Personal Privacy in an Information Society. Recommendations


The Commission's approach to the problems described in this chapter has been to focus on strengthening and balancing the relationship between the individual insurance applicant, policyholder, or claimant and the insurance institution with whom he deals. As indicated at the outset, the Commission's recommendations have three objectives:

(1) to create a proper balance between what an individual is expected to divulge about himself to a record-keeping organization and what he seeks in return (to minimize intrusiveness);

(2) to open up record-keeping operations in ways that will minimize the extent to which recorded information about an individual is itself a source of unfairness in any decision about him made on the basis of such information (to maximize fairness); and

(3) to create and define obligations with respect to the uses and disclosures that will be made of recorded personal information (to create a legitimate, enforceable expectation of confidentiality.)

In the insurance area, as in others it has studied, the Commission also believes that giving an individual certain rights without placing corresponding obligations on the institution with whom he has the primary record-keeping relationship is not likely to bring about adequate remedial action. Thus, the Commission believes that insurance institutions and insurance-support organizations must assume greater responsibility for their personal-data record-keeping practices. In some cases, this can be accomplished by bringing the forces of the marketplace to bear on record-keeping policy and practice, through voluntary adoption of standards set forth in this report, or through court action by individuals to enforce their rights. In others, government agencies should also be called upon to play monitoring and corrective roles. The Commission believes that both parties will benefit from this approach. The individual's position with respect to the records the insurance relationship generates about him will be strengthened, while insurers and insurance-support organizations will be assured of obtaining the kind of information that promotes fair and efficient operations. Greater confidence in insurance institutions and their role in society should result from opening up the process in this way.

One of the major reasons legislation is needed is that the individual is currently at a disadvantage in the insurance relationship. Some of the Commission's recommendations have attempted to protect the applicant, policyholder, or claimant by placing certain restraints on the insurer-limiting certain collection techniques, creating standards for the authorization forms used, and requiring reasonable procedures in the collection, use, and disclosure of information about an individual. The Commission's aim, however, is not so much to constrain insurance institutions and support organizations as it is to enhance the position of the individual so that he can protect his own privacy interests. To this end, the Commission has concluded that the insurer should inform the individual of the scope of its underwriting inquiry by a clear notice and an adequate authorization form; that the subject of an investigative report should be interviewed if he so desires; and that a mechanism should be created whereby the individual can question the propriety of a specific type of inquiry made in connection with an insurance decision about him. These recommendations are designed to give the individual a central role in the record-keeping practices (including information collection) of the insurance industry.

The ability of the individual to protect himself depends upon the knowledge he has of the records that are made about him. Thus, an individual should have access to a record about himself and a mechanism should exist whereby disputes concerning the accuracy of such a record can be settled. Access and correction rights are also needed to enable the individual to protect himself from investigations which exceed the scope of the notice he is given at the time he seeks to establish a relationship with an insurer, and to assure that the records maintained about him are accurate, timely, and complete. In addition, the individual should be informed of the reasons for an adverse decision about him and the specific information which supports those reasons, so that he can protect himself from unfair treatment resulting from the use of inaccurate, obsolete, or incomplete information.

This approach is not simply intended to be a procedural one. Rather, it is intended that the dynamics of the relationship between the insurer and the individual, rather than action by a legislature or regulator, will create certain standards governing the collection, maintenance, use, and disclosure of information by insurance institutions and support organizations. The Commission believes that notice, access, dispute, and an enforceable expectation of confidentiality are the tools an individual must have if he is to play an effective role in preventing the record-keeping practices of insurance institutions and support organizations from trespassing on his privacy interests. Armed with them, he can exert constructive pressure upon an insurer or agent. Even where the abuse concerns an insurance-support organization, pressure will be most effective on the insurer or agent, because the individual has a direct relationship with them, and because the prospect of adverse publicity that could affect the insurer's position in the marketplace provides the insurer with more incentive to be responsive than the support organization.

Overall, the Commission believes that the strategy it proposes for implementing these recommendations is a reasonable and practical one in that it:

  • uses existing regulatory and legislative mechanisms to the maximum extent possible;
  • keeps the cost of administration and compliance at acceptable levels;
  • provides inducements to comply willingly so that disputes over compliance can be kept to a minimum; and
  • provides reasonable protection against liability for unintentional failure to comply, coupled with appropriate penalties for willful failure to comply.

As previously noted, because insurance is regulated primarily by State Insurance Departments, the Commission believes that the responsibility for implementing some of its recommendations should be properly lodged at the State level. In addition, the personal-data record-keeping practices of insurance institutions are also regulated to some extent by the Federal Fair Credit Reporting Act which the Commission believes is the proper vehicle for implementing recommendations that aim to strengthen the insurance relationship by eliminating artificial distinctions between the record-keeping practices of insurance institutions and the record-keeping practices of their support organizations. Finally, for reasons that are fully elaborated in Chapter 9 on government access to records about individuals maintained by organizations in the private sector, the Commission has concluded that the enforceable expectation of confidentiality it recommends must be implemented by Federal statute.

