FTC: Consumer Privacy Comments Concerning The Individual Reference Services--P974806/Part 1
June 4, 1997
INDIVIDUAL REFERENCE SERVICES
The following principles were developed by members of the individual reference services industry in the Spring of 1997 to respond, as an industry, to heightened interest in the industry's practices. The principles represent good practices that the undersigned companies agree to support as part of their operating practices. While it may take up to a year for some principles to be implemented fully, other principles are already part of the operating practices of the undersigned companies.
These principles apply to individual reference services, which are commercial services that directly or as suppliers to others provide information that assists users in identifying individuals or in verifying identities for various legitimate purposes.
Public Record Information: Information about an individual and reflecting additional information related to that individual, which has been obtained originally from the records of a federal, state, or local governmental entity that are open for public inspection.
Publicly Available Information: Information about individuals that is generally available to the public from non-governmental sources such as telephone directories, classified ads, newspaper reports, publications, lists, or other forms of information available to the marketplace.
Non-Public Information: Information about an individual that is of a private nature and neither generally available to the public nor obtained from a public record.
Appropriate or Appropriately: Describes actions or uses that are reasonable under the circumstances reflecting a balance between the interests of individual privacy and legitimate business, governmental, and personal uses of information, including prevention of fraud.
I. Education: Individual reference services should individually and through their industry groups make reasonable efforts to educate users and the public about privacy issues, the types of services they offer, and the benefits of the responsible flow of information.
II. Reputable Sources: Individually identifiable information should only be acquired from known sources in the government and private sectors.
A. Reasonable measures should be employed to understand an information source's data collection practices and policies before accepting information from that source.
B. Individually identifiable information that is collected solely for marketing purposes and which is not public record information or publicly available information or whose use is specifically permitted by law, should not be retained for creating or augmenting individual reference services.
III. Accuracy: Reasonable steps should be taken to help ensure the accuracy of the information in individual reference services. The goal of individual reference service products is to furnish customers with reasonably accurate reproductions of information.
IV. Public Record and Publicly Available Information: Public record information and publicly available information shall be usable without restriction.
V. Selective Distribution of Non-Public Information: Selective and limited distribution of non-public information is appropriate provided, however, that distributors who do not limit the non-public information content of the products that they distribute furnish such products only to qualified subscribers who have a recognized purpose for such information and agree to limit their use and redissemination of such information, and that distributors take reasonable steps to protect against misuse of the non-public information.
A. Where non-public information is furnished, it should be furnished only to qualified subscribers who use the information for an appropriate use.
B. Each individual reference service should explain what uses of its information are appropriate and to which types of subscribers such information is available, and have those uses and generic identities written and publicly available.
C. Prior to making non-public information available to a subscriber who requests access to it, reasonable review of the subscriber and the intended use of the information should be made. The nature of the non-public information being requested should determine the level of review undertaken.
D. Commercially reasonable measures should be employed to ensure that subscribers who receive selective and limited distribution use non-public information appropriately.
1. Subscribers should meet verification requirements that establish them as appropriate users of the information and agree to terms and conditions prior to accessing the information.
2. Mechanisms should be implemented to verify and remedy subscriber abuses of the information.
VI. Non-Selective Commercial Distribution of Non-Public Information: Non-selective commercial distribution of non-public information is appropriate provided that distributors of non-public information limit the non-public information content of the products that they distribute, provide the products to persons with whom they have a commercial relationship, and take reasonable steps to protect against misuse of the non-public information.
A. Non-public information products should not include information that reflects credit history, financial history, medical records, or similar information.
B. Certain information like SSN and date of birth that are contained in non-public information products that are used in non-selective commercial distribution should not be displayed or should be truncated in an appropriate manner.
C. Commercially reasonable measures should be employed to ensure that customers use non-public information appropriately.
1. Customers should agree to terms and conditions prior to accessing the non-public information; and
2. Mechanisms should be implemented to verify and remedy customer abuses of the information.
VII. Security: Facilities and systems to protect information from unauthorized access and persons who may exceed their authorization should be implemented. In addition to physical and electronic security, individual reference services should reasonably implement:
A. Employee and contractor supervision--Employees and contractors should be required to sign confidentiality agreements and be subject to supervision.
B. Reviews--System reviews should be made at appropriate intervals to ensure that employees are complying with policies.
A. Consumers should be notified about these practices through:
1. Web sites;
2. Advertisements; or
3. Company or industry-initiated educational efforts.
IX. Choice: Each individual reference service should upon request inform consumers of the choices, if any, available to limit access or use of information about them in its data base.
