Skip to main content Skip to navigation

JILT 2002 (2) - Erick Bohlman


Contents

1.

Introduction

2.

Analysis

2.1

Public Disclosure

2.2

Private Facts

2.3

Offensive and Objectional to a Reasonable Person

2.4

Not a Matter of Public Concern

3.

Conclusion

Notes and References

Word icon and download article in .rtf format  Download


Privacy in the Age of Information
 

Erick Bohlman
Swift, Popuch & Bohlman
Chicago, USA
erickeb3@aol.com


This is a commentary published on 16 August 2002.

Citation: Bohlman E, 'Privacy in the Age of Information', The Journal of Information, Law and Technology (JILT) 2002 (2) <http://elj.warwick.ac.uk/jilt/02-2/bohlman.html>. New citation as at 1/1/04: <http://www2.warwick.ac.uk/fac/soc/law/elj/jilt/2002_2/bohlman/>.


1. Introduction

Ruby was an expectant mother. One week before her baby was due, she received a coupon in the mail for diapers. Ruby took the coupon to the supermarket and bought the diapers. Shortly thereafter, she started receiving more coupons for diapers, baby formula, and other child-care goods. Ruby needed these items, and was happy to use the coupons. Two weeks after her baby was born, a man called to congratulate Ruby on becoming a mother and suggest that she purchase additional life insurance. 'How do you know that I just had a baby?' she asked. Ruby felt violated. Throughout the next year, the phone kept ringing and the mail kept coming. One day, Ruby decided that she had finally had enough. She was very rude to a telemarketer: 'Don't call me anymore,' she said, 'and don't give out my telephone number.' Ruby hung up the phone. One week later, Ruby received a call from the camp of a political candidate who pledged to put an end to unwanted 'junk-mail' and bothersome telephone solicitations.

Coincidence? Hardly. Modern information technology has changed not only how commercial transactions occur, but, more fundamentally, the subject matter of commerce itself[1]. A continually growing, highly-pervasive industry has recently emerged, purely devoted to the collection, arrangement, and dissemination of personal information; that is, information that can be attributed to an identifiable individual[2]. Today, information databases, in and of themselves, are highly valuable commercial commodities.

Recent improvements in digital database-storage technology have changed the ways in which data can be altered, examined, summarized and restructured to produce new or newly tailored information[3].

When committed to paper and trapped within the confines of a manual file, the utility of information is markedly limited. But, when the information is available in an electronic data base of virtually endless dimension, open to analysis and processing at a rate of many millions of functions per second, and capable of being transmitted through time and space at the speed of light, the computer transforms the character of the information itself, let alone the society that employs such technology[4].

A computer operator with access to electronic information data banks can quickly and easily rearrange facts, incorporate new material, compile multiple databases and make other transformations of information[5].

'Whether one has the right to do so is a question of law and legal policy, but the medium supplies the capability'[6].

Creative marketing consultants are utilizing these new capabilities and incorporating this technology into their marketing schemes. Practices of modern marketing strategists include:

(1) studying census data to make guesses about consumers based on the characteristics of everyone in a particular zip code;

(2) buying lists of magazine subscribers;

(3) perusing newspapers for birth, death and marriage announcements;

(4) culling public real-estate records;

(5) screening court documents and the publications of judicial proceedings; and

(6) documenting consumer buying habits with checkout scanners and in-store video cameras[7].

Consumers may feel manipulated by these practices or complain that their privacy has been invaded[8]. Unfortunately, though, these individuals may be victims without legal recourse. Most cases involving privacy rights that empower an individual to control the use and discourse of personal information rest on statutory, as opposed to common law, authority, and involve information held by the government[9]. The Freedom of Information Act[10] (FOIA), for example, exempts information from mandatory disclosure by the federal government if disclosure would constitute an unwarranted invasion of privacy[11]. Similarly, the Privacy Act of 1974 ('Privacy Act') was established to provide certain controls over what personal information is collected by the federal government and how it is used[12].

Instead of devoting its resources toward creating new ways to limit and restrict data collection and dissemination by the private sector, the federal government is currently acting on legislation that would substantially expand government surveillance powers, including the use of a controversial Internet monitoring system, for purposes of combating terrorism[13]. This unprecedented power on the part of the government to access and review computer records of its citizenry will likely create even greater legal concerns. For now, though, with respect to the private sector, Congress has remained uninvolved. Generally, it is only the consumer and the business conscience of the industry[14] that monitor the collection, use and dissemination of information[15].

