable to continue as a member of the Committee thereafter.

*On April 1, 1973, Dr. Gallati assumed responsibility as Commanding Officer, Inspection Division, Police Department, City of New York.

**On April 1, 1973, Mr. Gentile joined the U.S. Postal Service as Assistant Postmaster General Management Information Systems Department.