X. Public Record Information Sources: For specific inquiries about public record information, consumers should be directed to the governmental source of the information. The individual reference service's commitment to furnish users with reasonably accurate reproductions of information in public record information systems does not permit alteration of the substantive content of public record information products or services.
XI. Access: Upon request and reasonable terms, an individual reference service should inform an individual about the nature of public record and publicly available information that it makes available in its products and services and whether products and services that it makes available for non-selective commercial distribution contain non-public information that identifies the individual and the source or type of source of that information.
A. Individuals should be directed to the source if the source is a company that provides information products or services that are subject to the Fair Credit Reporting Act.
XII. Children: Where an individual is identified in the product or service as being under the age of 18, no non-public information about that individual should be provided for non-selective commercial distribution without parental consent.
The undersigned companies pledge to introduce and follow the above industry principles at the earliest practicable opportunity or by June 1998, whichever is sooner.
CDB Infotek, a Division of ChoicePoint Inc.
Database Technologies, Inc.
First Data InfoSource/Donnelley Marketing
Individual Reference Services
CDB Infotek, a division of ChoicePoint
June 10, 1997
TABLE OF CONTENTS
THE INDIVIDUAL REFERENCE INDUSTRY
A. The Collection of Individual Reference Information
B. The Use of Individual Reference Information
1. Individual Reference Products
2. Product Security
C. The Distribution of Individual Reference Information
1. Individual Reference Services Customers
2. Customer Applications and Authorizations
3. Restrictions on Distribution of Information to Customers
IMPORTANT AND APPROPRIATE USES OF INDIVIDUAL
A. Fraud Prevention
B. Child Support Enforcement
C. Uniting Separated Families
D. Locating Heirs to Estates
E. Locating Pension Fund Beneficiaries
F. Consumer Protection
G. Locating Organ and Bone Marrow Donors
H. Promoting the Integrity of the Political Process
I. Significant Journalistic Endeavors
J. Apprehending Criminals
K. Aiding Citizens in Obtaining Access to Public Record Information
RESPONSIBLE INDUSTRY PRACTICES REGARDING DISCLOSURE
THE CONSTITUTION PROHIBITS MUCH POTENTIAL REGULATION
OF INDIVIDUAL REFERENCE SERVICES
A. First Amendment
B. Tenth Amendment
The individual reference service industry(1)
plays an important role in our highly mobile society--helping customers to find people and verify identities. Individual reference services provide customers access to databases containing information obtained from: (1) public records that government agencies have made available for public inspection; (2) publicly available information from non-governmental sources ranging from telephone directories to newspaper reports to lists available in the marketplace; and (3) to a lesser extent, proprietary or non-public sources, such as survey data, other self-reported information, or credit header data (the non-financial identifying information at the top of a credit report).
Individual reference services provide important societal benefits. They help a broad range of people--from welfare mothers seeking to enforce child support orders to missing pension beneficiaries and heirs to fraud victims. These services also assist in important governmental functions such as tracing fraud, apprehending criminals, and locating witnesses to crimes.
The risks associated with use of these services are minimal. The Federal Reserve Board recently conducted an extensive study of the risks of identity fraud associated with use of databases containing individual identifying information. After reviewing over 100 written comments from a broad range of banks, credit card companies, privacy groups and government officials, the Federal Reserve reported to Congress that it found "no hard evidence" that the databases are used to advance identity fraud.
The industry is committed to self-regulation. Members of the individual reference service industry are strongly committed to taking a leadership role through self-regulation to minimize risks associated with their services. The participating companies have already taken voluntary actions to restrict the distribution of information from non-public sources--not making it available at all on the Internet, and displaying certain information from these sources, such as social security numbers, dates of birth, and information regarding individuals identified as minors, only to a narrow range of qualified customers with whom they have established business relationships. The companies are now working on a self-regulatory apparatus to enforce these and other principles.
Self-regulation is the most effective, fastest and most flexible way to minimize any risks. Because state and local public record information is a cornerstone of many individual reference service products, government regulation of these databases would encounter serious obstacles under both the First and Tenth Amendments to the U.S. Constitution. Thus, self-regulation is the most effective way to address any risks with respect to the databases. Moreover, self-regulation can be implemented far more quickly and can respond far more flexibly to changes in the industry and to future concerns.
Accordingly, self-regulation, supplemented by enforcement of existing criminal and civil laws that punish misuse of these databases, is the best way to preserve the significant societal benefits flowing from use of the information, while minimizing risks.