It should be noted, moreover, that the recommendations to be implemented by Federal statute, including those that would be implemented by amending the Fair Credit Reporting Act, give the individual actionable rights against insurance institutions and support organizations. The Commission has explicitly rejected the establishment of a Federal regulatory structure that could be quite costly both to the taxpayer and to the insurance industry. Instead, by making those who do not comply civilly liable for their failure to do so, and by making it comparatively easy for such actions to be brought, the Commission believes that a strong incentive for systemic reform will be created without subjecting those who favor reform to unnecessarily costly government regulation. The burden will fall on those who by their actions willfully and repeatedly disregard their responsibilities rather than on those who make a good faith effort to comply fully. In short, the implementation of the Commission's recommendations is designed to place an increasing financial burden on those companies who encourage costly disputes by resisting openness, or who fail to adopt reasonable procedures to control the collection, use, or disclosure of records about individuals.

Finally, insurance institutions should not be unduly exposed to liability which arises only because of the openness of the process. The objective of the Commission's recommendations is to cleanse the system of decisions based on inaccurate or incomplete information; not to create windfall recoveries for bad information or practices of the past.

Definitions for some of the terms used in the recommendations and discussion which follow may be found in the glossary at the end of this chapter.


The Commission's first three recommendations address the scope and character of the inquiry to which an insurer may require an individual to submit as a condition of establishing or maintaining an insurance relationship. Because insurance is concerned with the protection of individuals or personal property, the process of granting insurance coverage necessarily involves intrusions on personal privacy. The question is simply (or perhaps not so simply) how much of an intrusion and by what methods.


For some years now, controversies over the propriety of asking certain kinds of questions of an individual have generally centered on the relevance of the information sought to the decision to be made. For example, the Privacy Act of 1974 requires each Federal agency to limit its collection, maintenance, use and dissemination of information about individuals to that which "is relevant and necessary" to a purpose the agency is required to perform by statute or Executive Order.89 The California Insurance Department, relying on its authority to prevent unfairly discriminatory practices, investigates the relevance of certain items of information used by insurers doing business in the State and may prohibit the use of any item whose relevance to underwriting decisions or pricing cannot be demonstrated to the Department's satisfaction.

A related, and in many respects more difficult, question concerns inquiries which, while demonstrably relevant, are objectionable on other grounds. Legislatures may prohibit, and have prohibited, the use of certain items of information on fairness grounds. Race, for example, has been excluded as an eligibility or rating criterion for life underwriting even though its relevance to life expectancy can be demonstrated.90 On the other hand, the Privacy Act of 1974 strives, not very successfully, to ban the collection and use of information pertaining to an individual's exercise of his First Amendment rights on the grounds that such inquiries by government agencies constitute an unwarranted invasion of personal privacy, i.e., that they fail the test not of relevance or fairness, but of propriety 91

Thus far, there have been few instances in which items of personal information have been proscribed on grounds of impropriety, i.e., unwarranted intrusiveness. In the insurance area, California has come close in proscribing the collection and use of information concerning "moral lifestyle."92 The California approach is almost unique among State insurance regulatory authorities and all the California Department's other investigations, except for "moral life-style," have turned on other issues, such as fairness. In some cases regulation has not been necessary because the impropriety of certain types of inquiries is universally recognized. An example would be collection of information about an individual from his priest, minister, or rabbi.

It should be noted, moreover, that fairness and propriety issues usually cannot be dealt with in the same way. As briefly discussed in Chapter 2, when. fairness is the overriding concern, such as in the Equal Credit Opportunity Act as amended, [15 U.S.C. 1691 et seq.], continued collection of certain information may be necessary to demonstrate that it is no longer being used to make decisions about individuals. For example, one cannot show that sex and race are not being systematically used to make credit decisions unless one can show that credit has been extended to women and minorities in proportion to their relative numbers in the credit grantor's market. And the most practical way to do that may well be to have the credit grantor record the sex and race of all applicants. This, however, is much different from situations where impropriety is the reason for proscribing information. There, the first act must be to prohibit collection, since the problem lies primarily in the asking of the question. Use may also be prohibited in such a situation but only to make sure that the information is totally excluded from the decision-making process.