Therefore, consumers upset with the exploitation of personal information by the private sector are forced to look to the common law. Commentators have suggested that the tort of invasion of privacy through the publication of private facts may provide an answer[16]. The Restatement (Second) of Torts defines this tort as the publication of a matter concerning the private life of another that is highly offensive to a reasonable person and that is not of legitimate public concern[17]. However, the First Amendment to the United States Constitution limits government interference with the dissemination of speech[18].

Nonetheless, this article argues that when personal facts are compiled into extensive dossiers or profiles, the nature of the information is transformed into something which should thereby acquire common law protection under the laws of the United States, despite the mandate of the First Amendment.

2. Analysis

Most states recognize the tort of publication of private facts in one of two forms[19]. Some states follow the definition originally enumerated by Professor William L. Prosser which includes three elements for this type of invasion of privacy:

(1) a public disclosure;

(2) of private facts;

(3) that would be offensive and objectional to a reasonable person of ordinary sensibilities[20]. Other states follow the Restatement (Second) of Torts version, which adds a fourth element to those delineated by Prosser, essentially incorporating the First Amendment defense;

(4) the published material must not be a matter of legitimate public concern[21].

2.1 Public Disclosure

In order for the public disclosure of private facts tort to apply, the disclosure must be relatively widespread[22]. Generally, commercial data maintained in computer data banks is disseminated to individuals or small groups, one at a time[23]. Thus, in order for a person whose personal information has been collected and disseminated for commercial purposes to prevail in an invasion of privacy claim, he or she must prove that, under the circumstances, the scope of the disclosure was sufficiently public.

In Rycroft v. Gaddy[24] the Court of Appeals of South Carolina considered whether the disclosure of personal information to a small group of people was sufficient to constitute an invasion of privacy[25]. Kenneth Rycroft and Rene Tanguay were partners in a corporation[26]. Rycroft brought a suit for dissolution of the corporation[27]. During discovery, pursuant to a subpoena issued at the request of Tanguay and his attorney, Clifford Gaddy, Rycroft's bank produced records of Rycroft's checking account[28]. No one other than Tanguay, Gaddy and one other individual reviewed the records[29].

Consequently, Rycroft brought an action against Gaddy and Tanguay for invasion of privacy based on public disclosure of private facts[30]. The court held that 'publicity,' not merely 'publication,' is required in order to substantiate an action for the publication of private facts[31]. Communication to an individual or to a small group of people, absent exceptional circumstances, will not ordinarily give rise to liability[32].

However, in Beaumont v. Brown[33], the Supreme Court of Michigan examined whether the disclosure of personal information to only a few people, whose special knowledge of those facts was extremely embarrassing to the plaintiff, was sufficient to support a cause of action[34]. Arthur Zink, personnel director for the Michigan Department of Labor (the Department), terminated the employment of Robert Beaumont, an employee and member of the US Army Reserve[35]. Barry Brown was the director of the Department at that time[36]. Subsequently, Zink wrote a letter to the US Army Reserve Components Personnel and Administration Center stating that he had fired Beaumont, and that Beaumont was 'extremely disloyal,' abusive of his reserve status, and insubordinate[37].

Beaumont brought suit against Zink and Brown for invasion of privacy[38]. Zink and Brown moved for summary judgment, claiming that the publication was not large enough to constitute an invasion of privacy[39]. The court stated that:

'[t]o begin with 'communication to the general public' is somewhat ambiguous, because a communication rarely, if ever, reaches everyone. It is therefore in order to consider the significance of the communication to the public'[40].

Accordingly, the court denied the defendants' motion, holding that a publication of personal facts to a group of people whose special knowledge of those facts would be embarrassing to the plaintiff is sufficient to warrant a trial on the merits[41].

Although personal data which is stored in computer data banks for commercial purposes is usually not disclosed to large groups of people, the significance of the communication can be quite substantial. The use of the information can be extremely embarrassing or harmful to the data subject, even if disclosed to just one individual. Because of personal information maintained on computer data banks, data subjects may be denied credit, employment or entrance into social organizations. Furthermore, data subjects are likely to receive calls from bothersome telephone solicitors and unwanted 'junk mail.' Therefore, the collection and dissemination of personal data for commercial purposes should ordinarily be sufficient to constitute a public disclosure in a privacy action.

2.2 Private Facts

In order to support a cause of action for the publication of private facts, the facts must be sufficiently 'private'[42]. Not all personal information is private information. In order for facts to be private, there must be a reasonable expectation that they will remain private[43]. Some commentators have alleged that individual facts contained in computer data banks, which are disclosed for commercial purposes, are frequently:

(1) not the type of matter which most people expect to remain private;

(2) contained in public records and therefore not private; or

(3) relevant, even though they are often not current.

