Personal Privacy
Most people prefer to keep
their lives and personal affairs out of the public eye. People should have the right to prevent
information about them from being known by people they don’t chose to
personally share things with. People want
information such as their medical records, insurance records, bank and credit
records, arrest records, employment history, tax records, social security
records, school records, phone records, and e-mails to remain private. This has become more of an issue with the advancements in technology
and higher use of the Internet because it makes information more readily
available. Personal privacy is
an issue that people should be concerned with in this age of technology.
Personal privacy will be categorized as Identity Privacy, Information Privacy
and Educational Privacy.
Identity Privacy
A Social Security Number is issued
to
Because of its frequent
use, it has given companies a way to invade our private lives
and easily track information about us. With the expansion of the Internet and
computer networking, the information they gather can be readily shared. The
sharing of our private information is often done without our knowledge or
permission.
One major concern about
this increased sharing is the roll it plays in identity theft. As personal
information is combined with social security numbers, it allows a potential
criminal to effortlessly assume another person's identity. Under their “new”
name, thieves can obtain credit cards, loans and gain access to a consumer's
personal records.
Victims are often left
defenseless to protect themselves until it is too late. The Federal Trade
Commission (FTC) reports that in the year 2004 there were approximately 246,570
victims of identity theft in the
However, On May 10, 2006, President Bush,
signed an executive order to strengthen the federal effort to protect against
identity theft. The directives of the
order include deterring, preventing, and detecting the unlawful use of identify
information of one person by another. In
addition the order insists that such persons will be prosecuted as the law allows.
Among other recognitions, it also directs the federal government to educate the
public and the private sector regarding identity theft and protective
measures. Further, the directive seeks
the establishment of the Identity Theft Task Force to carry out the order’s
mandates. (http://www.whitehouse.gov/news/releases/2006/05/20060510-3.html)
Even more recently a man brought home a file containing
26.5 million veteran’s social security numbers. More information is available
at http://www.firstgov.gov/veteransinfo.shtml
.
Congress passed the Identity Theft and Assumption
Deterrence Act in October of 1998. It made it a federal crime to…
“knowingly transfer or
use, without lawful authority, a means of identification of another person with
the intent to commit, or to aid or abet, any unlawful activity that constitutes
a violation of Federal law, or that constitutes a felony under any applicable
State or local law.”
Many other legislative
acts, on both a Federal and State level, have been passed to help combat the
identity theft problem. Detailed information on this legislation is available
from the FTC at http://www.consumer.gov/idtheft/federallaws.html.
So, what can we do? The
FTC offers tips to consumers on how to protect themselves and steps to take to
combat thieves in cases of identity theft on a special website, http://www.consumer.gov/idtheft/index.html.
Another
information-gathering tool used by companies is Internet “cookies and web
bugs”. Through the use of these “cookies/web bugs”, companies can gain
information about users' surfing and buying habits.
This information on a
user's activities, know as a “clickstream”, is
transmitted back to the webpage operators. This data is taken with or without
the users’ knowledge. Both Microsoft Internet Explorer and Netscape can be configured
to reject cookies in an effort to preserve privacy. Additional information on
this topic is available by visiting the Spyware section of this paper.
Information Privacy
As computerization has
increased over the years, so has the storing of information and records in
computer files rather than paper files. This information includes medical
records, insurance records, arrest records, employment records, bank and credit
records, tax records, and phone records.
Information about a person’s health should remain
confidential to the patient. One reason
a person may want to keep their medical records is to prevent possible
discrimination. The Health Insurance Portability and Accountability
Act of 1996 (HIPAA) established rules and limits on who can have access to your
health and medical records. Usually,
a person must give permission for anyone outside of their physician to view
their records. However, there are
specific cases in which a person must disclose their medical records. It is important that consumers understand the
implications of this law in order to make informed decisions about how they
allow their private information to be used and in order to exercise their rights.
