Computerized Governmental Database Systems Containing Persona.txt

                               ABSTRACT

              Computerized Governmental Database Systems
                   Containing Personal Information
                                 And
                         The Right to Privacy
                                  by
                   Lewis William Oleinick, M.P.Af.
               The University of Texas at Austin, 1993
             SUPERVISORS: Chandler Stolp and Philip Doty

     This report identifies and examines the potential threats to
individual privacy created by the collection, aggregation, and
dissemination of personal information by governmental agencies and the
role computer systems play in potentiating such threats.  Computer
matching, computer profiling, the national criminal justice database,
and portfolio creation via data aggregation of personal information
are the governmental activities stipulated to be potentially
threatening to personal privacy.  These four activities are forms of
"dataveillance."  Dataveillance poses dangers to the security of civil
liberties in a free society.

     To carry on an intelligible discussion about privacy and how the
collection, aggregation, and dissemination of personal information by
governmental agencies may threaten individual privacy it is necessary
to first define privacy and personal information.  Independence,
autonomy, dignity, and respect create a conceptual framework upon
which privacy may be defined.

     Privacy is a culturally defined norm.  As such a discussion of
the American cultural tradition of privacy is necessary to understand
both how Americans have defined privacy over time and the roles
privacy has played in American society in 1) "starting over," 2) in
interpersonal relationships, and 3) in maintaining the "balance of
power" with the State.  Privacy is held to be as important as the
unalienable rights of "life, liberty, and the pursuit of happiness" by
the majority of the American public.  Americans have become more and
more concerned with their privacy as intrusive technologies have
evolved.  Many Americans fear that computers allow the U.S. Government
too much power over the average citizen.
     Privacy has been protected in the United States by

precedents set in court cases, by legislation and by executive act.
The breadth of cases pertaining to privacy precludes the examination
of all cases.  Supreme Court cases provide a historical overview of
the evolution of the right to privacy as the questions presented to
the Court have become more complex with the introduction of new
technologies into the law enforcement process.

     Congress has attempted to address the public's concerns of the
government's collection, aggregation, and dissemination of personal
information by passing legislation designed to protect individual
privacy.  The four major pieces of legislation passed by Congress for
the protection of the citizen's right to privacy are the Freedom of
Information Act, the Privacy Act, the Computer Security Act of 1987,
and the Computer Matching and Privacy Protection Act of 1988.  The
Office of Management and Budget has produced regulations designed to
enforce the intent of the legislation promulgated by Congress.  These
regulations are contained in OMB Circular A-130 which details federal
information policy.

     This report concludes by suggesting the need for the
implementation of a Privacy Protection Board at the national level.
Such a board would be based on the model suggested by David Flaherty.

     The primary conclusion that should be drawn from this report is
that society as a whole must re-evaluate the existing paradigm of who
should be in control of personal information; i.e., should it be the
agency who collects it or should the power of control remain with the
individual about whom the information was collected.  This report
suggests that a certain modicum of control over the disclosure of
personal information should revert to the individual about whom the
information was collected.

==================================================================



                        TABLE OF CONTENTS

Chapter 1. Introduction. . . . . . . . . . . . . . . . . . . . .1

     Description of Problem. . . . . . . . . . . . . . . . . . .1

     Governmental Activities of Interest . . . . . . . . . . . .2

     Reasons for Concern . . . . . . . . . . . . . . . . . . . .3

     Bringing the Concerns to a Personal Level . . . . . . . . .3

     Justification for Focusing on
     Governmental Activities . . . . . . . . . . . . . . . . . .4

     Recapitulation of Topic and
     Statement of Position . . . . . . . . . . . . . . . . . . .5

     Explanation for the Ordering
     of the Presentation of Material . . . . . . . . . . . . . .5

     Ordering of Presentation of Materials . . . . . . . . . . .6

Chapter 2. Governmental Dataveillance. . . . . . . . . . . . . .7

     Introduction. . . . . . . . . . . . . . . . . . . . . . . .7

     Defining Surveillance and Dataveillance . . . . . . . . . .7

     Forms of Governmental Dataveillance . . . . . . . . . . . .8

     Transition from Personal Surveillance
     to Mass Dataveillance . . . . . . . . . . . . . . . . . . 13

     Dangers of Personal and Mass
     Dataveillance . . . . . . . . . . . . . . . . . . . . . . 14

Chapter 3. Privacy and Personal Information: The Relationship
Explored . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

     Introduction. . . . . . . . . . . . . . . . . . . . . . . 19

     Terms necessary for the definition
     of privacy. . . . . . . . . . . . . . . . . . . . . . . . 19