(1) Reasonable Expectation of Privacy:Personal facts which are disseminated must be 'private' in order to state a cause of action for invasion of privacy. It may be contended that the individual facts which are contained in commercial databases, although personal in a literal sense, are not private in a legal capacity, because there is no legitimate expectation of privacy as to those facts.

In Wolf v. Regardie[44], the District of Columbia Court of Appeals considered whether the publication of a person's wealth as amassed through large-scale real estate dealings was the type of personal information that is also considered to be private[45]. William Wolf was an attorney and successful real estate mogul[46]. After being declined an interview with Wolf, Regardie, a business trade magazine, published a story on Wolf and his real estate dealings[47]. Wolf sued for invasion of privacy[48]. The court held that the prominent nature of Wolf's real estate transactions destroyed any legitimate expectation of privacy that he may have had; thereby denying a cause of action[49].

However, in Mason v. Williams Discount Center, Inc.[50], the Missouri Court of Appeals examined whether the publication of a plaintiff's not-so-visible financial transactions could be the subject of a public disclosure of private facts claim[51]. Williams Discount Center is a retail outlet which placed in its store, in clear view of its patrons, a list of names under the heading 'no checks'[52] Robert Mason's name was on that list[53]. Accordingly, Mason brought suit for invasion of privacy[54]. The court held that small-scale financial dealings, such as Mason's, are the type of private matter that invasion of privacy actions were designed to protect[55].

The bulk of the material contained in commercial databases involves relatively discrete personal information, such as supermarket purchases and magazine subscriptions. This information is more similar to that in Williams Discount Center than it is to that in Regardie. Therefore, the facts collected and disseminated through computer data banks should normally be the type of information that can give rise to a claim for public disclosure of private facts. However, if the information is obtained from public records, the otherwise private information may lose its private character.

(2) Public vs. Private Facts: Generally:

'information appearing on a public record is not private fact, no matter how embarrassing or distasteful the content of the information may be'[56].

Furthermore, the public nature of the facts is also unaffected merely because the information is presented in a different form[57]. Much of the material contained in commercial data banks is obtained from public sources: US census data; newspapers; birth, death and marriage records; public real estate records; court documents[58]; etc[59]. Therefore, there is a strong presumption that most of this material, by itself, is not private information.

However, part of an individual's sense of privacy is derived from the knowledge of the lengths through which another person would have to proceed in order to retrieve various bits of personal information from public records[60]. The very inefficiency of the process serves to preserve a substantial measure of individual privacy[61]. 'Computer technology, however, has made these protections part of a lost era'[62]. Thus, when personal information is collected from multiple public sources and combined into a solitary dossier or personal profile, a cause of action for public disclosure of private facts may arise.

In United States Department of Justice v. Reporters Committee for Freedom of the Press[63], the U.S. Supreme Court was confronted with the issue of whether a collection of remote public facts in a computer database, all of which exist independently in diverse public records, could amount to private information[64]. A CBS news correspondent had requested, pursuant to the Freedom of Information Act (FOIA), Charles Medico's criminal history 'rap sheet' from the Federal Bureau of Investigations (Bureau)[65]. The rap sheet contained information relating to minor crimes which were not the subject of great public curiosity[66]. Private information is exempt from disclosure under the FOIA[67]. Hence, the Bureau, believing that the rap sheets contained private data, refused to disclose the information[68].

The court noted that:

'there is a difference between public records that might be found after a diligent search of courthouse files, county archive and local police stations throughout the county, and a computerized summary located in a single clearinghouse of information'[69].

The court concluded that:

'the fact that an event is not wholly private does not mean that an individual has no interest in limiting disclosure or dissemination of the information'[70].

Accordingly, the court refused to require disclosure of the rap sheet.

Moreover, a computer analysis of public data can amount to more than a mere collection of public records. In Ashbury Park Press, Inc. v. New Jersey Department of Health[71], the Superior Court of New Jersey considered whether a 'spread sheet' analysis of public records was, itself, a public record[72]. The New Jersey Department of Health had conducted an examination of state hospital financial information; resulting in a computer spread sheet detailing the result[73]. A reporter for the Ashbury Park Press requested this information[74]. The Department, believing that this was private data, denied disclosure of the information[75]. The court agreed with the Department and refused to require disclosure, stating that the spread sheet was not a public record, but more like an analysis or work product that represents tentative conclusions and opinions[76].