The Commission believes that, in the future, society may have to cope with objections to the collection of certain information about an individual on the grounds that it is "nobody's business but his own." In some cases, these propriety issues may be resolved by prohibiting an inquiry on the grounds that it is irrelevant, but in others, where relevance can be demonstrated, proscription may be necessary on propriety grounds alone. In the Commission's view, questions of this nature are best resolved on a caseby-case basis. One must be concerned about undue government interference in such controversies. The Commission believes, moreover, that all such determinations must be prospective, so as to avoid retroactive punishment for behavior which at the time was wholly consistent with prevailing societal expectations and norms. However, the Commission also believes that institutional mechanisms are needed so that such questions can be raised and resolved.

Insurers have historically enjoyed considerable latitude in determining what information is and is not necessary to a given decision about an individual. Underwriting is far from an exact science. Moreover, industry spokesmen argue that the cost of collecting information is a powerful enough incentive to collect only relevant information. Yet others claim that insurance institutions collect a great deal of information whose relevance is questionable. Indeed, the industry has been criticized for not taking advantage of its actuarial and computer expertise to refine its relevance criteria.

To a large extent, the relevance-propriety issue in insurance stems from some insurers' belief that they should insure only those of "high moral character," and should shun those whose mode of living differs from what society considers normal. In a society as diverse as ours, however, determining what "society considers normal" is no easy task, and relying on the independent judgment of underwriters to make this determination has led to considerable difficulties.

The Commission is mindful of the complexities that lie beneath the surface of the relevance-propriety issue in the insurance area. It is aware that a few States have taken an interest in certain insurance-related inquiries. Most, however, have not. The Commission, moreover, is not fully persuaded that the problem can be handled exclusively through market mechanisms. Although Recommendation (5) (see below) seeks to set corrective market forces in motion, the necessity of insurance in today's society may make it difficult for individuals to make their objections felt. Furthermore, should there be sentiment in favor of banning a particular category of inquiry, irrespective of its relevance, some way will have to be found for society to estimate and consider the cost involved in such an action and the way in which the cost will be distributed. Thus, in light of all these considerations, and out of its desire to eliminate unreasonable invasions of personal privacy, the Commission recommends:

Recommendation (1):

That governmental mechanisms should exist for individuals to question the propriety of information collected or used by insurance institutions, and to bring such objections to the appropriate bodies which establish public policy. Legislation specifically prohibiting the use, or collection and use, of a specific item of information may result; or an existing agency or regulatory body may be given authority, or use its currently delegated authority, to make such a determination with respect to the reasonableness of future use, or collection and use, of a specific item of information.

To implement this proposal, the Commission recommends that each State Insurance Commissioner collect individuals' complaints and questions concerning the propriety of particular types of inquiries, prepare periodic summary reports on the number of questions and complaints by category, and make them available to legislative bodies. If already authorized by the legislature, the Commissioner may take action. In California, for example, the legislature empowered the Commissioner to promulgate rules and regulations under the unfair trade practices article of the State insurance laws and the Commissioner then used that authority to declare discrimination based on sex, marital status, or sexual orientation a prohibited practice.93[§790.03 and 790.10 of the California Insurance Code]. The rules the Commissioner adopts may prohibit the use of certain information in one line of insurance but not in another. Furthermore, within a given line of insurance, the Commissioner might allow certain information to be used as the basis for rating or determining risk, but not unless it has an impact on one or the other. For example, inquiry into the fact of cohabitation might be relevant in determining use of a vehicle, a valid rating criterion, but the mere fact of cohabitation, unrelated to vehicle use, could not be the basis of an underwriting or rating decision.

Currently, most Insurance Commissioners could address the use of irrelevant information under their general authority to hold hearings and issue cease and desist orders in connection with undefined unfair trade practices. The Commission believes, however, that the rule-making technique is fairer and more effective than looking one at a time at possible violations of a general prohibition against unfair trade practices. Not only will more insurers than the one offender have a say in the wisdom of the Commissioner's proposed prohibition, but the Commissioner's decision will only be subject to the narrow judicial review generally applied to rulemaking decisions. The Federal Insurance Administrator could also collect the reports compiled by the State Insurance Commissioners and periodically report on them to the Congress.

An alternate and not mutually exclusive suggestion is that the Federal Insurance Administrator, or another appropriate Federal entity, collect complaints concerning the propriety of insurance inquiries directly from individual consumers and from time to time report and make recommendations on them to the Congress. It is not recommended, however, that the Federal Insurance Administrator have the rule-making authority urged for State Insurance Commissioners, since regulation of information practices within the insurance industry is currently a State function.


As indicated earlier, Factual Service Bureau obtained some of its information through pretext interviews or other false or misleading representations.94 A pretext interview is one in which the inquirer (1) pretends to be someone he is not; (2) pretends to represent someone he does not; or (3) misrepresents the true purpose of the interview. Mere silence on any or all of these points would not normally constitute a pretext interview. Indeed, an investigator could refuse to identify himself, his client, or the purpose of the inquiry, letting the person of whom the inquiry is being made infer whatever he wishes from such behavior. Nonetheless, an investigator dressed in a white lab coat making inquiries of a clerk in a hospital medical records room would be conducting a pretext interview if he allowed the clerk to assume he was a properly credentialed medical professional.

