In addition to the steps necessary to put our recommendations into effect, there are some further steps the Department can take to assure that the goals of the recommendations are fully achieved. These include:
- Communicating opposition to any proposal for the adoption of any nationwide, standard, personal identification format, with or without the SSN, that would enhance the likelihood of arbitrary or uncontrolled linkage of records about people, particularly between government or government-supported automated personal data systems;
- Making comments on proposed Federal legislation having implications for personal privacy in record keeping which will seek to assure incorporation in such legislation of safeguard requirements of the kind recommended in this report for all automated personal data systems;
- Encouraging attention in all forms of educational activity to the individual citizen's stake in his personal privacy, to the practical exercise of his rights with respect to the records maintained about him, and to the social impact of computerbased record-keeping systems;
- Supporting research on the use and impact of computerbased record-keeping systems in such areas as education, health services delivery, public assistance, juvenile delinquency prevention, and community mental health;
- .Encouraging the development of standards of ethical behavior and professional competence for data-processing personnel;
- Enhancing the capacity of the Federal government to design and develop computer-based record-keeping systems without reliance on outside specialists;
- Monitoring the application of the safeguard requirements to determine whether they are having their intended effect and, most important, whether they are themselves a source of any adverse social consequences;
- Cooperating with the States in developing uniform State legislation to establish the recommended code of fair information practice for all automated personal data systems that would not be reached by Federal legislation. Among the organizations through which such cooperation might be undertaken are the National Conference of Commissioners on Uniform State Laws, the Advisory Commission on Intergovernmental Relations, the Council of State Governments, the National Governors Conference, the National Legislative Conference, and the National Conference of State Legislative Leaders.
- Urging the Office of Management and Budget to direct all Federal agencies to require their grantees and contractors to operate automated personal data systems with all the safeguards we recommend for systems supported by the Department. In the interest of convenience and simplicity for grantees and contractors, the Office of Management and Budget might prescribe government-wide grant and contract conditions incorporating the safeguard requirements we recommend, just as it now prescribes conditions in such areas as intergovernmental planning and financial management. While such action may not be feasible until there has been some experience in applying the safeguard requirements, we would expect to see the Department take a lead role in promoting uniform, government-wide safeguard requirements for automated personal data systems of Federal grantees and contractors.