As the preceding cases suggest, although much of the information included in commercial databases is derived from public records, data subjects should have a privacy interest in preventing the unauthorized dissemination of this information. Consequently, it can be argued that the collection of personal data, as well as its disclosure, is a violation of privacy. Regardless, the remote public origin of data, which has been assembled in a central database, does not necessarily mean that the database is merely a collection of public facts.

(3) Outmoded Information: Information which was once public can, over time, become private[77]. According to the Restatement, the lapse of time between the occurrence of an event and its subsequent disclosure is one factor to be considered in determining whether facts are public or private[78]. Commercial data banks evolve over time and much of the information maintained therein is not current. Accordingly, it is necessary to determine whether any of the personal information assembled in such a database, that would otherwise be public, has lost its public status.

In Lindemuth v. Jefferson County School District[79], the Colorado Court of Appeals had to determine whether the publication of a person's past criminal history, several years previous, was an invasion of privacy[80]. Mark Lindemuth, now an assistant high school basketball coach, had once been convicted of child molestation[81]. Fourteen years later, Donald Schneider, the head coach, began spreading rumors about Lindemuth's past conduct[82]. Lindemuth then filed suit against Schneider and the Jefferson County School District for invasion of privacy[83]. The court held that the long time period between Lindemuth's conviction and Schneider's publication did not render the fact of Lindemuth's prior molestation conviction private[84].

However, in Melvin v. Reid[85], the California District Court of Appeals considered whether the facts pertaining to a seven-year-old murder trial had subsequently become private facts[86]. Gabrielle Darly Melvin was a former prostitute who had been acquitted of murder in 1918[87]. In 1925, the defendants released a movie documenting the murder trial and surrounding circumstances[88]. Melvin, who had since given up prostitution and was leading a private life, brought suite for invasion of privacy[89]. The court determined that, because of the lapse of time and Melvin's desire to maintain a private life, the defendant's publication of the once-public facts constituted an invasion of privacy[90].

These cases indicate that, under certain circumstances, public facts can become private over time. In Lindemuth, the court implied that the plaintiff's conviction of child molestation, although dated, was still a matter of public concern. Lindemuth was working with children, and his past conviction was relevant to his current lifestyle. However, in Melvin, the plaintiff's past had no effect on her current life or that of anyone around her. Consequently, when once-public facts contained in commercial databases are no longer current, they must be examined in order to determine if they have lost their public nature.

2.3 Offensive and Objectional to a Reasonable Person

In order to maintain a cause of action for the public disclosure of private facts, the disclosure must be offensive and objectional to a reasonable person of ordinary sensibilities[91]. Many of the individual facts contained in commercial databases are not, in and of themselves, offensive[92]. However,

'the increasing use of computers and sophisticated information technology, while essential to the efficient operation of government, has greatly magnified the harm that occurs from any collection, maintenance, use, or dissemination of personal information'[93].

Therefore, when facts are combined into extensive dossiers or personal profiles and maintained on computer data banks, the compilations may constitute offensive material.

In Whalen v. Roe[94], the United States Supreme Court contemplated whether the collection of personal information in a central computer file could amount to an invasion of privacy[95]. The New York legislature had enacted a law requiring certain drug prescriptions to be made on a specific form, filed with the State Health Department, and recorded in a central computer data bank[96]. The forms contained information identifying the prescribing physician; the dispensing pharmacy; the drug; and the patient's name, address and age[97]. A group of physicians challenged this law, claiming that it constituted an unwarranted invasion of privacy[98].

Justice Brennan, in a concurring opinion, recognized that:

'[t]he central storage and easy accessibility of computerized data vastly increase[s] the potential for abuse of that information'[99].

However, because none of the information had been unreasonably disclosed, and the conditions necessary for disclosure were extremely limited and regulated, the court held that the mere collection of the information did not support an invasion of privacy claim[100].

Moreover, in Briscoe v. Reader's Digest Ass'n, Inc.[101], the California Supreme Court undertook to define the circumstances when the publication of personal facts is offensive and objectional to a reasonable person[102].

'The claim is not so much one of total secrecy as it is of the right to define one's circle of intimicy ? to choose who shall see beneath the quotidian mask. Loss of control over which 'face' one puts on may result in literal loss of self-identity and is humiliating beneath the gaze of those whose curiosity treats a human being as an object'[103] .

As these cases demonstrate, the harm to an individual is exaggerated when multiple facts are compiled in centralized computer data banks.

'As a result of modern data processing, dossier building, and record keeping, the individual is steadily losing control over personal information'[104].

