The use of automated personal data systems to generate mailing lists deserves special comment. Ordinarily such use entails no perceptible threat to personal privacy. Even among individuals who strongly object to receiving quantities of so-called "junk mail," most would probably concede that their objections are not founded on any substantial claim that personal privacy has been invaded. Indeed, it is hard to see how the mere delivery of an item of mail to an individual, even though it is addressed to him by name, in itself entails an offensive or harmful disclosure or use of personal data.
More important than the end use of the mailing list itself is the question of the original source of the personal data from which the list was originally assembled. In most cases, commercial mailing lists are made up of names and addresses gathered during the course of commercial transactions. In the most typical case, buying an item through the mail assures that the buyer's name will be added to the list of a commercial dealer in names, and that the list will in turn be sold, rented, and traded through a chain of further commercial mailers. This exploitation of names may occasionally be irritating, but there is little potential for substantial disclosure of closely held personal information, since nothing beyond name and address was probably revealed in the first place.
A more serious threat to personal privacy arises when mailing lists are compiled from sources that have nothing to do with commercial interests-the membership list of a professional society, the faculty roster of a college, or the donor list of a charity. In these cases, data furnished for one purpose are being used for another, and even though the original source may not have contained more than the name and address, the mere fact of being on the list may reveal something about one's private life.
More serious still are lists derived from actual administrative data systems. There is the strong probability that the original source contained data that might well be intensely personal and that names will be selected for mailing lists on the basis of such data. The data files for driver licenses, for instance, usually contain medical information on disabilities. The administrative files of schools contain grades and other personal items. Any use of files such as these for any but the original intention carries a clear danger of exploitation of truly private personal information.
The Committee staff studied the structure and practices of the mailing-list industry to gauge the threats to personal privacy that could arise from that source, as well as to examine the applicability of the safeguard requirements to the industry. The report of the study is presented in Appendix H; an abstract of its conclusions, which we fully endorse, is given here:
An underlying function of the Advisory Committee's recommended safeguards is to provide effective feedback mechanisms that will help to make automated personal data systems more responsive to the interests of individuals. Systems maintained by most government agencies, and by many private organizations, do not provide for tight links between individuals and the system operators. The direct-mail industry, however, is largely organized around the idea of public feedback; the trade press concentrates almost obsessively on methods for maximizing response and minimizing complaints.
Because most mailings draw a response from only 3 or 4 percent of the addressees, a small change in the response rate can have relatively large economic implications for the mailer. The same is true for the compilers and brokers of mailing lists, because the price a list commands in the rental market depends not so much on its demographic sophistication as on its accuracy and freshness. Lists are cleaned by adding a special imprint to the mailing which gives the Postal Service authority to correct and return (at first-class rates) all undeliverable pieces. Since it costs about four times as much to discover and correct a "nixie" as it does to make a clean mailing in the first place, there is a powerful economic incentive to concentrate lists on known buyers at addresses of known accuracy.
Another feedback mechanism operates on the industry as a whole. Direct-mail advertising is strongly dependent for survival on the official good will of a large number of agencies of the government; opposition from the Postal Service, from motor vehicle registrars, or from the Census Bureau, to name a few examples, would seriously hamper the industry on its present scale. It seems likely that a scandal involving public records, or the development of a public allergy to direct-mail advertising, would lead to govemment moves to put constraints on the industry.
Constructive publicity toward emphasizing the rights of the individual relative to direct-mad advertising, especially the methods the industry has adopted for getting off and getting on the larger lists, would go far in strengthening these feedback mechanisms that already operate. In particular, the Direct Mail Advertising Association's Mail Preference Service deserves wider attention.
If feedback mechanisms stronger than those provided by the economics of the industry should become desirable, there would be formidable practical difficulties in applying the Committee's safeguards to the freewheeling small operators of the direct-mail industry. The most directly applicable of the Committee's safeguards is the requirement for the informed consent of the data subject to be obtained before any collateral use may be made of data from an administrative personal data system. To accomplish this, forms that are used by the system in transactions with individuals (applications, for example) and that are vulnerable to mailing-list uses, could be printed with a block in which the individual-by his deliberate action-could indicate whether or not his name and address could be sold or otherwise transferred to another data system for mailing-list use. Of course, this could not prevent his name and address from being copied by hand out of a public record system, but the cost of such handcopying would sharply curtail much commercial use.
In view of the controls already at work in the direct-mail advertising industry, this limited application of the Committee's safeguards seems sufficient. It would provide protection to individuals from having their names unexpectedly appear on mailing lists without their consent. We doubt the utility and feasibility of trying to make the rest of the Committee's proposed safeguard requirements apply to the mailing list as such, as a form of administrative automated personal data system, or to organizations that deal only in mailing lists. If the control of mailing lists is to be undertaken by law, it should be done by legislation that is directed specifically to that purpose.
If the foregoing analysis of the situation underestimates the felt need for greater mailbox privacy, it would be feasible to undertake specific legislative action against the direct-mail advertising industry to provide greater protections, as the regulation of information practices in the consumer-reporting industry amply demonstrates.