As pointed out in several chapters of this report, the Commission believes that some investigative practices are unreasonably intrusive, or at least have a high potential for depriving an individual of even a modicum of control over the disclosure of information about himself. An investigator conducting a pretext interview clearly raises that prospect. Thus, out of its desire to prevent unreasonable invasions of privacy resulting from the techniques used to collect information about individuals, the Commission recommends:

Recommendation (2):

That the Federal Fair Credit Reporting Act be amended to provide that no insurance institution or insurance-support organization may attempt to obtain information about an individual through pretext interviews or other false or misleading representations that seek to conceal the actual purpose(s) of the inquiry or investigation, or the identity or representative capacity of the inquirer or investigator.

This recommendation would apply to all insurance inquiries-whether for underwriting or first- or third-party claims. The prohibition would be enforceable by the Federal Trade Commission (FTC) against organizations that collect information by means of pretext interviews. An organization would be able to defend itself against an FTC action on the basis that it had k, taken reasonable steps and instituted reasonable procedures to prevent such activity. The use of pretext interviews should be made a civil offense, punishable by fines and cease and desist orders.


The reported practices of Factual Service Bureau also raise a legitimate concern about the care with which insurance institutions select and use the services of support organizations. An institution should not be totally unaccountable for the activities of others who perform services for it. The Commission believes that an insurance institution should have an affirmative obligation to check into the modus operandi of any support organizations it uses or proposes to use; and that if an insurance institution does not use reasonable care in selecting or using such organizations, it should not be wholly absolved of responsibility for their actions. Moreover, a like obligation should obtain where one support organization uses the services of another.

Currently, the responsibility of an insurance institution for the acts of a support organization depends upon the degree of control the insurance institution exercises over the support organization. Most insurance-support organizations are independent contractors who traditionally reserve the authority to determine and assure compliance with the terms of their contract. Thus, under the laws of agency, an insurer may be absolved of any liability for the illegal acts of a support organization if those acts are not required by the terms of the contract 95 In the Commission's opinion, the Factual Service Bureau case illustrates why this is not desirable. Accordingly, to deal with the responsibility of the institution that uses others to gather information about individuals for its own use, the Commission recommends:

Recommendation (3):

That the Federal Fair Credit Reporting Act be amended to provide that each insurance institution and insurance-support organization must exercise reasonable care in the selection and use of insurance-support organizations, so as to assure that the collection, maintenance, use, and disclosure practices of such organizations comply with the Commission's recommendations.

If it could be shown that an insurance institution had hired or used a support organization with knowledge, either actual or constructive, that the organization was engaging in improper collection practices, such as pretext interviews, an individual or the Federal Trade Commission could initiate action against both the insurance institution and the support organization and hold them jointly liable for the support organization's actions.



As a general objective guiding the personal-data record-keeping practices of insurance institutions and their support organizations, the Commission recommends:

Recommendation (4):

That each insurance institution and insurance-support organization, in order to maximize fairness in its decision-making processes, have reasonable procedures to assure the accuracy, completeness, and timeliness of information it collects, maintains, or discloses about an individual.

Subsection 3(e)(5) of the Privacy Act of 1974 requires each Federal agency to

collect, maintain, use and discloses 96 all records which are used by the agency in making any determination about any individual with such accuracy, relevance, timeliness, and completeness as is reasonably necessary to assure fairness to the individual in the determination.

This provision is a requirement on management wholly independent of the rights the Act gives an individual. For a Federal agency whose administrative procedures are subject to congressional oversight, it s an appropriate requirement.97 The same, however, cannot be said of its applicability to the private sector.

As pointed out in Chapter 1, the Commission believes that the mix of rights and obligations its private-sector recommendations would establish are in themselves incentive enough to foster the kind of management attention to personal data record-keeping policy and practice that subsection 3(e)(5) of the Privacy Act requires. Thus, the Commission does not recommend that Recommendation (4) be incorporated in statute or regulation. Rather it envisages Recommendation (4) being implemented automatically as a consequence of the adoption of the other recommendations in this section, particularly Recommendations (10), (11), (12), (13), and (16), on access, correction, adverse decisions, disclosure of information from proper medical sources, and Recommendations (5), (6), and (17), on notice and disclosure.

The adoption of these recommendations will promote the maintenance of reasonable procedures by insurance institutions to assure the accuracy, completeness, and timeliness of information and provide a means whereby information collected, maintained, or disclosed may be corrected or updated by the individual.