Detailed information on HIPPA is available from the United States Department of
Health and Human Services (http://www.hhs.gov/ocr/hipaa/).
The Privacy Act of 1974, as amended, http://www.cftc.gov/foia/foiprivacyact.htm
is intended to protect the individual privacy of American citizens or lawful
residents. However, what the average
person may assume is information privacy protection is not necessarily what the
law has in mind.
In today’s electronic age, not only is information you
knowingly provide to one organization, unknowingly provided to a third party,
routinely information is harvested from online users without their consent as
“cookies” are placed in their computer systems. Cookies are small files that
web servers place on a user’s hard drive.
Members of the online community are becoming savvier
about such practices. There are a number of provisions that ISP’s offer to
circumvent cookies. Similarly
constituents are beginning to question the government’s role in gathering
information electronically. eGovernment legislation was
enacted to clarify the government’s use of information and communication
technology. EGovernment - Wikipedia, the free encyclopedia 
and egov --
The Official Web Site of the President's ...
As we look at the impact of information
sharing in the digital age, it is important to scrutinize information sharing
by the private sector and the government as well.
Companies also have access
to a prospective employee's arrest records even without the applicants consent.
In
Many states also have sex
offender registry web sites. In
Educational Privacy
Education records are another
example of private records that need to be kept private. According to the
Federal Education Records and Privacy Act (FERPA), any school that receives
federal funds must first obtain a student's consent before releasing school
records.
School transcripts and
grades are to be viewed only by the student unless written permission is given.
Grades often are posted in the classroom but can not be listed by social
security number or name. Every effort must be made to ensure student privacy.
Posting grades on the internet must be done in a secure or password protected
fashion.
Many schools have an
Acceptable Usage Policy that allows school officials to review a log of web
sites students’ visit, the e-mails sent to and from their school email accounts
and their network folders. Safety appears to be the main reason for these
policies. However, there is a concern that parties outside of the school maybe
able to access this information. Schools must not only be responsible for
protecting their network, but also the information available through the
network.
There have been incidences where someone has hacked into
a school system and stole student’s records.
To read about a
The Family Educational Rights and Privacy Act (FERPA) gives parents and eligible students rights regarding the
student’s educational records. These
parties may inspect, request corrections, and request the release of
information contained in school records.
FERPA also gives parents and eligible students the right to be notified
of and opt out of the publication of personal information in directories. (http://www.ed.gov/policy/gen/guid/fpco/ferpa/index.html)
FERPA also allows educational records to be shared within the educational
system, without parental consent, to serve the students’ interests. Examples of how student information and
educational records can be shared may be found in the policy document
referenced above.
The Protection of Pupil Rights Amendment (PPRA), a.k.a.
the Hatch act, protects parents and students in two ways – 1.) ensures the availability of instructional materials for
inspection if those materials involve U.S. Department of Education evaluation,
analysis or survey, and 2.) ensures that parental
consent is obtained prior to minor students’ participation in any such
evaluation, analysis or survey. (http://www.ed.gov/policy/gen/guid/fpco/ppra/index.html)
In addition, the No Child Left Behind Act (NCLB) includes
a provision (Section 1061) “that provides students and parents with rights to
be informed about, and opt out of, the in-school collection of students'
personal information.” (http://www.epic.org/privacy/student/) This is designed to protect students from
providing personal information to teachers who are acting with good intentions
when the purposes of such collection are misrepresented.
Also, under NCLB, a provision exists that requires the
submission of secondary school students’ personal information to the Department
of Defense (DOD). This information, to
be used to create a military recruiting database, may still be withheld by
written request from parents or eligible students. However, should a parent or eligible student
neglect to opt-out of such disclosure, the information must be provided to the DOD. A failure to
respond to an opt-out invitation does not constitute a lack of permission. This NCLB provision supersedes a family’s
rights to the voluntarily release of such information under FERPA. (http://www.epic.org/privacy/profiling/dodrecruiting.html)
The
History/Summary
of Policy:
Forty five days after
September 11, 2001, Congress passed the USA PATRIOT Act. H.R. 3162, officially Uniting and Strengthening America by Providing Appropriate Tools
Required to Intercept and Obstruct Terrorism Act of 2001. It was passed on October 25, 2001 by the 107th
Congress. The most daunting features of
the PATRIOT Act are that there was no debate before it was passed. Attorney General John Ashcroft gave Congress
only one week to pass the bill without changes.
