Special Guest Post by Robert Ellis Smith


We loved this article by Robert Ellis Smith, noted privacy expert and publisher, Privacy Journal, and republish it here with his permission.  Privacy Journal offers our readers a beginning rate of $65 for the next year, a 50 percent discount.  The newsletter is available in hard copy by U.S. mail or pdf by email.  Please place your order at  [email protected]

U.S. Protections Hard to See From Abroad

The British publication Privacy Laws & Business in its September issue published a chart showing 76 nations with federal data protection laws, listing a country “if it has a national law which provides, in relation to most aspects of the operation of the private sector, a set of basic data privacy principles, to a standard at least approximating the OECD [European] Guidelines, plus some methods of legislation-based enforcement (i.e. not only self-regulation).” The U.S., since 1974 has not subscribed to this methodology for protecting personal data by law; thus it was omitted from a list that includes Moldova, Chile, Ukraine, Bulgaria, Argentina, Turkey, and Russia. Here is a rebuttal by PRIVACY JOURNAL Publisher Robert Ellis Smith:

Omitting the United States from the chart of Global Data Privacy Laws [September 2011 issue] will lead many to believe that the U.S. has no worthy laws protecting personal privacy in the private sector. In fact that is not the case. To be sure, the U.S. has no “omnibus” data-protection law covering personal records of all types, but that may actually provide better opportunities for protecting privacy.

The U.S. enacted the Fair Credit Reporting Act in 1968, requiring fair information practices among credit bureaus and so-called consumer investigating firms nationwide. This was a half-decade ahead of Sweden’s pioneering national law. The FCRA was the first national law ever to limit the use of personal information and the first ever to require erasure of outdated negative information. Thereafter policymakers in the U.S. developed the Code of Information Practice, complementing and drawing from the codes being developed in Scandinavia and Germany.

A federal law in the U.S. in 1974 protected student information in private and public universities. Since then, the U.S. has enacted federal laws providing partial protections for records held by cable television providers, video-rental stores, and financial institutions. In 1996 it ex-

tended the code of fair information practice to hospitals, doctors‟ offices, clinics and other medical providers, whether private or public; at the time half the population was already protected by medical-privacy laws in many states. In 2009 the U.S. strengthened the federal protections.

 Protections Beyond FIP

Beyond that, in its legal protections of personal privacy, the U.S. has gone far beyond fair in-formation practices, as European nations have not done. In other words, federal privacy laws in the U.S. cover much more than the storage and use of personal information in data banks.

Its regime to limit electronic eavesdropping of telephone calls (including cell), email, Internet browsing, use of social media, paging devices, and transmission of electronic data is the most sophisticated and protective in the world, despite the Bush government’s abuse of wiretapping in collecting “national security” intelligence. A federal law punishes hacking into computers in the private and public sectors and using computers for illicit activity, something not addressed directly in nations with data-protection laws. The U.S. has a federal law and several state laws punishing illicit use of covert video technology by private persons. Its trade laws restrict import and export of privacy-threatening technologies.

The U.S. was the first nation to enact prohibitions against unwanted commercial telephone calls by private companies, the first to restrict hours and conditions of telephone solicitations, the first to prohibit use of so-called lie-detection technology, the first to declare that for a business to break its promises of confidentiality and rights of access on its Web site would be regarded as a violation of federal law. It was the first nation to restrict use of genetic materials by private businesses in employment and insurance decisions.

This list covers only the variety of federal laws with nationwide coverage. In addition, so many states have laws on identity theft, library confidentiality, and the right to breast-feed in public that is safe to say that a vast majority of the nation’s public is protected in these areas. It is true that consumers in the U.S. are yearning for more vigorous enforcement of the protections that are already on the books. But this is true elsewhere around the globe. In addition, Americans need protections in the collection and use of personal data by employers.

 Sector-by-Sector Approach

For political reasons, privacy protections have developed in the U.S. on a sector-by-sector basis. That can have its advantages. No omnibus law requires registration and paperwork for re-cord keepers where the consequences of dis-closure or even inaccuracy are minimal. Only the key types of personal information are covered. Except in a few instances, Americans are not bombarded by regulatory advisories that tend to inure them to the importance of data protection. Importantly, the motivation for en-acting privacy protections in the U.S. has al-ways been political demands for them and the presence of documented abuses. It has never been to qualify for advantages in international trade.

To convey to the world community that Moldova, Chile, Ukraine, Bulgaria, or Argentina have higher developed privacy protections than the U.S. is laughable. To say that Turkey and the U.S. have any similarities in their privacy protections – or lack of them – is defamatory. And to say that Russia outpaces the U.S. in privacy protections, as the chart in England did, is, well . . .

The author of the chart, Graham Greenleaf of the University of New South Wales in Australia, effectively narrowed the definitions he used for compiling the chart. But the end result is an unrealistic portrait of privacy protections in the nations of the world. A deeper look reveals that nearly all of the population of the U.S. is protected in the sectors of the economy that have the most important consequences for individuals and their personal privacy.