The Privacy Act of 1974: An Assessment. APPENDIX 4 TO The Report of The Privacy Protection Study Commission.. Annual System Notices

01/07/1977

Subsection 3(e)(4) of the Act requires each agency that maintains a system of records to publish in the Federal Register at least annually a notice of the existence and character of the system, which notice shall include-

(A) the name and location of the system;
(B) the categories of individuals on whom records are maintained in the system;
(C) the categories of records maintained in the system;
(D) each routine use of the records contained in the system, including the categories of users and the purpose of such use; (E) the policies and practices of the agency regarding storage, retrievability, access controls, retention, and disposal of the records;
(F) the title and business address of the agency official who is responsible for the system of records;
(G) the agency procedures whereby an individual can be notified at his request if the system of records contains a record pertaining to him;
(H)the agency procedures whereby an individual can be notified at his request how he can gain access to any record pertaining to him contained in the system of records; and how he can contest its content; and
(I)the categories of sources of records in the system . . . . j 5 U.S. C. 552a(e)(4)]

As of December 31, 1976, 97 agencies had filed notices on 6,753 systems containing 3.85 billion records.16 The preceding year 86 agencies filed notices on 6,723 systems.17 Of those, 58 percent (3,908) were maintained by three agencies: the Department of Defense (2,145); the Department of the Treasury (932); and the Department of Health, Education, and Welfare (831). Twenty Cabinet departments and major independent agencies accounted for 87 percent of all notices published in 1975.18

In the President's first annual report to the Congress, the Office of Management and Budget (OMB) analyzed the agency notices as follows:

  • Sixty-eight percent of the personal data systems maintained by Federal agencies are for in-house agency administrative purposes containing principally information pertaining to Federal employees. However, the number of individuals on whom records are maintained in these systems accounts for only 19% of the total number of individuals.
  • Thirty-one percent of the personal data systems maintained by Federal agencies, representing 81% of the records main-tained on individuals, are in support of the operation of various Federal programs. Of these slightly less than half (13% of the systems - 37% of individual records) are in support of programs which provide various forms of assistance to the American public which are described in the Catalog of Federal Domestic Assistance.
  • More than half of the 3.1 billion individual records main-tained for program purposes, however, are contained in only nine systems. These are two Census systems (406 million records), two Social Security systems (480 million records) and five Treasury Department systems (730 million records).19

OMB also attempted to assess the extent of computerization. According to the 1975 annual report:

  • Seventy-three percent . . . of the personal data systems operated by Federal agencies are totally manual systems which do not employ any computer technology.
  • The remaining 27% of the personal data systems are fully or partially automated (only 11% are categorized as fully automated). However, more than 81% of the total individual records maintained are contained in these systems since the larger systems, such as those operated by the Census Bureau, the Social Security Administration and the Internal Revenue Service, necessitate the use of computer technology.
  • The average number of records in either fully or partially automated systems is 1,732,000 while the average number of records in manual systems is only 142,000.20

In identifying systems as required by subparagraph 3(e)(4)(A) of the annual notice requirement, agencies have by and large tried to be specific. In a few instances, the system notices are all-encompassing, a good example being the one on the FBI Central Records System (Justice/FBI-002),21 which says that the "system" includes records on:

individuals who relate in any manner to official FBI investigations . . .; applicants for and current and former personnel of the FBI and persons related thereto . . .; applicants for and appointees to sensitive positions in the U.S. Government and persons related thereto . . .; individuals who are the subject of unsolicited information, who offer unsolicited information . . .; individuals associated with administrative operations or services including pertinent functions, contractors and pertinent persons related thereto.22

Most-systems, however, are specifically identified, with the main difficulties lying in the other parts of the notice.

According to the OMB Guidelines, the subparagraph 3(e)(4)(B) requirement that an agency describe the categories of individuals on whom records are maintained is intended ". . . to enable an individual to determine if information on him might be in [the] system."23 Yet, an individual would often be hard pressed to figure out from a system notice whether the system is likely to contain a record on him. OMB's instruction that descriptions of categories of individuals should be "clearly stated in nontechnical terms understandable to individuals unfamiliar with data collection techniques" has apparently been difficult for the agencies to follow and, in other cases, an agency has given an individual less help than it could. The FBI Central Records System, for example, includes various indices that tell where information on an individual is located or list all individuals named in a particular subsystem, but its annual notice does not reveal the existence of such indices or how they may be used.

Specificity and nontechnical terminology are similarly called for in the OMB guidance on describing the categories of records maintained in a system (subparagraph 3(e)(4)(C) of the notice requirement), but the systems that best fulfill that objective are those for which information is collected on forms that can be described in the notice.

Most descriptions of routine uses (subparagraph 3(e)(4)(D)) are quite general, not only in describing the disclosures that are made but also in describing the users and purposes. As discussed in Chapter 2, moreover, the Act's routine-use requirements apply only to external disclosures of information so one often learns little from a system notice about an agency's all-important internal uses of the records the system contains. Some agencies, such as the Civil Service Commission, the Federal Home Loan Bank Board, and the Department of Interior voluntarily include internal uses in the routine-use section of their annual notices, but their practice is not typical.

The Federal Register format for publishing a system notice includes a place to cite the authority for maintaining the system, but the Act does not require an agency to cite it, and generally, the agencies have cited their enabling statutes that delineate their missions and powers but not their authority to maintain a particular system of records.

With respect to the required description of records maintenance policy and practice (subsection 3(e)(4)(E)), the majority of notices state that access is limited to "authorized personnel" who have a "specific, job-related purpose." Access controls are seldom described in any detail. For manual systems, physical security measures, such as locked file cabinets and guarded buildings, are usually described. For automated systems, the notice typically describes physical security arrangements and states that a code is required for access. Normally this part of the notices also tells how long the records are to be maintained. The responsible official (subparagraph 3(e)(4)(F)) is generally identi-fied quite adequately, and the description of categories of sources (subpara-graph 3(e)(4)(1)) usually give a general picture of how an agency goes about gathering information on an individual. Some systems, however, are exempt from the requirement to describe categories of sources. The procedures for getting access to a record and correcting or amending it (subparagraphs 3(e)(4)(G) and (H)) are considered below in the discussion of "agency rules."

From the agencies' point of view, the annual notice requirement has proved to be a useful management tool. In preparing its more than 2,200 annual notices, the Department of Defense (DOD) decided to discard approximately 15 percent of its forms for collecting information about individuals,24 and officials of the United States Postal Service (USPS) indicate that implementation of the Privacy Act is enabling them for the first time to "get a handle" on record-keeping practices in thousands of USPS field offtces.25 From the individual's point of view, however, it leaves much to be desired. Overall, it would appear that the greatest problem with the agencies' system notices is their vagueness and inaccessibility to the ordinary citizen. To help solve the latter problem, the Office of the Federal Register published a special five-volume compilation of system notices entitled, Privacy Act Issuances,26 but it is very difficult to use because the order in which notices are presented is without apparent logic.