Today, America has become an extraordinarily mobile society in which individuals tend to move every five to six years. Communities not only see turnover of 20 percent of their population every year, but they have also grown larger, both of which increase anonymity. The mobile society of late 20th Century America makes it very difficult for individuals and government officials to find people and to verify information for important societal purposes such as fraud prevention. The individual reference service industry, which began with the publication of the first telephone directory over a century ago, meets this need.
Individual reference services provide government and business professionals today with much of the same information that was commonly known in the less mobile America early this century. Individual reference services make it possible to contact someone who has moved, who has a common name, or who may have changed his or her name. By assembling updated and current information about where people live in our transient society, these services provide an important, often highly beneficial function. Public records products provide information such as property ownership records, bankruptcy records, and professional or business licenses, all of which fulfill professionals' appropriate needs for information. Furthermore, by disseminating public records, these services play an important role in affording easier access to public record information, in keeping with recent Electronic Freedom of Information Act,(2) which is designed to make more government information available electronically.
Individual reference services help a broad array of people--from welfare mothers attempting to enforce child support orders against missing deadbeat dads to missing heirs entitled to inheritances to journalists investigating political donations. These reference services also assist in important governmental functions, such as tracing fraud and locating witnesses to crimes. They also are an integral part of private sector efforts to prevent fraud. At the same time, individual reference services run by the companies that assisted in the preparation of this White Paper alone employ over 5,300 people and provide over $232,000,000 in wages annually.
Not only do these services provide major societal benefits, but all of the leaders in the individual reference industry also have deployed product offerings to address privacy concerns about such databases. For example, none of these companies makes non-public information products and services available on the Internet. The market is a significant force in driving some of these responses--for example, in the decision of LEXIS-NEXIS to stop displaying or to truncate display of social security numbers in their credit header products. Other companies, such as CDB Infotek, Database Technologies and IRSC make certain non-public information products available only to a narrow group of accredited subscribers. In addition, the Federal Trade Commission's March 1997 notice of its workshop on database privacy issues has played a role in bringing together all of the industry leaders who endorse this White Paper to develop the self-regulatory principles discussed on pages 24-27 below.
The individual reference industry is little known to most Americans because its products generally are available only to firms and agencies that have an appropriate need to use its services. Before the rise of the Internet as a means of mass communication, the industry for decades attracted little interest, while continuing to help people and serve satisfied professional customers. However, as a result of the limited availability of the industry's services, popular perceptions of this industry can be shaped by rumor and misunderstandings. Most Americans were introduced to the industry through coverage engendered by false rumors that circulated on the Internet during the fall of 1996 regarding LEXIS-NEXIS's P-TRAK service. The overwhelming majority of this coverage was false--including allegations that the service offered personal financial, personal medical, and mother's maiden name information, and that the service was available over the Internet to anyone with a credit card.
This White Paper is presented to inform policymakers and the public at large about individual reference services, as the Federal Trade Commission and Congress undertake their first concerted examinations of this industry. In fact, the definitions of this industry employed by many policymakers tend to encompass a far wider variety of information sources than is necessary--from telephone directories in people's homes to electronic rolodexes on many office computers.
THE INDIVIDUAL REFERENCE INDUSTRY
The range of databases that contain individual "identifying information" of the sort discussed in the Federal Trade Commission's Notice announcing its Database Privacy Workshop(3) is very broad. For example, telephone directory information maintained by telephone companies and "electronic rolodexes" on many office and home computers contain name, address, and telephone number information. The individual reference service industry, as discussed in this White Paper, consists of commercial database services that directly, or as suppliers to others, provide information that assists users in identifying individuals or in verifying identities for a variety of appropriate purposes. This section contains a brief description of how individual reference information is collected, used, and distributed by service providers.
A. The Collection of Individual Reference Information
Some individual reference service providers collect information directly from the sources while others obtain their data from third parties, such as information suppliers. Experian and Metromail, for example, collect and store data from multiple sources and supply it to other individual reference service providers. They obtain their information from public records, publicly available information, and proprietary or non-public sources. Except when it is public record or publicly available information, information collected solely for marketing purposes is not a source of data for these services.
Public Record Information
A major source of information about individuals is state and local government agencies that make government records available for public inspection. Land records, court records, and professional licensing records are examples of information collected and maintained for public purposes, including dissemination to the public.
For example, the land transfer process in the United States is centered on the principle of public disclosure and notice. State recording statutes require nearly every person with an interest in land--not merely the owners or beneficial owners of the property--to place in the record a document revealing that interest. Wide dissemination of this information in land registers advances the public notification purposes of land recording statutes.
Court records are an important element of the long tradition of keeping trial proceedings open to the public. Court records, which include judgments, liens, and bankruptcy filings, today remain open for public inspection absent extraordinary circumstances requiring sealing of a particular record. The media, for example, has used court records to inform the public about questionable prosecutorial policies, low conviction rates, and fraudulent schemes requiring legislative attention.
