Eagle Forum

Testimony of Lori L. Waters
Executive Director, Eagle Forum

Before the
Subcommittee on Commercial and Administrative Law
Of the Committee on the Judiciary
U.S. House of Representatives

May 1, 2002

Technology has made it possible to store my lifeís entire records on a computer chip. Medical information, tax records, financial data, education records, Social Security contributions, driver records are all available to someone by merely a few key strokes on a computer. Controlling access to all of my personal information is nearly impossible. Each classification of information has its own set of rules.

Privacy considerations are certainly not new. The Fourth Amendment is one of our most precious constitutional rights: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated."

However, it is often the unintended consequences of laws that have the most devastating impact on maintaining personal privacy. Social Security is a classic example. When Social Security was created in 1935, the sole purpose of the Social Security Number was to track the earnings of employed Americans so that their wages could be properly credited.

We were promised that the SSN would never be used for anything else, and the first number was issued in 1936. Social Security Numbers were clearly not created for identification purposes, and cards even stated that fact, well in the beginning. The temptation to use SSNs for other purposes was just too great. Today, they appear on tax forms, medical records, some driverís licenses, student ID cards, financial statements, marriage licenses, and even video rental applications. Today, SSNs are the most used and abused number in America. A social insurance program to care for the elderly gave each of us a Social Security Number, which today is used almost daily for non-Social Security purposes.

Let me give you one example of the possible privacy implications of a recently enacted bill. On November 19, 2001, President Bush signed into law the Aviation and Transportation Security Act (Public Law No: 107-71). The pertinent section reads as follows:

    "Sec. 109. Enhanced Security Measures

  1. IN GENERAL- The Under Secretary of Transportation for Security may take the following actions: 
    1. Establish requirements to implement trusted passenger programs and use available technologies to expedite security screening of passengers who participate in such programs, thereby allowing security screening personnel to focus on those passengers who should be subject to more extensive screening."

The privacy implications of this one section are overwhelming. Congress said that a trusted passenger program "may" be implemented, but neither the law nor report language established a single perimeter for implementation. It will be up to the Under Secretary of Transportation for Security to answer the following questions in establishing trusted passenger requirements:

  1. What is a trusted passenger?
  2. Who will be eligible for a trusted passenger card?
  3. How much information must an applicant give in order to verify who he says he is?
  4. Will the government or a private company maintain a database of trusted travelers?
  5. Will trusted passengers be tagged and tracked every time they use the cards?
  6. What will a trusted passenger card get you?
  7. To verify identity, will access to government databases be necessary or required? IRS? Social Secuity? New Hires Registry? Etc.

Further down in that same section of the Aviation and Transportation Security Act (Public Law No: 107-71), the Under Secretary of Transportation for Security may also:

    "(7) Provide for the use of voice stress analysis, biometric, or other technologies to prevent a person who might pose a danger to air safety or security from boarding the aircraft of an air carrier or foreign air carrier in air transportation or intrastate air transportation."

Again, there were no instructions on how to implement such a provision. In order to board a plane, will every passenger be forced to submit to a thumb-print or retina scan? Who owns that information? Will such information be kept on a database? Will the government maintain the information or each airline? Or will the information merely be checked against a criminal or terrorist database?

An unelected official will end up answering all of these questions.

Without proper consideration of privacy implications, the likelihood of a de facto national identification card is entirely possible. Members of Congress discuss it, but no one has taken ownership of the issue by introducing a bill entitled: the National ID Card Act of 2002. Members are smart enough to know that sponsorship of such a bill would likely be devastating to their re-election. A national ID card or system could happen through the unintended consequences of regulations, merely connecting the dots of your life contained in the currently maintained government and private databases. A trusted passenger program or national travel database could surge such a proposition forward.

In the name of security and "anti-terrorism," proposals such as a National I.D. card, Know-Your-Customer banking systems, and expansion of government databases to tag and track Americans are all on the table for discussion. Bad ideas before 9/11 are still bad ideas now.

Back to the Fourth Amendment, most lawyers have argued over the definition of unreasonable, so I will not. However, I will say that it is unreasonable to morph America into a place where everyone is treated as a terrorist, deadbeat dad, money launderer, drug trafficker, or criminal. Tagging and tracking the everyday actions of law-abiding citizens is inconsistent with freedom, liberty, and American values. Only totalitarian regimes monitor the private actions of law-abiding citizens.

The need for the Federal Agency Protection of Privacy Act (H.R. 4561) is clear. It is vital to protect Americans from unjustified or unintended invasions of privacy by the government. H.R. 4561 forces regulators to consider how regulations impact on individual privacy and then they must tell citizens through a privacy analysis what the impact will actually be.

Long-term privacy consequences must be part of the legislative debate in Congress as well as the regulatory debate in the Executive Branch. Government agencies are often awarded the great task of working out the details when it comes to privacy. For instance, the 1996 Health Insurance Portability and Accountability Act gave the Department of Health and Human Services the power to draft medical privacy regulations if Congress did not act by August 21, 1999. Well, HHS is still working on final (watered-down) regulations. Privacy was clearly at the center of these regulations, but while implementing other laws, like Social Security or trusted passenger, privacy implications should also be considered.

The Federal Agency Protection of Privacy Act is a positive step to assessing privacy implications inflicted by the government, but Congress should not stop there. Greater protections are necessary in order to regain control of our personal information.

As the government collects personal information, its use should be restricted to the purpose for which it was originally demanded and received. The government should not be able to act as though it owned that information to sell, display, or traffic without our consent.

Congress should not only look at the massive intricacies of privacy-invasive laws already on the books (and repeal a few) but should also look forward to what is coming.

Technology is developing more rapidly than any of us can follow, but the law often lags behind. Are you ready for the implantable chip? Applied Digital Solutions, a company traded on the NASDAQ, has developed implantable microchips for humans, and people are already signing up. The Food and Drug Administration said in April 2002 that it would not regulate the use of implantable microchips for ID purposes as long as it contains no medical information. ADSís Verichip will contain a scanable ID number that could then be cross-referenced with any number of databases. 1 "Big Brother" lives.

Is the law ready for such privacy-sensitive technology? Itís up to you as Members of Congress to make sure it is.

1 "ID chip ready for implant," April 4, 2002, USA Today

Google Ads are provided by Google and are not selected or endorsed by Eagle Forum
Eagle Forum • PO Box 618 • Alton, IL 62002 phone: 618-462-5415 fax: 618-462-8909 [email protected]