CDT's data privacy page



Delivered by
Jerry Berman, Executive Director
Deirdre Mulligan, Staff Counsel

June 10, 1997

CDT is a non-profit, public interest organization working to protect and advance civil liberties and democratic values on the Internet. One of our core goals is to develop a privacy framework for the Internet. Towards this end, CDT is working to develop and implement fair information principles and technical tools that foster individual control over personal information on the Internet.

The emerging global information infrastructure poses both difficult challenges and unique opportunities for protecting individual privacy. CDT believes that new technologies can be designed to enable citizens to exercise greater control over the collection and use of personal information. Through the development and implementation of strong privacy policies, and the design and implementation of technological mechanisms that facilitate individual choice, we believe that interactive digital media can empower citizens to make meaningful decisions about the flow of personal information.

Today the impact of interactive media on individual privacy remains unclear. Recent public concern with the Social Security Administration's web site designed to provide individuals access to their own earnings and benefits statements highlights the consequences of failing to adequately address privacy and security concerns. If we fail to address the privacy issues that arise with this new technology we may undermine its roles as communication medium, information source, and global marketplace of ideas and products. The temporary closing of the SSA's web site should serve as a wake-up call to those handling personal information -- privacy is on the public's mind. We urge you to consider the privacy implications of "look-up services" within the context of the growing global information infrastructure.

Panel I: Databases -- Sources and Accessibility

What information do databases contain? Where does it come from? How are the databases accessed?

Databases compiled in the public and private sector contain an increasingly vast amount of information about individuals. The data contained in either traditional central repositories, or more and more frequently in easily linked together distributed databases ranges from what is commonly referred to as "white pages information" -- information found in the phone book -- to criminal history records, and information about purchases as diverse as appliances to pharmaceuticals. Information about individuals is culled from many sources.

"Public" Records:

It is important to recognize that while today's discussion focuses on private sector databases, much of the raw data needed to develop these enhanced databases is purchased or retrieved from public agencies. Underlying this review of private sector databases looms the question of what public policy framework should control third party access to "personally identifiable information" contained in government files. [ 1 ] While the focus of today's discussion is not to review the access and use of public records, it is useful to review the types of records that are often labeled "public records" and widely available for thirdparty access and use. Examples common "public records" include, but are not limited to:

From these commonly available public records one can construct revealing profiles of individuals including their name and address and additional information such as their (parentheses indicate one possible source):

As these two lists reveal the policies surrounding third party access to personally identifiable information in records collected for specific public purposes and maintained by government agencies has serious consequences for the privacy of individuals. The collection of personal information by public agencies is often a necessary precursor for engaging in a specific activity -- be it a home purchase or driving a car. The information is collected and used for purposes directly tied to the reason for its collection. However, often times the information is also used and disclosed to others for many reasons that have little, if any, nexus to the underlying purpose for its collection. As the FTC examines this issue, CDT believes it is important to look at the central role government has played, and continues to play, in the creation of these private sector databases, and consider whether a review of policies governing access to personally identifiable information in public records is warranted.

Private Profiling

Marketing pitches such as the one above by Adfinity hint at the wealth and detailed nature of personal information generated within the private sector. Similarly, a press release announcing a strategic alliance Equifax and VNU Marketing Information Services (VNU MIS) elaborates on the extent of personal information available in the private sector and potential uses, stating:

While many members of the marketing community may adhere to self-regulatory policies that limit the use of marketing data for non-marketing purposes [ 4 ], others may not. Regardless, these statements provide a glimpse at the types of depth of personal data generated and available in the private sector -- the uses of which are largely ungoverned by existing law.

New technology generates increasingly detailed pools of data on individuals. A recently released CDT report, "Communications Privacy in the Digital Age," focusing on questions of governmental access, finds, among other things, that

As more and more of our activities and relationships with individuals, corporations, and government entities move online the personal information available for collection, use, and possible reuse and disclosure by the private sector will continue to escalate. The privacy implications of this increased data collection, and the potential impact of this increased data collection on individuals' ability and willingness to engage in First Amendment protected activities, as well as its implication for identity theft and fraud all highlight the need to examine the collection and availability of this growing pool of data.

