Fair Finanical Information Practices Act

Senator TSONGAS. Let me just ask one other question. That is, indeed, we are becoming a credit-oriented society, even if we discount, as you said, inflation, GNP, and substitution. Do you see any trends that people are, in a sense, on their tippy-toes and want to pull back from that?

Mr. GELLER. No. As you know-it was in the paper today-Ben Stein said, "Borrow, borrow, borrow." If you borrow today, you pay back with inflated dollars tomorrow, unfortunately.

So, I think, as far as the consumer is concerned, if he can get it, he will go more and more toward credit because in an inflationary period-we are in an inflationary period-you're better off borrowing and paying back tomorrow than you are saving in the bank. Senator TSONGAS. I appreciate your sentiment. I will quote you now on that. [Laughter.]

Mr. GELLER. My role is a very narrow one, and my expertise is

very narrow.

Senator TSONGAS. Anyway, I appreciate your coming. I look forward to receiving that government-access section from you. Thank you very much.

[Whereupon, at 11:25 a.m., the hearing was adjourned.]

[Additional material received for the record, including copies of bill being considered at this hearing follow in the Appendix:]

FAIR FINANCIAL INFORMATION PRACTICES

ACT

TUESDAY, APRIL 22, 1980

U.S. SENATE,

COMMITTEE ON BANKING, HOUSING, AND URBAN AFFAIRS,

SUBCOMMITTEE ON CONSUMER AFFAIRS,

Washington, D.C.

The subcommittee met at 10 a.m., room 5302, Dirksen Senate Office Building, Senator Paul E. Tsongas (chairman of the subcommittee) presiding.

Senator TSONGAS. The committee will come to order.

OPENING STATEMENT OF SENATOR TSONGAS

Senator TSONGAS. Let me for the record acknowledge today is Earth Day. I hope 10 years from now there's a Senator here to say that.

This morning's hearing is the first of three remaining hearings related to title I and the amendments to the Fair Credit Reporting Act, title II.

While the Fair Credit Reporting Act, enacted in 1970, has certainly proven its value, the sponsor of the act as well as S. 1928, Senator Proxmire, has long recognized the need to strengthen the law.

During the past decade, we have witnessed a tremendous growth in the extension of consumer credit. Yesterday's standards are no longer adequate to deal with the threat to the privacy of individuals represented by the fact that the technological advances that have accompanied this explosive credit growth have in turn made detailed personal information instantaneously available from a myriad of records collected on individuals by business.

The Privacy Commission amply documented the deficiencies in the Fair Credit Reporting Act in its landmark report issued in 1977. Title I of this proposed legislation seeks to remedy many of these problems.

Title II also seeks to implement the recommendations of the Privacy Commission as they applied to creditors-the primary link in the information chain to credit reporting agencies. This title would impose standards for accuracy and reinvestigation as well as a statutory expectations of confidentiality.

For too long, creditors have managed to insulate themselves from any substantial degree of liability for informational practices which may cause considerable harm and aggravation to individuals.

I fully recognize the legitimate needs of business for the cost effective exchange of personal information in our society. At the same time, the credit industry must come to recognize the growing

(155)

need to safeguard personal privacy in the face of advancing technology. These two basic needs can and must reside in some degree of harmony.

I feel confident that if all the interested parties approach the development of a national privacy formula with a positive, constructive attitude, then we shall manage to enact legislation that will fairly balance the legitimate needs of business and the individual.

There is no question that this legislation was shaped in large part by the recommendations contained in the final report issued by the highly respected Privacy Protection Study Commission. We are, therefore, quite fortunate to have as our leadoff witness today, the Chairman of the Commission, Prof. David Linowes.

Mr. LINOWES. Good morning.

Senator TSONGAS. I'm going to inquire as we go through if that's acceptable to you.

Mr. LINOWES. Good.

Senator TSONGAS. I might add for the record that we will break some time before 1 o'clock and if we haven't gone through the witnesses we will reconvene at 2.

I have read your statement and it's a short statement. You can read through it. I don't think that will be too taxing.

STATEMENT OF DAVID LINOWES, PROFESSOR OF POLITICAL ECONOMY AND PUBLIC POLICY, UNIVERSITY OF ILLINOIS Mr. LINOWES. I think in order to put things in perspective, Mr. Chairman, with your permission, I'd like to read it through. This can be accomplished in 15 minutes or so and then I'd be pleased to respond to any questions you might have, or to elaborate areas in which you would like more comments.

As former Chairman of the U.S. Privacy Protection Study Commission, I am pleased to be invited to participate in this hearing on the need for information privacy legislation. As you know, after 2 years of investigations, we had become convinced that basic legislation is necessary. I would like, therefore, to share with you the substance of our analyses and findings which led us to that conclusion.

EROSION OF INFORMATION PRIVACY

From 1975 to 1977 we examined rather deeply into the erosion of information privacy in our society. Almost from the outset we found that most Americans had little knowledge or understanding of what was going on in data collection by organizations. This revelation gave us unexpected insights into the real dimensions of the personal privacy problem.

