Consumer data banks as we know them today–big repositories of personal information, indexed by name and specifically constructed for the purpose of sharing information once regarded as “private”–didn’t start with computers. But computers certainly helped.
One of today’s largest consumer reporting firms was started in 1899, when two brothers created the Retail Credit Company–now known as Equifax–to track the creditworthiness of Atlanta grocery and retail customers. Businesses were encouraged to report which of their customers reliably paid their bills and which did not. Retail Credit collected the information, published it in a book, and sold copies.
Retail Credit and other consumer reporting firms maintained paper files until the 1960s. When they finally started to computerize, they came head to head with a Columbia University political-science professor named Alan Westin.
Westin had uncovered countless cases in which people had been denied credit, insurance, housing, even jobs, because of errors in consumer files–records that many victims didn’t even know existed. He feared that computerization would make credit data banks much more widely used, with ominous consequences unless they were properly regulated. In the computer age, he said, privacy is no longer just the right to be left alone; it involves people’s right “to determine for themselves when, how, and to what extent information about them is communicated to others.” Possession of personal information, Westin said, should not give corporations unlimited rights to use that information.
Westin’s research sparked numerous congressional investigations and got him invited to testify before Congress. People were entitled to view their own records, he said. And they needed a way to dispute the records and force an investigation if they thought there was an error.
Retail Credit and others protested that they would be stymied and bankrupted by a flood of requests. And Westin’s definition of privacy could put different parties’ rights in clear conflict–taken to its extreme today, it would mean that an ex-lover could order you to remove his or her name from your address book and delete all those old e-mails. But Westin and the other privacy advocates won the day, and Congress passed the Fair Credit Reporting Act of 1970. A Nixon administration advisory committee then developed the Code of Fair Information Practice, a guiding set of principles that underlies the majority of U.S. privacy laws passed since.
This code is surprisingly straightforward. There should be no secret data banks; individuals must be able to view their records; there must be a way to correct errors; organizations maintaining data banks must make sure they’re reliable and protect them from unauthorized access; and information collected for one purpose must not be used for other purposes.
For example, the Video Privacy Protection Act was passed after Judge Robert Bork’s video rental records were obtained by the Washington, DC, weekly City Paper in an attempt to dig up embarrassing information while the U.S. Senate was debating his 1987 nomination to the Supreme Court. The Driver’s Privacy Protection Act of 1994 was passed after actress Rebecca Schaeffer was murdered in 1989 by a crazed fan, who had hired a private investigator to track down her address. The investigator was able to get the information through the California Department of Motor Vehicles, which had required Schaeffer to provide her home address when she applied for a license.
In both cases, Congress acted to prevent personal information from being reused in certain ways without permission. Score two for the updated concept of privacy.