The U.S. Supreme Court has observed that a key change since the time the Constitution was adopted is the means by which information about trial proceedings is disseminated: "Instead of acquiring information about trials by firsthand observation or by word of mouth from those who attended, people now acquire it chiefly through the print and electronic media."(4) Similarly, computerization has democratized access to court record information by making the information available to a far greater audience.
The dissemination of another public record--professional license information--enables consumer protection agencies and the public at large to take steps to protect against unqualified professionals. A search through these records can furnish the names, addresses, certification, and status of licensed professionals such as physicians, lawyers, and private investigators. Some states and counties have begun making available to the public databases listing individuals who have had their professional licenses revoked or suspended, or who have committed malpractice.
Most non-federal public record information is available at the county level. Consequently, individual reference service providers or their suppliers usually collect public record information on a county-by-county basis. It takes great effort to replicate a public record system so that, for example, individuals in Virginia may accurately verify the status of property or litigation in Orange County, California without flying to California. Because of the effort and cost required to compile this information from thousands of counties nationwide, individual reference service providers in many instances maintain public record information pertaining only to certain counties or states.
While some of the public record information has been entered into industry databases manually from paper records, much of the information is available from government agencies in electronic form. This governmental trend toward making public record information available in electronic form is reflected--at a national level--in a 1996 law that clarifies that computer-generated federal records are subject to the 30-year-old Freedom of Information Act.(5)
Publicly Available Information
Another major source is information that is generally available to the public from non-governmental sources such as telephone directories, classified ads, newspaper reports, publications, and lists available to the marketplace. The Telecommunications Act of 1996 promotes wide availability of telephone directory information by requiring telephone companies that publish such information to provide the information to other directory publishers on a timely and non-discriminatory basis.(6)
Finally, some information comes from proprietary or non-public sources. In some instances, this may consist of survey responses and other self-reported data. In other instances, non-public data may consist of credit header information. Credit header data is the non-financial individual identifying information located at the top of a credit report, such as name, current and prior address, social security number, and month and year of birth.
Some types of non-public information are subject to federal or state regulation. For example, the federal Fair Credit Reporting Act restricts the dissemination of credit reporting information. The Act does not restrict the dissemination of credit header information.(7) However, to the extent that credit headers are derived from credit reports, the Act does give consumers the right to inspect and correct all information about them in both credit reports and credit headers.(8)
B. The Internal Use of Individual Reference Information
1. Individual Reference Products
Once the information is collected and compiled by suppliers, it is obtained by the individual reference service providers that use it to create a product for distribution. Most individual reference service products fall into one of two categories. The first type of product provides access to information contained in public records. IRSC's Professional License database product, for instance, contains records of occupational licenses for specified jurisdictions. This product may be used to verify whether an individual holds a valid occupational license and to locate that individual's address. Specifically, the IRSC Professional License file includes the licensee's name and address, licensing board or agency name, license type, license number, license status, original issue date, and disciplinary actions. Another type of public record product is CDB Infotek's Bankruptcies, Liens & Judgments product. This product provides access to several different databases containing public record information obtained from state and local governments. Thus, Bankruptcies, Liens & Judgments allows a customer to search more than one public record database with a single search request.
The second type of individual reference product is a people finder product that may consist of information obtained from publicly available or non-public information. For example, Metromail's National Look-Up Service product provides access to databases containing publicly
available information. These databases contain compiled business listings and public information obtained from local telephone company directory assistance databases. Other examples include the P-TRAK person locator database product from LEXIS-NEXIS. P-TRAK provides access to information obtained from credit headers. A typical P-TRAK file record contains an individual's name and current address, and may contain a local telephone number (without area code), up to two previous addresses, the month and year of birth, and other names used by the individual, such as a woman's maiden name.
2. Product Security
Individual reference service providers employ numerous security measures to ensure that their products and the information obtained from their suppliers remains secure until its distribution. These service providers utilize secure facilities and systems to protect information from unauthorized access. Efforts to maintain the security of individual reference information include physical plant security measures, confidentiality agreements with employees and contractors, and system reviews to ensure that employees are complying with security policies. In these ways, the individual reference service providers issuing this White Paper ensure that information is disseminated only to their authorized customers.
Metromail, for example, uses access control facility software to prevent unauthorized access to its database information. Access to Metromail's computer data is secured by password coding and use of a security administrator. Metromail's computer rooms also are secured and limited access only is provided to cleared employees. Likewise, the security measures LEXIS-NEXIS employs to prevent unauthorized access to its database information include restricting physical access to its systems through the use of access codes, security cameras, and security personnel. In addition, LEXIS-NEXIS employees are required to participate in legal seminars and become familiar with corporate policies regarding the confidentiality of information obtained in the course of employment.