As a result, most members of Congress didn’t even get a chance to review
the bill. In general, the PATRIOT Act is
a compromised version of the Anti-Terrorism
Act of 2001 (ATA). This act amended several already existing
statues that include:
Wiretap
Statute (Title III):
Electronic
Communications Privacy Act
Computer Fraud
and Abuse Act
Foreign
Intelligence Surveillance Act
Family
Education Rights and Privacy Act
Pen Register
and Trap and Trace Statute
Money
Laundering Act
Immigration
and Nationality Act
Money
Laundering Control Act
Bank Secrecy
Act
Right to
Financial Privacy Act
Fair Credit
Reporting Act
The PATRIOT Act has ten titles, each with numerous
sections. These are:
1. Enhancing domestic security against terrorism,
2. Enhanced
surveillance procedures,
3. International
Money Laundering Abatement and Anti-terrorist Financing Act
of 2001,
4. Protecting the
border,
5. Removing
obstacles to investigating terrorism,
6. Providing for
victims of terrorism, public safety officers and their families,
7. Increased
information sharing for critical infrastructure protection,
8. Strengthening
the criminal laws against terrorism,
9. Improved
intelligence, and
10. Miscellaneous.
The primary differences between the Anti-Terrorism Act
and the PATRIOT Act are: the inclusion
of the Financial Anti-Terrorism Act (H.R. 3004), which expands money laundering
abatement to international terrorism, immunity against prosecution for the
providers of wiretaps in accordance with the Foreign Intelligence Surveillance
Act of 1978, request for a report on integrating automated fingerprint
identification for ports of entry into the United States, start of a foreign
student monitoring program, request for machine readable passports, prevention
of consulate shopping, expansion of the Biological Weapons Statue, and a
clearer definition of electronic surveillance.
It significantly increased the surveillance and investigative abilities
of law enforcement agencies and gave the government tremendous leeway of
interception of personal communications. (http://www.epic.org/privacy/terrorism/usapatriot/). Also under title 2, section 224 there is a
sunset provision. This provision means
some sections of the PATRIOT Act expire unless they are renewed by Congress.
(EPIC 2001) Available at http://www.cnn.com/2006/POLITICS/03/07/patriot.act/
is an article about recent provisions renewed.
Overall, the authorities Congress provided has enhanced the ability to
prevent, investigate, and prosecute acts of terror. It also makes all personal information, banking, internet
activities, etc. free game for the US Government and they can be obtained
without the consent or knowledge of the “suspect”. The American Civil Liberties
Union advocates that large sections of the Patriot Act are poorly written and
jeopardize our constitutional freedoms. They argue the intention of the Act was
to combat terrorism and not to invade the privacy and rights of Americans (http://action.aclu.org/reformthepatriotact/).
How it affects
information professionals
Librarians and information professionals are impacted by
sections 215 and 216 of the PATRIOT Act. Section 215 “Access To
Records and Other Items Under the Foreign Intelligence Surveillance Act” of the
PATRIOT Act allows the FBI to order any person to turn over “any tangible
things” to protect against international terrorism. Prior to section
215, with FISA section 501 the FBI applied to the
Overall, section 215 impacts a libraries’ ability to
protect patron privacy under the Foreign Intelligence Surveillance Act. “Exercise of free speech, free thought, and
free association; and, in a library, the subject of users’ interests should not
be examined or scrutinized by others.” (
Section 216
Section 216, “Modification of Authorities Relating to Use
of Pen Registers and Trap and Trace Devices,” also affects information
professionals. It allows law-enforcement in ordinary criminal cases to get a
warrant to track which websites a person visits and collect general information
about the emails a person sends and receives. (HR 3162, 2001) Therefore,
libraries that provide Internet access have to cooperate in monitoring their
patron’s usage. Once again the agency
doesn't have to prove the need; the judge determines that this relates to an
ongoing investigation.
