Right to Privacy Act - States that the Congress finds: (1) that an individual's privacy is directly affected by the extensive collection, maintenance, use and dissemination of personal information; (2) that the increasing use of computers and sophisticated information technology has greatly magnified the harm that can occur from these practices; (3) that an individual's opportunities to secure employment, insurance, credit and his right to due process, and other legal protections are endangered by these personal information systems, and (4) that in order to preserve the rights guaranteed by the first, third, fourth, fifth, ninth, and fourteenth amendments of the United States Constitution, uniform Federal legislation is necessary to establish procedures to govern information systems containing records on individuals.
Provides that the purpose of the Act is to insure safe-guards for personal privacy from recordkeeping organizations by adherence to specified principles of information practice.
Requires any organization maintaining an information system that includes personal information to: (1) collect, maintain, use, and disseminate only personal information necessary to accomplish a proper purpose of the organization; (2) collect information to the greatest extent possible from the data subject directly; (3) establish categories for maintaining personal information to operate in conjunction with confidentiality requirements and access controls; (4) maintain information in the system with accuracy, completeness, timeliness, and pertinence as necessary to assure fairness in determinations relating to a data subject; (5) make no dissemination to another system without (A) specifying requirements for security and the use of information exclusively for the purposes set forth in the notice required under this Act including limitations on access thereto, and (B) determining that the conditions of transfer provide substantial assurance that those requirements and limitations will be observed; (6) transfer no personal information beyond the jurisdiction of the United States without specific authorization from the data subject or pursuant to a treaty or executive agreement in force guaranteeing that any foreign government or organization receiving personal information will comply with the applicable provisions of this Act with respect to that personal information; (7) afford any data subject of a foreign nationality, whether residing in the United States or not, the same rights under this Act as American citizens; (8) maintain a list of all persons having regular access to personal information in the information system; (9) maintain a complete and accurate record, including identity and purpose, of every access to any persons or organizations not having regular access authority; (10) take affirmative action to establish rules of conduct and inform each person involved in the design, development, operation, or maintenance of the system; (11) establish appropriate safeguards to secure the system from any reasonably foreseeable threat to its security; (12) comply with the written request of any individual who receives a communication in the mails, over the telephone, or in person from a commercial organization, who believes that his name or address is available because of his inclusion on a mailing list, to remove his name and address from that list; and (13) collect no personal information concerning the political or religious beliefs, affiliations, and activities of data subjects which is maintained, used or disseminated in or by any information system operated by any governmental agency, unless authorized by statute.
Sets forth special additional requirements for statistical - reporting and research information systems.
Requires each organization that maintains a personal information system on the date of the enactment of this Act to notify by mail each data subject of the fact not later than two years following the date of enactment of this Act, at the last known address of the subject.
Provides that it shall be unlawful for any organization to require an individual to disclose or furnish his social security account number, for any purpose in connection with any business transaction or commercial or other activity, or to refuse to extend credit or make a loan or to enter into any other business transaction or commercial relationship with an individual (except to the extent specifically necessary for the conduct or administration of the old-age, survivors, and disability insurance program) wholly or partly because such individual does not disclose or furnish such number, unless the disclosure or furnishing of such number is specifically required by Federal law.
Establishes the Federal Privacy Board. Sets forth functions of the Board, including the following: (1) publish an annual Data Base Directory of the United States containing the name and characteristics of each personal information system; (2) make rules to assure compliance with this Act; and (3) perform or cause to be performed such research activities as may become necessary to implement this Act, and to assist organizations in complying with this Act.
Provides that any organization or responsible officer of an organization who willfully keeps an information system without having notified the Federal Privacy Board, or issues personal information in violation of this Act shall be fined not more than $10,000 in each instance or imprisioned not more than five years, or both.
Introduced in House
Introduced in House
Referred to House Committee on the Judiciary.
Llama 3.2 · runs locally in your browser
Ask anything about this bill. The AI reads the full text to answer.
Enter to send · Shift+Enter for new line