[Congressional Bills 107th Congress]
[From the U.S. Government Publishing Office]
[H.R. 583 Introduced in House (IH)]
107th CONGRESS
1st Session
H. R. 583
To establish the Commission for the Comprehensive Study of Privacy
Protection.
_______________________________________________________________________
IN THE HOUSE OF REPRESENTATIVES
February 13, 2001
Mr. Hutchinson (for himself, Mr. Moran of Virginia, Mr. Brady of Texas,
Ms. Granger, Mr. Greenwood, Mr. Lucas of Oklahoma, and Mr. Riley)
introduced the following bill; which was referred to the Committee on
Government Reform
_______________________________________________________________________
A BILL
To establish the Commission for the Comprehensive Study of Privacy
Protection.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Privacy Commission Act''.
SEC. 2. FINDINGS.
The Congress finds the following:
(1) Americans are increasingly concerned about their civil
liberties and the security and use of their personal
information, including medical records, educational records,
library records, magazine subscription records, records of
purchases of goods and other payments, and driver's license
numbers.
(2) Commercial entities are increasingly aware that
consumers expect them to adopt privacy policies and take all
appropriate steps to protect the personal information of
consumers.
(3) There is a growing concern about the confidentiality of
medical records, because there are inadequate Federal
guidelines and a patchwork of confusing State and local rules
regarding privacy protection for individually identifiable
patient information.
(4) In light of recent changes in financial services laws
allowing for increased sharing of information between
traditional financial institutions and insurance entities, a
coordinated and comprehensive review is necessary regarding the
protections of personal data compiled by the health care,
insurance, and financial services industries.
(5) The use of Social Security numbers has expanded beyond
the uses originally intended.
(6) Use of the Internet has increased at astounding rates,
with approximately 5 million current Internet sites and 64
million regular Internet users each month in the United States
alone.
(7) Financial transactions over the Internet have increased
at an astounding rate, with 17 million American households
spending $20 billion shopping on the Internet last year.
(8) Use of the Internet as a medium for commercial
activities will continue to grow, and it is estimated that by
the end of 2000, 56 percent of the companies in the United
States will sell their products on the Internet.
(9) There have been reports of surreptitious collection of
consumer data by Internet marketers and questionable
distribution of personal information by on-line companies.
(10) In 1999, the Federal Trade Commission found that 87
percent of Internet sites provided some form of privacy notice,
which represented an increase from 15 percent in 1998.
(11) The United States is the leading economic and social
force in the global information economy, largely because of a
favorable regulatory climate and the free flow of information.
It is important for the United States to continue that
leadership. As nations and governing bodies around the world
begin to establish privacy standards, these standards will
directly affect the United States.
(12) The shift from an industry-focused economy to an
information-focused economy calls for a reassessment of the
most effective way to balance personal privacy and information
use, keeping in mind the potential for unintended effects on
technology development, innovation, the marketplace, and
privacy needs.
(13) This Act shall not be construed to prohibit the
enactment of legislation on privacy issues by the Congress
during the existence of the Commission. It is the
responsibility of the Congress to act to protect the privacy of
individuals, including individuals' medical and financial
information. Various committees of the Congress are currently
reviewing legislation in the area of medical and financial
privacy. Further study by the Commission established by this
Act should not be considered a prerequisite for further
consideration or enactment of financial or medical privacy
legislation by the Congress.
SEC. 3. ESTABLISHMENT.
There is established a commission to be known as the ``Commission
for the Comprehensive Study of Privacy Protection'' (in this Act
referred to as the ``Commission'').
SEC. 4. DUTIES OF COMMISSION.
(a) Study.--The Commission shall conduct a study of issues relating
to protection of individual privacy and the appropriate balance to be
achieved between protecting individual privacy and allowing appropriate
uses of information, including the following:
(1) The monitoring, collection, and distribution of
personal information by Federal, State, and local governments,
including personal information collected for a decennial
census, and such personal information as a driver's license
number.
(2) Current efforts to address the monitoring, collection,
and distribution of personal information by Federal and State
governments, individuals, or entities, including--
(A) existing statutes and regulations relating to
the protection of individual privacy, such as section
552a of title 5, United States Code (commonly referred
to as the Privacy Act of 1974) and section 552 of title
5, United States Code (commonly referred to as the
Freedom of Information Act);
(B) legislation pending before the Congress;
(C) privacy protection efforts undertaken by the
Federal Government, State governments, foreign
governments, and international governing bodies;
(D) privacy protection efforts undertaken by the
private sector; and
(E) self-regulatory efforts initiated by the
private sector to respond to privacy issues.
(3) The monitoring, collection, and distribution of
personal information by individuals or entities, including
access to and use of medical records, financial records
(including credit cards, automated teller machine cards, bank
accounts, and Internet transactions), personal information
provided to on-line sites accessible through the Internet,
Social Security numbers, insurance records, education records,
and driver's license numbers.
(4) Employer practices and policies with respect to the
financial and health information of employees, including--
(A) whether employers use or disclose employee
financial or health information for marketing,
employment, or insurance underwriting purposes;
(B) what restrictions employers place on disclosure
or use of employee financial or health information;
(C) employee rights to access, copy, and amend
their own health records and financial information;
(D) what type of notice employers provide to
employees regarding employer practices with respect to
employee financial and health information; and
(E) practices of employer medical departments with
respect to disclosing employee health information to
administrative or other personnel of the employer.
