The purpose of the Privacy Act of 1974 (Act), Title 5, United States Code, Section 552a, is to balance the government’s need to maintain information about individuals with the rights of individuals to be protected against unwarranted invasions of their privacy stemming from federal agencies’ collection, maintenance, use, and disclosure of personal information about them. Therefore, unlike the Freedom of Information Act, the Act is not a disclosure Act and is implemented in the U. S. Department of Energy (DOE) by Title 10, Code of Federal Regulations, Part 1008 (10 CFR, Part 1008).
The Act applies only to federal agencies in the executive branch of the federal government (including the Executive Office of the President) such as the DOE and as part of the DOE and NNSA Service Center. Generally, the Act does not apply to state and local governments, or private companies, unless such entities are involved in a computer matching program with the federal government, or are under contract to maintain an agency-approved system of records for an agency. A system of records is a group of records in the agency’s control from which information is retrieved by a unique identifier, such as a name, birth date, home address, social security number, or some other identifying number or symbol. Only U. S. citizens and aliens lawfully admitted for permanent residence may request access to, copies of, or correction of their personal information being maintained by the federal government that is not timely, accurate, relevant, or complete.
The focus of the Act is on four basic policy objectives:
The Act requires each agency to maintain only such information about an individual as is relevant and necessary to accomplish a purpose of the agency required to be accomplished by statute or by Executive Order of the President AND to collect information to the greatest extent practicable directly from the individual.
Records subject to the Act are those records containing personal information that identify or describe an individual and are maintained in an agency-approved system of records. Individually identifiable material can be social security numbers, medical history, employment history, financial data, criminal history, etc. Records kept on individuals that are not retrieved by a unique identifier are not subject to the Act. The Act provides that agencies may not maintain information on individuals about how they exercise their First Amendment rights, unless maintenance of that information is specifically authorized by statute or relates to a law enforcement activity.