= Privacy Act = The '''Privacy Act of 1974''' established requirements for the federal government's use of [[UnitedStates/InformationLaw/PersonallyIdentifiableInformation|PII]]. <> ---- == Description == === Protections === When collecting PII, a government agency is required to inform an individual of: * the agency's legal authority to collect this PII * the principal purposes of the collection * the routine uses of this PII * any effects on the individual of providing PII Before records systems can be established by a federal agency, they must publish in the Federal Register a notice of: * the type of PII that will be collected and stored * the routine uses of the records system * the security controls used in and around the records system * how individuals can determine if their PII is stored in the records system * how individuals can obtain a copy of their PII from the records system PII stored in a records system can only be disclosed if (1) the corresponding individual submits a written request to disclose, or (2) has given prior written consent to disclose. === Exemptions and Applicability === National security systems are exempt from the Privacy Act. Investigatory material collected for law enforement purposes is exempt with conditions. A system that is required by statute to only be used for statistical purposes is exempt. A 2017 executive order clarified that the Privacy Act applies ''only'' to U.S. citizens. Furthermore, agencies were ordered to update privacy policies to explicitly exclude anyone who is not a U.S. citizen or permanent resident. ---- == History == ---- CategoryRicottone