The Privacy Act of 1974: An Assessment. APPENDIX 4 TO The Report of The Privacy Protection Study Commission.. Chapter 2. The Information Management Requirements.


In addition to bringing Federal agency record-keeping policy more into the open, and giving individuals certain participatory rights with respect to agency record-keeping practices, the Privacy Act of 1974 requires the agencies to assume some new information management responsibilities. On the theory that most agency records about individuals ought to be made and kept for purposes of mutual interest between the agencies and those individuals to whom the records pertain, but that the agencies have had few incentives to keep their record keeping within that shared framework, the Act seeks to establish some basic ground rules regarding the acquisition, retention, and dissemination of individually identifiable records.

This chapter describes what those ground rules are, assesses their impact on agency policy and practice, and attempts to explain why some of them have not had the effect they were expected to have. The chapter explores three topics: (l) the impact on collection; (2) the impact on the type and quality of information maintained; and (3) the impact on disclosure to third parties. Like Chapter l, the picture it presents is a mixed one. Clearly, .the Act's impact has been far less resounding than prevailing opinion would suggest but there are signs nevertheless that the Act could be quite effective if it were refined and strengthened.