For Immediate Release May 14, 1998
The Federal Government requires appropriate information about its citizens to carry out its diverse missions mandated by the Constitution and laws of the United States. Long mindful of the potential for misuse of Federal records on individuals, the United States has adopted a comprehensive approach to limiting the Government's collection, use, and disclosure of personal information. Protections afforded such information include the Privacy Act of 1974, the Computer Matching and Privacy Protection Act of 1988, the Paperwork Reduction Act of 1995, and the Principles for Providing and Using Personal Information ("Privacy Principles"), published by the Information Infrastructure Task Force on June 6, 1995, and available from the Department of Commerce.
Increased computerization of Federal records permits this information to be used and analyzed in ways that could diminish individual privacy in the absence of additional safeguards. As development and implementation of new information technologies create new possibilities for the management of personal information, it is appropriate to reexamine the Federal Government's role in promoting the interests of a democratic society in personal privacy and the free flow of information.
Accordingly, I hereby direct the heads of executive departments and agencies ("agencies") as follows:
It shall be the policy of the executive branch that agencies shall:
(b) assure that personal information contained in Privacy Act systems of records be handled in full compliance with fair information practices as set out in the Privacy Act of 1974;
(c) evaluate legislative proposals involving collection, use, and disclosure of personal information by the Federal Government for consistency with the Privacy Act of 1974; and
(d) evaluate legislative proposals involving the collection, use, and disclosure of personal information by any entity, public or private, for consistency with the Privacy Principles.
(b) within 1 year of the date of this memorandum, conduct a thorough review of their Privacy Act systems of records in accordance with instructions to be issued by the Office of Management and Budget ("OMB"). Agencies should, in particular:
(2) identify any systems of records that may not have been described in a published notice, paying special attention to Internet and other electronic communications activities that may involve the collection, use, or disclosure of personal information;
(d) conduct a review of agency practices regarding collection or disclosure of personal information in systems of records between the agency and State, local, and tribal governments in accordance with instructions to be issued by OMB; and
(e) within 1 year of the date of this memorandum, report to the OMB on the results of the foregoing reviews in accordance with instructions to be issued by OMB.
(b) after considering the agency reports required by this memorandum, issue a summary of the results of the agency reports; and
(c) issue guidance on agency disclosure of personal information via the routine use exception to the Privacy Act (5 U.S.C. 552a(b)(3)), including sharing of data by agencies with State, local, and tribal governments.
WILLIAM J. CLINTON