Thus, individual reference service providers have adopted internal policies and employed sophisticated measures to ensure the security of the data contained in their products
practices. Before the leaders in this industry formally embraced self-regulation, the importance of satisfying customers and the public at large led them to make other voluntary decisions to restrict access to information that may raise public concerns. For example, CDB Infotek and LEXIS-NEXIS each separately decided to truncate or not to display social security numbers in their credit header products. Database Technologies and IRSC confined access to their non-public information to a narrow range of qualified customers.
Self-regulation and voluntary restrictions on individual reference information is supplemented by existing laws, including criminal and civil fraud statutes that punish identity fraud, fair credit reporting statutes that prohibit disclosure of individual credit information, and invasion of privacy tort law that punishes and deters violations of individuals' privacy rights.
THE CONSTITUTION PROHIBITS MUCH POTENTIAL
REGULATION OF INDIVIDUAL REFERENCE SERVICES
As discussed earlier, public record information is a cornerstone of many individual reference service products. Efforts to regulate these services would not only jeopardize the numerous public benefits that flow from use of individual reference services, they also would encounter serious constitutional obstacles to the extent that they sought to regulate public record information. This section summarizes the arguments set forth in Appendix A.
A. First Amendment
Strong First Amendment interests are implicated in the distribution of individual identifying information obtained from public records. Indeed, courts that have been called upon to balance these interests against government-asserted privacy interests have frequently invalidated government regulations designed to restrict publication or use of public record data.
In a series of cases beginning in 1975, the U.S. Supreme Court has held that personal privacy concerns do not permit the government to prohibit the publication of truthful information in the public record. For example, the Court has held repeatedly that neither the protection of the identity of a rape victim nor any other governmental interest is sufficiently compelling to permit the government to penalize the publication of truthful information when the government itself made the information available to the public.
Lower courts have followed this line of reasoning and applied it to a range of different situations. A recent state appellate court, for example, applied this First Amendment doctrine in striking down California's consumer protection law banning credit reporting agencies from including in their reports certain information obtained from the public files of the landlord tenant court.
Other cases turn on the issue of the constitutional protection afforded to "commercial speech"--expression related solely to the economic interests of the speaker and its audience. Since the U.S. Supreme Court's landmark decision in 1976 expanding the constitutional protection afforded to commercial speech, restrictions based on the commercial use of public record data--like the restrictions placed on the non-commercial use of public records--have often been found to run afoul of the First Amendment.
In a 1980 case, for example, the Maine supreme court struck down a provision of the state's Fair Credit Reporting Act (FCRA) that prohibited inclusion in consumer reports of certain public record information that was more than seven years old. The court concluded that, by banning constitutionally protected commercial speech, the statute ran afoul of the First Amendment. Other courts also have invoked this 20-year-old doctrine in striking down statutes attempting to curb the use of other types of public records.
Consequently, federal or state attempts to regulate the distribution of public record information would be subject to probing First Amendment scrutiny regardless of whether courts considered the regulation to be directed at non-commercial or commercial speech. These First Amendment doctrines are additional reasons cautioning strongly against extending FCRA-style regulation to public record information.
B. Tenth Amendment
To avoid First Amendment problems, the Congress could attempt to dictate to the states what information in their public record systems the states could make available to the public. However, efforts to block the distribution of public records information at its principal sources--state and local governments--are clearly the sort of interference with state functions that raises serious Tenth Amendment problems.
The Tenth Amendment provides that "[t]he powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people." During the past decade, the Supreme Court, as well as several lower courts, have revived the Tenth Amendment, giving its protections of state autonomy broad interpretation in striking down federal laws imposing obligations upon state and local officials in connection with matters as diverse as child protection, waste disposal, timber exportation, and handgun control. Indeed, the State of South Carolina late last year filed a Tenth Amendment action challenging the validity of the Drivers' Privacy Protection Act (DPPA), which restricts states from disclosing or disseminating state driver's license and motor vehicle records. Similar challenges are almost certain to flow from any federal efforts to regulate the dissemination of state or county records.
Thus, while the First Amendment prohibits government regulation of the distribution of information contained in public records, the Tenth Amendment offers similar protection against the federal government's ability to dictate to state and local governments what information in their record systems they may make publicly available.
This futility of limiting the distribution of public record information is a compelling additional reason to prefer self-regulation to government-imposed regulation of individual reference services.