Pam Dixon and Bob Gellman write:
The Privacy Act of 1974 is an orphan. At a time when privacy is a hot legislative topic just about everywhere, almost no one has examined the Privacy Act, one of the oldest information privacy laws in the world. The act reflects the technologies of the 1970s, like ancient mainframe computers (that had less computer power than your smartphone) and filing cabinets filled with paper records—it’s that old.
The other feature of the Privacy Act that keeps it off current radar screens is that the act applies to U.S. federal agencies (and some federal contractors). Most contemporary attention to commercial privacy matters pushed privacy debates away from routine federal government record-keeping practices and onto things like social media privacy, targeted advertising, consumer rights.
Nevertheless, federal agencies maintain vast amounts of personal data, and they use that data to make decisions about all of us that affect our lives in major ways. The Privacy Act applies to agencies like the Internal Revenue Service, the Department of Health and Human Services, the Social Security Administration, the Department of Homeland Security, federal law enforcement agencies and more. The American public deserves better privacy protections from the government than a nearly 50-year-old law provides.
Read more on Lawfare.
This is not a quick read, nor should it be. Bob Gellman always produces incredibly thoughtful work, and in coming up with a proposal for a revised/updated Privacy Act, he has given us all much to think about. A draft of the proposed bill, called The United States Agency Fair Information Practice Act (USA FIPS Act), can be read here.