Contents 1 What is the Privacy Act? 2 What CDT Has Done So Far 3 Help Us Prepare Federal Government Privacy Policy for the Next 35 Years 4 Compare CDT and Public Drafts 5 Using the Privacy Act Wiki

What is the Privacy Act?

The Privacy Act of 1974 was the first statute to embed fair information practice principles into law, 35 years ago. While the Act has remained a mostly effective effort to insure that the government is treating the privacy of individuals as a leading concern, it is no longer as effective as it once was. As technology has changed and databases have progressed, the limitations of the Act and barriers to oversight have become more significant. The E-Government Act and Chief Privacy Officers were created to address certain failures, but others remain and experience with these two efforts have shown areas where they too can be improved.

While these issues have been raised regularly over the past decade, a May 2009 report from the National Institute of Standards and Technology's Information Security and Privacy Advisory Board entitled Toward A 21st Century Framework for Federal Government Privacy Policy and a June 2008 GAO report issued last year entitled Privacy: Congress Should Consider Alternatives for Strengthening Protection of Personally Identifiable Information both raised new areas where privacy protections are inadequate today and have made recommendations to address these inadequacies. Additional resources can be found in our Privacy Act library.

What CDT Has Done So Far

CDT has explored these issues in detail and created a working group of public interest groups, government representatives and industry to develop suggestions to address them. We drafted The E-Privacy Act Amendments of 2009 in an effort to collect these ideas and offer them for public comment through this Website. In addition, we have included a plain language description of these amendments, along with a set of pages showing the changes that this bill would make to the Privacy Act and changes that this bill would make to the E-Government Act within the context of the original text of each act.

Help Us Prepare Federal Government Privacy Policy for the Next 35 Years

You can help us by providing edits to the draft and discussing what you like and don't like about our draft and the edits of others in the following community wiki broken down by title:

Title, Findings and Purposes (edit)

• Section 1. Short Title
• Section 2. Findings and Purposes

Title I: Creation of Privacy Leadership (edit)

• Section 101. Government-Wide Chief Privacy Officer (CPO)
• Section 102. CPOs at all Major Agencies
• Section 103. Creation of CPO Council headed by the Government-Wide CPO

Title II: Amendments to the Privacy Act of 1974 (edit)

• Section 201. Definition of system of records
• Section 202. Clarifying uses and sharing of records
• Section 203. Amendments to conditions of disclosure
• Section 204. Amendments to improve notification
• Section 205. Liquidated Damages and Coverage of Negligent Violations

Title III: Amendments to Section 208 of the E-Government of 2002 (edit)

• Section 301. Best Practices for PIAs
• Section 302. Privacy Impact Assessment of Federal Government Employee Systems
• Section 303. Privacy Impact Assessment of Government Use of Commercial Information Services Containing Personal Information.
• Section 304. Role of OMB Chief Privacy Officer in Implementing the E-Government Act
  
  

Please discuss these changes as you edit. Changes will have a better chance of being incorporated into the final draft if your rationale is explained. CDT will serve as editor and moderator for this discussion, and we will continue to take feedback on this draft until July 18.

As of July 18th, the public draft has been locked for editing. Thanks to all contributors for their work on this audacious project.

Compare CDT and Public Drafts

CDT's May 28 Draft (A Static Version for Reference)		Current Public Draft (Changes and Revisions of Contributors to this Wiki)
Title, Findings and Purposes Section 1. Short Title Section 2. Findings and Purposes	Compare Discuss Explanation	Title, Findings and Purposes Section 1. Short Title Section 2. Findings and Purposes
Title I: Creation of Privacy Leadership Section 101. Government-Wide Chief Privacy Officer (CPO) Section 102. CPOs at all Major Agencies Section 103. Creation of CPO Council headed by the Government-Wide CPO	Compare Discuss Explanation	Title I: Creation of Privacy Leadership Section 101. Government-Wide Chief Privacy Officer (CPO) Section 102. CPOs at all Major Agencies Section 103. Creation of CPO Council headed by the Government-Wide CPO
Title II: Amendments to the Privacy Act of 1974 Section 201. Definition of system of records Section 202. Clarifying uses and sharing of records Section 203. Amendments to conditions of disclosure Section 204. Amendments to improve notification Section 205. Liquidated Damages and Coverage of Negligent Violations	Compare Discuss Explanation	Title II: Amendments to the Privacy Act of 1974 Section 201. Definition of system of records Section 202. Clarifying uses and sharing of records Section 203. Amendments to conditions of disclosure Section 204. Amendments to improve notification Section 205. Liquidated Damages and Coverage of Negligent Violations
Title III: Amendments to Section 208 of the E-Government of 2002 Section 301. Best Practices for PIAs Section 302. Privacy Impact Assessment of Federal Government Employee Systems Section 303. Privacy Impact Assessment of Government Use of Commercial Information Services Containing Personal Information Section 304. Role of OMB Chief Privacy Officer in Implementing the E-Government Act	Compare Discuss Explanation	Title III: Amendments to Section 208 of the E-Government of 2002 Section 301. Best Practices for PIAs Section 302. Privacy Impact Assessment of Federal Government Employee Systems Section 303. Privacy Impact Assessment of Government Use of Commercial Information Services Containing Personal Information Section 304. Role of OMB Chief Privacy Officer in Implementing the E-Government Act

Using the Privacy Act Wiki

To submit your edits to The E-Privacy Act Amendments of 2009, simply click the Edit button at the top-right of whichever Title you'd like to revise, or the Edit button located at the top of each section. You will be greeted with a familiar interface with which you can make edits to any part of the Act. If you do not see the editing interface, be sure that your browser supports Javascript and it is turned on, and be sure that you have not followed a link to the static, reference version of the amendments.

You may see edits others have made by hovered over the "more" button and selecting "changes." Discuss a section or the Act as a whole with your peers by clicking the "discuss" button.

If you don't want your comments to show up in the wiki, but you want to send them to CDT to be included, please email your edits and comments to eprivacyact@cdt.org.