It is the exposure to strangers in such a cumulative sense, through an unauthorized and unknown composite dossier or personal profile, without an opportunity to mitigate the effects of such disclosure, that works an invasion of privacy and interferes with the individual's right to self-expression[105].

2.4 Not a Matter of Public Concern

According to the Restatement (Second) of Torts, in order to substantiate a claim for the public disclosure of private facts, the disclosed material must not be a matter of legitimate public concern[106]. Further, states which do not follow the Restatement version of this tort may nevertheless violate the First Amendment if they restrict the dissemination of information which is of public concern. Thus, courts must balance the First Amendment value of the type of communication at issue against the state interest in prohibiting the disclosure of personal information[107].

'The line is to be drawn when the publicity ceases to be the giving of information to which the public is entitled'[108].

(1) First Amendment Value of the Information: Not all speech is protected by the First Amendment equally[109]. Communication of news and other speech received the highest degree of First Amendment Protection[110].

''News' includes all events and items of information . . . which have 'that indefinable quality which arouses public attention''[111].

Commercial communication, on the other hand, receives less protection[112]. Commercial communication is:

'expression related solely to the economic interests of the speaker and its audience'[113].

Most of the information maintained on commercial data banks is, by its very nature, disclosed for commercial purposes, and should therefore receive reduced First Amendment protections.

In Dun & Bradstreet, Inc. v. Greenmoss Builders, Inc.[114], the United States Supreme Court discussed the different First Amendment values accorded various types of communication. Dun & Bradstreet, a credit reporting agency, falsely reported that Greenmoss Builders, Inc. had filed a petition for bankruptcy[115]. In response to Dun & Bradstreet's failure to correct this information, Greenmoss Builders filed suit for defamation[116].

The court, in order to determine the degree of First Amendment protection to attach to the credit report, looked to the purpose of the First Amendment:

'The First Amendment 'was fashioned to assure unfettered interchange of ideas for the bringing about of political and social changes desired by the people''[117].

The court held that sanctioning a credit reporting agency for false credit reports would not significantly interfere with the 'unfettered interchange of ideas''[118]. Accordingly, the court extended only minimal protection to the credit report[119].

The information contained in commercial data banks, like that in Dun & Bradstreet, is normally commercial information. Generally, such information pertains to an individual's interest of and financial undertakings so that the purchasers of the information can target these individuals for marketing purposes. Therefore, the First Amendment value of maintaining and disclosing such information should be extremely limited.

(2) State Interest in Proscribing Disclosure: Although the disclosure of information contained in commercial data banks deserves some protection against restriction, the state has a strong interest in the protection of its citizenry against unwarranted invasions of privacy. The storage of data on centralized computer data banks further amplifies the state's interest.

'This use of computers has two effects: it facilitates inspection of an individual's personal data and it may prolong the life of the data beyond a time when it has any real validity in describing the individual'[120].

Hence, information disclosed for commercial purposes generally is not a legitimate matter of public concern, justified by the First Amendment, and may be proscribed in order to prevent invasions of privacy.

3. Conclusion

Generally, information contained in computer databases and disseminated for commercial purposes can give rise to a cause of action for public disclosure of private facts. However, each database and the information that it contains is unique and must be analyzed on a case-by-case basis. No sweeping conclusions are apparent, and none shall be drawn by this author. What is apparent, is that government must act to address these new threats to consumer's privacy by the private sector.

'The machine, as Orwell once called 'the genie that man has thoughtlessly let out of its bottle and cannot put back again,' has allowed new concentrations of power . . . which utterly dwarf the individual and threaten individuality as never before'[121].

When relatively insignificant bits of information are assembled and maintained in centralized computer data banks, and when the information is identifiable to specific individuals, the result is a dangerous synergy ? a combination that proves potentially much more deadly than the sum of its components.

Notes and References

1. Raymond T. Nimmer & Patricia Ann Krauthaus, Information as a Commodity: New Imperatives of Commercial Law, 55 L. & Contemp. Probs. 103, 103 (1992).

2. George B. Trubow, Protecting Informational Privacy in the Information Society, 10 N. Ill. U. L. Rev. 521, 521 (1990).

'Privacy specialists and FTC officials charged with enforcing the financial privacy law say brokers who traffic in confidential data add to a growing sense of unease among people wo want their personal records to remain private. . . . 'People have no idea how big the problem is,' said Edmund Mierzwinski, a privacy advocate at the U.S. Public Interest Research Group. 'There's an entire industry out there of information finders or brokers operating in the gray areas of the law, or outside the law'', Robert O'Harrow Jr., FTC's Probe of Data Brokers Turns to Clients, Wash. Post, Apr. 26, 2001, at A01.