Strategies
to Monitor the PATRIOT Act
American Library Association (
Website: http://www/ala.org/washoff/patriot.html - Updated
information on national and international legislation. Follows
civil liberties, intellectual freedom and privacy. One link focuses on
the PATRIOT Act and libraries.
National Public Radio (NPR)
Website: http://www.npr.org/-
NPR is a nationally acclaimed provider of news, information, and entertainment
programming, and is the media industry leader in sound gathering and
production. The world's first noncommercial, satellite-delivered radio network,
NPR is an independent, private, nonprofit membership organization funded
primarily through its own service-generating activities.
Google Web Alerts: http://www.google.com/alerts - Updates through e-mail
is a way keeping current on the PATRIOT Act.
New York Times
Website: http://www.nytimes.com
- News Tracker scours every Times article, every day to find the latest
articles that match your interests.
Website: http://www.ila.org -
is the voice for Illinois Libraries and the millions who depend on them. It
provides leadership for the development, promotion, and improvement of library
services in
American Civil Liberties
http://www.aclu.org – ACLU home site follows developments
in
free speech,
criminal justice, national security and other
issues that
involve libraries.
Electronic
http://www.epic.org – EPIC has a PATRIOT Act page that
includes current
news, history, overview, analysis, and
resources.
Conclusion
In today’s digital age,
personal privacy is a big concern, as personal information can be accessed and
shared without consent. A person's identity can also be stolen by utilizing
this information. We must take care to protect ourselves. Practical tips are
available at the Privacy Rights Clearinghouse at http://www.privacyrights.org/. In this
technological age, diligence is required to protect our personal privacy
As we consider our privacy we must think in exponential
terms. No longer can we walk a linear
path in protecting our personal information. We mustn’t declare our personal
information safe by simply ripping up a carbon copy receipt. Data about who we are, what we do, where we
go, when and why is available to an ever increasing number of parties that are not
known to us. As we are required to
interact more and more through the Internet – i.e. job applications, email
notifications, registrations, even viewing our grades and bills at university –
and provide information on forms that will be subject to electronic scans we
have less control over with whom that personal data is shared.
The wake of these societal shifts in how we do business,
educate our children, and communicate with one another has caused an excitement
among civil libertarians, legislators, and the criminal element alike. Civil libertarians decry the loss of control
that individuals may experience and call for universal safeguards. Legislators are concerned that constituents
see them as champions for the common man through their legislative efforts
regarding online security. While criminals exploit all avenues that provide
access to personal data that may result in financial gain.
Keeping information private requires individuals to be
aware of possible pitfalls as well as individual rights. We cannot sit by and hope that personal data
does not fall into the wrong hands.
Protecting personal information requires individuals to be educated
consumers and attentive guardians of identifying data, AND government action to
provide penalties for the misuse of that information.
Bibliography
http://www.epic.org/privacy/terrorism/usapatriot/
http://www.libraryjournal.com/
http://www.npr.org/http://www.lifeandliberty.gov/patriot
American Civil Liberties
American Library Association Office of
Intellectual Freedom. (2005a). Confidentiality and coping with law
enforcement inquiries:
guidelines for the library and its staff. From http://www.ala.org/Template
American Library Association Office of
Intellectual Freedom. (2005b).
Pending legislation concerning the
Doyle. C. (2005, January 27).
Oder,
Pike, George H. “The
Nov
2005.
Pinnell-Stephens,
J. (2003). Libraries, privacy, and government information
after September 11 [Electronic version]. PNLA Quarterly, 67, 6-9.