The Privacy Act of 1974 restricts the circumstances under which agencies of the United States government may disclose information about an individual without that individual's consent. It was passed by the United States Congress following revelations of the abuse of privacy during the administration of President Richard Nixon, as Public Law No. 93-579, 88 Stat. 1897 (Dec. 31, 1974).
The Privacy Act was amended by the Computer Matching and Privacy Act of 1988[1].
Congress later enacted the Computer Matching and Privacy Protection Amendments of 1990 (Pub. L. No. 101-508), which further clarified the due process provisions found in subsection (p). Dept. of Justice, Overview of the Privacy Act of 1974, 2010 Edition[1].
The Privacy Act states in part:
No agency shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains....[1]
There are specific exceptions for the record allowing the use of personal records[2]:
* For statistical purposes by the Census Bureau and the Bureau of Labor Statistics * For routine uses within a U.S. government agency * For archival purposes "as a record which has sufficient historical or other value to warrant its continued preservation by the United States Government" * For law enforcement purposes * For congressional investigations * Other administrative purposes
The Privacy Act mandates that each United States Government agency have in place an administrative and physical security system to prevent the unauthorized release of personal records.
The Computer Matching and Privacy Protection Act of 1988, P.L. 100–503, amended the Privacy Act of 1974 by adding certain protections for the subjects of Privacy Act records whose records are used in automated matching programs. These protections have been mandated to ensure:
* procedural uniformity in carrying out matching programs; * due process for subjects in order to protect their rights, and * oversight of matching programs through the establishment of Data Integrity Boards at each agency engaging in matching to monitor the agency's matching activity.
The Computer Matching Act is codified as part of the Privacy Act.[3]
The Privacy Act also states:
Each agency that maintains a system of records shall—
1. upon request by any individual ... permit him ... to review the record and have a copy made of all or any portion thereof in a form comprehensible to him ... 2. permit the individual to request amendment of a record pertaining to him ...[1]
The Privacy Act does apply to the records of every "individual," [4] but the Privacy Act only applies to records held by an "agency."[5] Therefore the records held by courts, executive components, or non-agency government entities are not subject to the provisions in the Privacy Act. You have no right to these records, or at least no right protected by Congressional statute. [6]