3. Nimmer & Krauthaus, supra note 1, at 107.

4. Trubow, supra note 2, at *1 (Westlaw page numbers). More and more courts around the nation are making case files available on the internet. Frank James, Web Carries Court Records Into the Open, Chi. Trib., July 17, 2001, at 10. While most court records have always been available to the public, a significant effort was required in the past for a person to go to the courthouse and look up the information. Id. Now, though, with the rise of the Internet, a person can easily browse a court's Web site from the comfort of his or her own home to check on whether a neighbor has ever appeared before a judge on a criminal charge, domestic case or civil lawsuit. Id.

5. Nimmer & Krauthaus, supra note 1, at 107-108.

6. Nimmer & Krauthaus, supra note 1, at. at 108.

7. See Eric D. Randall, Marketers Kill Corporate Creativity, USA Today, Nov. 9, 1992, at 5B.

There are several ways telemarketers get your number: (1) If you are listed in the phone book, they simply may have looked in the White Pages. (2) Several companies compile national phone directories. These companies use local phone books from all over the country as well as other sources to compile these databases. (3) The phone company and other businesses also publish directories which list people by street address or phone number rather than name. Telemarketers frequently use these 'street address directories' when they want to call specific neighborhoods. ? (4) Another common way telemarketers obtain your phone number is when you inadvertently give it to them. If you sign up for a contest or drawing, a phone number is usually requested. Such give-away promotions may have less to do with gifts than they do with obtaining your phone number for a sales pitch. If you have your phone number printed on your checks, your name, address and phone number can easily be copied and entered into computerized mailing/telephone lists. (5) '800' and '900' numbers are another way for telemarketers to obtain your phone number. When you call these companies, your phone number may be captured with a system called 'Automatic Number Identification' or ANI. ANI uses equipment which automatically identifies and stores the number from which you are dialing. By matching your phone number with other computerized lists and street directories, your name and address can often be discovered. (6) Automatic dialing devices are able to determine all possible phone number combinations ? even unlisted numbers ? and dial them much more rapidly than any person can.

Telemarketing: Whatever Happened to a Quiet Evening at Home?, Privacy Forum, March, 1993, Fact Sheet #5. 'Every time you provide your name and address to receive a product or service, there's a good chance you are being added to one or more mailing lists. When you buy a car, have a baby, make a purchase from a catalog, give money to a charity or fill out a product registration card, your name is likely to be entered into a computer data base.' Junk Mail: How Did They All Get My Address?, Privacy Forum, Feb., 1993, Fact Sheet #4.

8. The notion of 'informational privacy,' a development of the 1970's, was spawned by the remarkably constant improvement and growing pervasiveness of the digital computer and electronic data banks.' Trubow, supra note 2, at 521.

9.Nimmer & Krauthaus, supra note 1, at 123.

10.5 U.S.C. ? 552 et seq (1982).

11. 5 U.S.C. ? 552 et seq (1982). (b) (6).

12. 5 U.S.C. ?552a. The Privacy Act guarantees three basic rights: (1) the consumer's right to review his/her records; (2) the consumer's right to amend inaccurate records regarding him/herself; and (3) the consumer's right to file a federal lawsuit against the government for violations of the Act. Id.

13. Counter-Terrorism Proposals, Electronic Privacy Information Center, Oct. 2, 2001, <http://www.epic. Org/privacy/terrorism>.

14. 'I don't think that self-regulation is a good idea,' Beth Givens, project director of the Privacy Rights Cleringhouse, told FTC Commissioners? The ethical dilemmas that arise from the gathering of personal information by companies looking to make a buck must be addressed by the government, she said. 'For instance, should someone who shoplifted at age 19 be given a job at a department store at age 29? And should a potential employer have access to that information? With these cradle-to-grave databases with no timeline on them, we are becoming a society of no forgiveness,' Givens told Commissioners?' Rebecca Vesely, FTC Urged to Take Strong Stand on Privacy, <http://www.wired.com (June 11, 1997).

15.Jenifer T. Barrett, Playing in the Data Sandbox, 10 Computer Law. 10, *4 (1993) (Westlaw page numbers).

16. See, e.g. Trubow, supra note 2, at *7.

Furthermore, [a] compelling argument can be made that a collection of personal information sold as a dossier or profile violates the appropriation [of name, likeness or personality] tort that had been described by Prosser as 'appropriation of some element of the plaintiff's personality for commercial use.' . . . When dossiers and profiles maintained by credit bureaus and other such agencies are sold, the subject's personality is certainly being used for a commercial purpose.

