The Privacy Act of 1974 restricts federal agencies from disclosing personal information about individuals without written consent, establishes rules for how agencies collect and use personal data, and gives citizens the right to access and correct records about themselves. Violations can result in civil liability and criminal penalties. The act was passed in response to Watergate-era revelations about government surveillance and data collection. The Social Security Administration's NUMIDENT database, which contains records on nearly every American, is subject to strict Privacy Act protections. Sharing or removing that data without authorization violates federal law.
The Privacy Act is the main legal limit on how federal agencies collect and share your personal data. It gives citizens the right to access and correct their own records โ but its protections have significant gaps, including exemptions for law enforcement and a computer-matching exception that agencies use for mass surveillance of benefits recipients.
The Privacy Act protects only against federal agency misuse โ it doesn't cover private companies, state agencies, or data brokers who sell your information to the government. Purchasing data from a private broker is one of the main ways agencies legally circumvent the Privacy Act's restrictions.
The Privacy Act is the main legal limit on how federal agencies collect and share your personal data. It gives citizens the right to access and correct their own records โ but its protections have significant gaps, including exemptions for law enforcement and a computer-matching exception that agencies use for mass surveillance of benefits recipients.
The Privacy Act protects only against federal agency misuse โ it doesn't cover private companies, state agencies, or data brokers who sell your information to the government. Purchasing data from a private broker is one of the main ways agencies legally circumvent the Privacy Act's restrictions.