If an agency record about an individual is inaccurate, there are three basic ways for it to get corrected: (1) the individual to whom it pertains can ask that it be corrected; (2) the agency can discover the error and correct it on its own initiative; or (3) a third party can supply information that brings the error to the agency's attention. (For simplicity's sake, amendments to records and statements of disagreement resulting from an agency's refusal to correct or amend a record are all being treated here as "corrections.")
Furthermore, when a record is, in fact, corrected there are numerous destinations to which the correction could be propagated. For example, it could be propagated to the sources of the erroneous information; to past
recipients of the erroneous information both within and without the agency; to all recipients to whom the agency provides the information in the future; and to recipients specifically designated by the individual. Obviously, there are many possible combinations of correction methods and destinations, but the Privacy Act ignores most of them. It does not require that any corrections be propagated to previous recipients of the erroneous information within the agency; does not require that corrections be propagated to sources; does not allow an individual to designate recipients to whom he would like to have corrections propagated; and does not require an agency to propagate automatically to anyone any correction it makes on its own initiative or that is precipitated by information it receives from a third party.
The OMB Guidelines attempted to cope with this situation by encouraging agencies
to provide corrected information to previous recipients, irrespective of the means by which the correction was made . . . [and] particularly when the agency is aware that the correction is relevant to the recipient's uses . . . .109
In other words, if OMB's guidance were followed, all changes except normal updates would be propagated to past recipients outside the agency. It appears, however, that OMB's guidance is not being followed because the guidance is general, the burden is high, and the agencies are under no obligation to comply.
From the individual's point of view, the most important problem stems from the Act's failure to require that corrections be propagated from one system to another within an agency. Federal employment and personnel
records, for example, frequently exist in multiple copies or in a variety of derivative record-keeping systems, so unless a correction is automatically propagated to all of them, an individual who arranges to get a record corrected in one place may still be plagued by uncorrected versions of it elsewhere. Propagating corrections internally, however, would make it necessary for an agency to maintain audit trails similar to the disclosure accountings currently required for external agency transfers, thereby adding to the accounting burden about which the agencies now complain so bitterly.
One way to reduce the existing burden would be to give the individual a role to play in determining when a correction should be propagated and to otherwise relate the propagation of corrections requirement to a measure of its likely benefit to the individual. At present, there is no time limit or test for determining the importance to the individual of having a correction propagated; where a propagation must be made, it must be made for the life of the record. In the extreme case, if an agency knew that an employee's performance rating was incorrectly transmitted to another agency 20 years previously, when he was being considered for a job there, it would have to send the agency the corrected version even though the information could no longer have any bearing on the individual's employment situation. Indeed, the current propagation requirement could even result in the reopening of a file that had long ago been sent off to storage.
The Privacy Act also contains no provision requiring a correction to be propagated to the source of the error. When the source is an individual acting on his behalf this is probably unnecessary. But when the source is another agency, or another record system within the same agency, propagation can be an important safeguard against the repeated dissemination of inaccurate information.
Finally, it is frequently, and not illogically, assumed that correction of an error in an agency record automatically generates a review of any decision or determination that has been made on the basis of the erroneous information. Yet, as far as the Privacy Act alone is concerned, the assumption is unfounded; the Act contains no "right of reconsideration." That is, the Privacy Act by itself does not obligate an agency to reconsider or re-examine any decisions or determinations it has made about an individual on the basis of erroneous information, though statutory program requirements and constitutional due process standards may.
While the Commission staff encountered frequent comments on the question of whether or not a right of reconsideration ought to be included in the Act, the Commission reached no resolution of the issue. In most instances, a right of reconsideration is not needed in the Privacy Act, since an individual ordinarily has an avenue of administrative appeal in the program area for which the record in question is maintained. For example, once an individual has corrected his personnel record or his benefit eligibility record, he can employ existing administrative remedies to cause reconsideration of any decision or determination made on the basis of the previously inaccurate information. As records increasingly substitute for direct contact between an individual and an agency, however, and as the automatic propagation of corrections made by an agency on its own initiative becomes commonplace, it may be necessary to consider whether there are circumstances in which an individual should be notified that such a correction has been made so that he will be able to avail himself of the reconsideration rights and procedures available to him.