Panel III: A Range of Responses

From consumer education and technological controls to government intervention and self-regulation, what responses are under consideration? What can existing self-regulatory programs in other sectors teach us?

CDT suggests that the FTC review suggested responses to "Look-up Services" in light of the Fair Information Practice Principles [ 5 ], focusing on the implementation of the basic principle that:

As it is nearly impossible to effectively and efficiently apply this principle at the point at which data becomes part of a "Look-up Service" we should step back and examine the rules governing the initial sources. The existence of many "look-up services" depends, in part, upon an initial violation of this fair information practice principle by government agencies and others. Understanding that this would require a review beyond the scope of the FTC's current activities, CDT believes for an effective response to the privacy and other concerns raised by "look-up services" it is essential that the information practices of the entities responsible for the initial data collection be examined -- this would include a review of rules controlling access to personal information contained in public records. The lack of attention to this core principle of fair information practice undermines individual privacy and interferes with individuals desire to disclose information where necessary to participate in a service or activity or gain a benefit. [ 6 ]

At this point addressing the privacy issues around existing "Look-up Services" requires another framework. The existing statute that most readily maps onto "Look-up Services" is the Fair Credit Reporting Act. CDT recommends a change to the Fair Credit Reporting Act itself -- extending the permissible purpose section to govern all information contained in the credit file, including header information. This would shore up an existing hole in the FCRA and limit the availability of the individual's name, address, prior addresses, social security numbers, and phone numbers which is the information needed to commit financial fraud. Unlike white pages where individuals can choose whether to publish their name, number or address, individuals do not choose whether "header information" -- containing the same information and more -- is sold by credit bureaus. Extending the FCRA rules to cover this information would assist in controlling fraud and would bring the FCRA a step closer to protecting consumer privacy.

In addition given the existence of "Look-up Services", the FTC should examine the possibility of a system of rules similar to those set out in the FCRA to govern them. Government agencies, social service agencies, and private companies submitted comments spelling out the purposes for which they access "Look-up Services." Consumer and privacy advocates have brought attention to the potential risks to individuals' privacy and identity posed by access to these databases. While the FCRA is far from a perfect model of privacy protection, the establishment of:

would begin to address privacy concerns, especially if coupled with a focus on the initial sources of the data as mentioned above. In considering an FCRA-like model attention should be paid to the range of data found in various databases. Perhaps specific data items could be identified the inclusion of which a single one or a combination of would trigger FCRA like controls. We would be happy to discuss this proposal further, and look forward to considering proposals made by others.


Information privacy is an increasing concern to the public. The nexus between the availability of personal information and vulnerability to fraud has been remarked upon by courts, policy-makers, and victims alike. [ 7 ] In particular, the widespread use of the Social Security Number as an identifier by both the private and public sectors continues to raise concerns. As information about the current practices of collecting and using personal information trickles public concern with privacy continues to escalate. A recent survey revealed that 83% of Americans are very concerned about their privacy. Later this week we will gain new understanding of this concern and how privacy perceptions are changing as we embrace new technology. CDT appreciates the opportunity to participate in the workshop and looks forward to working with you to develop sound privacy solutions.


1. See, Robert Gellman, Public Records: Access, Privacy, and Public Policy (March 1995) (prepared for and available from the Center for Democracy and Technology). Provides an overview of the debates, theories, results and varying points of view on individual privacy and third party access to public records.

2. Id. at 1.

3. Id. at 5.

4. The Direct Marketing Association's stated policy limits the use of personal data obtained from marketing transactions for non-marketing purposes.


6. Outcry from hospitals concerned with reporting requirements, recently passed as part of immigration reform legislation, that would force them to report undocumented aliens seeking emergency medical treatment to the INS articulate the way in which unrelated uses of information can hinder individuals' willingness to seek out necessary services. Similarly, the DMA's response to the Internal Revenue Service's proposal that as part of its Compliance 2000 program., it intend to seek access to marketing data for law enforcement purposes, may reflect awareness of this concern.

7. The Federal Trade Commissions August, 1996 meeting on Consumer Identity Fraud provided useful information on the relation between the availability of personal information and credit card fraud.