     Definition of Personal Information. . . . . . . . . . . . 23

     Definition of Privacy . . . . . . . . . . . . . . . . . . 24

     Difficulties with Defining Privacy. . . . . . . . . . . . 25

Chapter 4. The Cultural Tradition of Privacy in American Society27

     Introduction. . . . . . . . . . . . . . . . . . . . . . . 27

     Public Opinions on Privacy. . . . . . . . . . . . . . . . 27

     Privacy's Role in "Starting Over" --
     A Cultural Basis. . . . . . . . . . . . . . . . . . . . . 34

     The Role of Privacy of Personal
     Information in Interpersonal
     Relationships . . . . . . . . . . . . . . . . . . . . . . 40

     The State and the "Balance of
     Power". . . . . . . . . . . . . . . . . . . . . . . . . . 45

Chapter 5. A Brief Legal History of the Right to Privacy: A
Survey of Selected Supreme Court Cases . . . . . . . . . . . . 49

     Introduction. . . . . . . . . . . . . . . . . . . . . . . 49

     Reasons for Choosing the Ten Cases. . . . . . . . . . . . 50

     Analysis of Cases . . . . . . . . . . . . . . . . . . . . 51

          Mapp v. Ohio . . . . . . . . . . . . . . . . . . . . 52

          Griswold v. State of
          Connecticut. . . . . . . . . . . . . . . . . . . . . 53

          Katz v. United States. . . . . . . . . . . . . . . . 55

          Stanley v. State of
          Georgia. . . . . . . . . . . . . . . . . . . . . . . 57

          Eisenstadt v. Baird. . . . . . . . . . . . . . . . . 59

          Roe v. Wade. . . . . . . . . . . . . . . . . . . . . 60

          United States v. Miller. . . . . . . . . . . . . . . 62

          Whalen v. Roe. . . . . . . . . . . . . . . . . . . . 64

          Bowers v. Hardwick . . . . . . . . . . . . . . . . . 66

          United States Department
          of Justice v. Reporters
          Committee for Freedom of
          the Press. . . . . . . . . . . . . . . . . . . . . . 67

     Summation of Cases and Problems with
     Judicial Activism . . . . . . . . . . . . . . . . . . . . 70

Chapter 6. Legislative and Executive Action to Protect the
Privacy of Personal Information. . . . . . . . . . . . . . . . 73

     Introduction. . . . . . . . . . . . . . . . . . . . . . . 73

     The Freedom of Information Act. . . . . . . . . . . . . . 74

     The Privacy Act . . . . . . . . . . . . . . . . . . . . . 76

     Criminal Justice Information Control
     and Protection of Privacy Act of 1974 . . . . . . . . . . 82

     The Computer Security Act of 1987 . . . . . . . . . . . . 83

     The Computer Matching and Privacy
     Protection Act of 1988. . . . . . . . . . . . . . . . . . 85

     OMB Circular A-130. . . . . . . . . . . . . . . . . . . . 88

     Chapter Summary . . . . . . . . . . . . . . . . . . . . . 91

Chapter 7. Conclusion and Suggestions for Additional Legislation93

     Introduction. . . . . . . . . . . . . . . . . . . . . . . 93

     Recapitulation of Major Themes. . . . . . . . . . . . . . 93

     Policy and Advancing Technology . . . . . . . . . . . . . 98

     Government Responsibilities . . . . . . . . . . . . . . . 99

     Suggestions for Additional Legislation. . . . . . . . . .101

     Conclusion. . . . . . . . . . . . . . . . . . . . . . . .102
=========================================================================
Received: (from NIUCS for <tk0jut1@mp.cs.niu.edu> via BSMTP)
Received: (from A01MLRV@NIUCS for MAILER@NIU via NJE)
 (UCLA/Mail V1.410 M-RSCS8672-8672-846); Tue, 21 Sep 93 16:14:40 CDT
Received: from NIUCS by NIUCS (Mailer R2.10 ptf000) with BSMTP id 6874; Tue, 21
 Sep 93 16:14:19 CST
Received: from mp.cs.niu.edu by vm.cso.niu.edu (IBM VM SMTP V2R2) with TCP;
   Tue, 21 Sep 93 16:14:15 CST
Received: by mp.cs.niu.edu id AA16156
  (5.67a/IDA-1.5 for tk0jut1@niu.bitnet); Tue, 21 Sep 1993 16:14:03 -0500
Date: Tue, 21 Sep 1993 16:14:03 -0500
From: jim thomas <tk0jut1@MP.CS.NIU.EDU>
Message-Id: <199309212114.AA16156@mp.cs.niu.edu>
To: tk0jut1

Last updated: 16-Sep-93 by John Labovitz <johnl@netcom.com>

This is a summary of electronically-accessible zines.  The format should
be fairly self-explanatory.  In most cases, descriptions are excerpted from
the masthead of the zine listed.


RECENT CHANGES TO THIS LIST

 * Expanded this intro
 * The Amateur Computerist: new zine (still need description)
 * Arm The Spirit: added gopher s...