Id. (quoting William L. Prosser, Handbook on the Law of Torts ? 97 (2d. ed. 1955)).

17. Restatement (Second) of Torts ? 652D (1977).

18. U S Const. amend. I. The First Amendment provides in pertinent part: 'Congress shall make no law ... abridging the freedom of speech, or of the press...' Id.

19. Trubow, supra note 2, at *5.

20.William L. Prosser, Privacy, 48 Cal. L. Rev. 383, 393-396 (1960).

21. Restatement (Second) of Torts ? 652D (1977).

22. Trubow, supra note 2, at *7.

23. Trubow, supra note 2, at *7

24. 314 S.E.2d 39 (S.C. Ct. App. 1984).

25. 314 S.E.2d 39 (S.C. Ct. App. 1984).

26. 314 S.E.2d 41 (S.C. Ct. App. 1984).

27. 314 S.E.2d 41 (S.C. Ct. App. 1984).

28. 314 S.E.2d 42 (S.C. Ct. App. 1984).

29. 314 S.E.2d 43 (S.C. Ct. App. 1984).

30. 314 S.E.2d 43 (S.C. Ct. App. 1984).

31. 314 S.E.2d 43 (S.C. Ct. App. 1984).

32. 314 S.E.2d 43 (S.C. Ct. App. 1984).

33. 257 N.W.2d 522 (Sp. Ct. Mich. 1977).

34. 257 N.W.2d 522 (Sp. Ct. Mich. 1977).

35. 257 N.W.2d 523 (Sp. Ct. Mich. 1977).

36. 257 N.W.2d 523 (Sp. Ct. Mich. 1977).

37. 257 N.W.2d 523 (Sp. Ct. Mich. 1977).

38. 257 N.W.2d 524 (Sp. Ct. Mich. 1977).

39. 257 N.W.2d 524 (Sp. Ct. Mich. 1977).

40.257 N.W.2d 531 (Sp. Ct. Mich. 1977) (emphasis added).

41. 257 N.W.2d 531 (Sp. Ct. Mich. 1977) (emphasis added).

42. See Barbara Moretti, Outing: Justifiable or Unwarranted Invasion of Privacy? The Private Facts Tort as a Remedy for Disclosure of Sexual Orientation, 11 Cardozo Arts & Ent. L.J. 857, 864 (1993).

43. See Mary Ann L. Wymore, Challenging the Validity of the Intrusion Tort and Presenting Arguments for its Elimination, 40 Fed. B. New & J. 374, 374 (1993).

44.553 A.2d 1213 (D.C. Ct. App. 1989).

45. 553 A.2d 1213 (D.C. Ct. App. 1989)

46. 553 A.2d 1215 (D.C. Ct. App. 1989).

47. 553 A.2d 1215 (D.C. Ct. App. 1989).

48. 553 A.2d 1216 (D.C. Ct. App. 1989).

49. 553 A.2d 1216 (D.C. Ct. App. 1989).

50. 639 S.W.2d 836 (Mo. Ct. App. 1982).

51. 639 S.W.2d 836 (Mo. Ct. App. 1982).

52. 639 S.W.2d 837 (Mo. Ct. App. 1982).

53. 639 S.W.2d 837 (Mo. Ct. App. 1982).

54. 639 S.W.2d 837 (Mo. Ct. App. 1982).

55. 639 S.W.2d 839 (Mo. Ct. App. 1982).

56. 1 George B. Trubow, Privacy Law and Practice ? 1.05[2] at 1-59 (1991).

57. The Florida Star v. B.J.F., 491 U.S. 524 (1989) (newspaper account of court proceedings did not render public information private).

58. 'Bankruptcy files, for instanceoften have Social Security and bank account numbers. Divorce files can have details about marriages gone awry. Personal injury files have large amounts of medical information. Criminal case files can contain information on whether defendants cooperated with authorities.' Frank James, Web Carries Court Records Into the Open, Chi. Trib. , July 17, 2001, at 10.

59. See Randall, supra note 7.

60. Arthur R. Miller, Computers, Data Banks, and Individual Privacy, 4 Colum Hum. Rts. L. Rev. 1, 8 (1972).

61. Arthur R. Miller, Computers, Data Banks, and Individual Privacy, 4 Colum Hum. Rts. L. Rev. 1, 8 (1972).

62. John A. McLaughlin, Intrusion Upon Seclusion in the Computer Age, 17 J. Marshall L. Rev. 831, 836 (1984).

63. 489 U.S. 749 (1989).