Before the advent of the computer, the bulk of personal records accumulated by a particular company remained in the files of that organization. There was no mass transfer of information, if for no other reasons than those of cost and physical inaccessibility. Retrieval of 1 record out of 1 million could take many months. Further, because it had always been costly to accumulate data most of it was promptly disposed of after it was used. Today, data storage is cheap; 60,000 bits of information can be stored away indefinitely in a piece of silicon the size of the head of a pin, and more recent

development now brings that to a million pieces on about a square inch.

Unlimited amounts of personal data are being accumulated by scores of organizations and fed into data banks. Much of it is being shared with others often without the knowledge of the individual concerned. With split-second retrieval, anything that is ever recorded about a person becomes immediately available; and with computer-to-computer linkage anything put into the data bank of one organization can be tied together with another organization's data bank. It is this linkage which has the potential for creating one of the greatest threats to the privacy of the individual and eventually our way of life.

Especially in our developing computerized society, most Americans are unaware of the recordkeeping practices of private organizations, and the uses made of the personal information that is supplied to those organizations. Because people are largely unaware of what happens when they apply for credit, take out insurance, open a bank account or go to the doctor, they are unable to exercise control, or even determine if they want to exercise any control over that information.

Senator TSONGAS. You don't have any problem with the evolution of the computer age, do you?

Mr. LINOWES. None whatsoever. As a matter of fact, I think we should encourage it, but like so many great technological breakthroughs in history, we have to recognize the good and the bad. We are fortunate at this juncture to have the opportunity to consider all sides, prior to the time harm results. Perhaps if we had had a comparable commission investigating the potential problems with automobile pollution they would have developed a different engine, and we wouldn't now be faced with companies forced to invest hundreds of millions and perhaps billions of dollars in order to correct the abuse that inadvertently developed.

Whenever there's a technological breakthrough, whether it's the printing press, the steam engine or whatever, society has to readjust itself. I think we should build in the restraints now with laws that keep up with the computer age.

Senator TSONGAS. What you're arguing is for a channeling of technology, not the destruction?

Mr. LINOWES. Precisely. There is another element that's entered into all of this. Leading computer scientists testified before the Privacy Commission that technology has not yet given us the ability to control the unauthorized access to a data bank. Therefore, we have to deal with principles-principles of law, principles of procedures, rather than try to put restrictions on the kind of technology we have. I might add this approach should prevail even if we had that control technology.

Senator TSONGAS. Does anybody think they can develop that kind of technology. Any system you can develop, I would think, would be somehow shortcircuited so that if anybody could develop a system there would be somebody else who could develop a way of getting around the obstacles.

Mr. LINOWES. I have been talking to physicists and computer scientists, and they tell me they can develop devices that after a period of time would automatically self-destruct information within

a data bank. Apparently that is technologically feasible. If you don't have the data you don't have to worry about protecting it. But, you would still have to have laws requiring that it be destroyed.

Senator TSONGAS. If you have a million pieces on one of those little chips, why would any company be at all interested in destroying it?

Mr. LINOWES. They would not, and that is what creates one of the problems today. During the manual era destruction was, in effect, a privacy safeguard. Today there's no practical reason for an organization to want to destroy material. As a matter of fact, some even argue that it's cheaper to store data than to destroy it. But for the protection of the individual destruction is desirable. When data is stored, you never know where the information will end up, who might want to use it for purposes different from those for which the information was collected.

This is one of our problems. We have so much sensitive personal information that's been injected into the data stream of business and government today by linking these together you're able to develop a rather precise profile on a person. You can find out how a person thinks if you identify what influences him. He is then bombarded with letters that appeal to him. We see this going on in this year's election. There are well-organized, well-orchestrated campaigns which pinpoint the particular interests of the person. Incidentally, the profile can be quite precise. We now do have the means of getting rather exact profiles quickly because of the computer.

NEW TECHNOLOGY BEING ABUSED

Senator TSONGAS. Did your Commission do any worst case scenarios of how this new technology could be abused?

Mr. LINOWES. We know for a fact it's being abused. Some of this information has been abused.

Senator TSONGAS. I mean a worst case scenario. There will be a number of instances related today. But what happens if you do have systems like that without the proper safeguards of the Government, for example?

Mr. LINOWES. In that regard, Government and big business are alike because there is a constant interlacing and interlocking. The most common abuse that came to our attention was that of errors in the records.

If there is an error in the computer data bank record about you or me, this error can be propagated a hundredfold almost instantaneously. It's almost impossible to correct that record. As a matter of fact, a survey conducted at the University of Illinois points out that most institutions do not even bother to try to track down where the incorrect information went so the recipients of the errors might be notified. Under those circumstances decisions are being made about us based on faulty information.

Senator TSONGAS. Well, we are going to hear an example of that later on, so why don't we continue.

Mr. LINOWES. I'd like to stress here that when it comes to financial institutions, Americans have long believed that the details of their personal finances are nobody's business but their own. They

« Previous Continue »

Books

Fair Finanical Information Practices Act: hearings before the Subcommittee ...