64. 489 U.S. 749 (1989).

65. 489 U.S. 749 (1989).

66. 489 U.S. 1469 (1989).

67. 5 U.S.C. ? 552 (b) (6) (1982).

68. Reporters Committee, 489 U.S. at 1469.

69. Reporters Committee, 489 U.S. at 1477.

70. Reporters Committee, 489 U.S. at 1480.

71. 557 A.2d 1363 (N.J. Super. Ct. App. Div. 1989).

72. 557 A.2d 1363 (N.J. Super. Ct. App. Div. 1989).

73. 557 A.2d 1365 (N.J. Super. Ct. App. Div. 1989).

74. 557 A.2d 379 (N.J. Super. Ct. App. Div. 1989).

75. 557 A.2d 379 (N.J. Super. Ct. App. Div. 1989).

76. 557 A.2d 1368 (N.J. Super. Ct. App. Div. 1989).

77. See, e.g., Melvin v. Reid, 297 P. 91 (Cal. Dist. Ct. App. 1931.)

78. Restatement (Second) of Torts ? 652D cmt. K (1977).

79.765 P.2d 1057 (Co. Ct. App. 1988).

80. 765 P.2d 1057 (Co. Ct. App. 1988).

81. 765 P.2d 1057 (Co. Ct. App. 1988).

82. 765 P.2d 1057 (Co. Ct. App. 1988).

83. 765 P.2d 1057 (Co. Ct. App. 1988).

84. Id. at 1059.

85. 297 P. 91 (Cal. Dist. Ct. App. 1931).

86. 297 P. 91 (Cal. Dist. Ct. App. 1931).

87. 297 P. 91 (Cal. Dist. Ct. App. 1931).

88. 297 P. 91 (Cal. Dist. Ct. App. 1931).

89. 297 P. 91 (Cal. Dist. Ct. App. 1931).

90. 297 P. 93 (Cal. Dist. Ct. App. 1931). .

91. Prosser, supra note 20, at 396.

92. Trubow, supra note 2, at 7.

93. The Privacy Act of 1974, Pub. L. No. 579, ? 2, 88 Stat. 1896 (1974) (Congressional findings and statement of purpose) (codified as 5 U.S.C. ? 552a (1988)).

94. 97 U.S. 589 (1977).

95. 97 U.S. 589 (1977).

96. 97 U.S. 589 (1977).

97. 97 U.S. 589 (1977).

98. 97 U.S. 589 (1977).

99. Id. at 605 (Brennan, J., concurring).

100. Whalen, 429 U.S. at 605.

101. 483 P.2d 34 (Sp. Ct. Cal. 1971).

102. 483 P.2d 34 (Sp. Ct. Cal. 1971).

103. 483 P.2d 37 (Sp. Ct. Cal. 1971).

104. Warren Freedman, The Right of Privacy in the Age of Computer Data Processing, 13 Tex. Tech. L. Rev. 1361, 1363 (1982).

105. David F. Linowes, Must Personal Privacy Die in the Computer Age?, 65 A.B.A. J. 1181, 1183-1184 (1979).

106. Restatement (Second) of Torts ? 652D (1977).

107. The Florida Star v. B.J.F., 491 U.S. 524, 526 (1989).

108. Virgil v. Time, Inc., 527 F.2d 1122, 1129 (9th Cir. 1975).

109. Ohralik v. Ohio State Bar Ass'n, 436 U.S. 447, 456 (1978).

110. Ohralik v. Ohio State Bar Ass'n, 436 U.S. 447, 456 (1978).

111. William L. Prosser & W. Page Keeton, The Law of Torts ? 117, at 857 (5th ed. 1984).

112. Ohralik, 436 U.S. at 456.

113. Central Hudson Gas & Elec. Corp. v. Public Serv. Comm. of New York, 447 U.S. 557, 561 (1980).

114. 472 U.S. 749 (1985).

115. 472 U.S. 750 (1985).

116. 472 U.S. 750 (1985).

117. 472 U.S. 750 (1985) (quoting Roth v. United States 354 U.S. 476, 484 (1957)).

118. 472 U.S. 761 (1985).

119. 472 U.S. 761 (1985).

120. Johnathan P. Graham, Privacy, Computers, and the Commercial Dissemination of Personal Information, 65 Tex. L. Rev. 1395, 1399 (1987).

121. Irving J. Sloan, Law of Privacy Rights in a Technological Society 1 (1986).

JILT logo and link to JILT home page