(5) The extent to which individuals in the United States
can obtain redress for privacy violations.
(6) The extent to which older individuals and disabled
individuals are subject to exploitation involving the
disclosure or use of their financial information.
(b) Field Hearings.--
(1) In general.--The Commission shall conduct at least 2
field hearings in each of the 5 geographical regions of the
United States.
(2) Boundaries.--For purposes of this subsection, the
Commission may determine the boundaries of the five
geographical regions of the United States.
(c) Report.--
(1) In general.--Not later than 18 months after appointment
of all members of the Commission--
(A) a majority of the members of the Commission
shall approve a report; and
(B) the Commission shall submit the approved report
to the Congress and the President.
(2) Contents.--The report shall include a detailed
statement of findings, conclusions, and recommendations,
including the following:
(A) Findings on potential threats posed to
individual privacy.
(B) Analysis of purposes for which sharing of
information is appropriate and beneficial to consumers.
(C) Analysis of the effectiveness of existing
statutes, regulations, private sector self-regulatory
efforts, technology advances, and market forces in
protecting individual privacy.
(D) Recommendations on whether additional
legislation is necessary, and if so, specific
suggestions on proposals to reform or augment current
laws and regulations relating to individual privacy.
(E) Analysis of purposes for which additional
regulations may impose undue costs or burdens, or cause
unintended consequences in other policy areas, such as
security, law enforcement, medical research, or
critical infrastructure protection.
(F) Cost analysis of legislative or regulatory
changes proposed in the report.
(G) Analysis of the impact of altering existing
protections for individual privacy on the overall
operation and functionality of the Internet, including
the impact on the private sector.
(H) Recommendations on non-legislative solutions to
individual privacy concerns, including education,
market-based measures, industry best practices, and new
technology.
(I) Review of the effectiveness and utility of
third-party verification of privacy statements,
including specifically with respect to existing private
sector self-regulatory efforts.
(d) Additional Report.--Together with the report under subsection
(c), the Commission shall submit to the Congress and the President any
additional report of dissenting opinions or minority views by a member
or members of the Commission.
(e) Interim Report.--The Commission may submit to the Congress and
the President an interim report approved by a majority of the members
of the Commission.
SEC. 5. MEMBERSHIP.
(a) Number and Appointment.--The Commission shall be composed of 17
members appointed as follows:
(1) 2 members appointed by the President.
(2) 4 members appointed by the majority leader of the
Senate.
(3) 3 members appointed by the minority leader of the
Senate.
(4) 4 members appointed by the Speaker of the House of
Representatives.
(5) 3 members appointed by the minority leader of the House
of Representatives.
(6) 1 member, who shall serve as Chairperson of the
Commission, appointed jointly by the President, the majority
leader of the Senate, and the Speaker of the House of
Representatives.
(b) Diversity of Views.--The appointing authorities under
subsection (a) shall seek to ensure that the membership of the
Commission has a diversity of views and experiences on the issues to be
studied by the Commission, such as views and experiences of Federal,
State, and local governments, the media, the academic community,
consumer groups, public policy groups and other advocacy organizations,
business and industry (including small business), the medical
community, civil liberties experts, and the financial services
industry.
(c) Date of Appointment.--The appointment of the members of the
Commission shall be made not later than 30 days after the date of the
enactment of this Act.
(d) Terms.--Each member of the Commission shall be appointed for
the life of the Commission.
(e) Vacancies.--A vacancy in the Commission shall be filled in the
same manner in which the original appointment was made.
(f) Compensation; Travel Expenses.--Members of the Commission shall
serve without pay, but shall receive travel expenses, including per
diem in lieu of subsistence, in accordance with sections 5702 and 5703
of title 5, United States Code.
(g) Quorum.--A majority of the members of the Commission shall
constitute a quorum, but a lesser number may hold hearings.
(h) Meetings.--
(1) In general.--The Commission shall meet at the call of
the Chairperson or a majority of its members.
(2) Initial meeting.--Not later than 45 days after the date
of the enactment of this Act, the Commission shall hold its
initial meeting.
SEC. 6. DIRECTOR; STAFF; EXPERTS AND CONSULTANTS.
(a) Director.--
(1) In general.--Not later than 30 days after the
appointment of the Chairperson of the Commission, the
Chairperson of the Commission shall appoint a Director without
regard to the provisions of title 5, United States Code,
governing appointments to the competitive service.
(2) Pay.--The Director shall be paid at the rate payable
for level III of the Executive Schedule established under
section 5314 of such title.
(b) Staff.--The Director may appoint staff as the Director
determines appropriate.
(c) Applicability of Certain Civil Service Laws.--
(1) In general.--The staff of the Commission shall be
appointed without regard to the provisions of title 5, United
States Code, governing appointments in the competitive service.
(2) Pay.--The staff of the Commission shall be paid in
accordance with the provisions of chapter 51 and subchapter III
of chapter 53 of that title relating to classification and
General Schedule pay rates, but at rates not in excess of the
maximum rate for grade GS-15 of the General Schedule under
section 5332 of that title.
(d) Experts and Consultants.--The Director may procure temporary
and intermittent services under section 3109(b) of title 5, United
States Code.
(e) Staff of Federal Agencies.--
(1) In general.--Upon request of the Director, the head of
any Federal department or agency may detail, on a reimbursable
basis, any of the personnel of that department or agency to the
Commission to assist it in carrying out this Act.
(2) Notification.--Before making a request under this
subsection, the Director shall give notice of the request to
each member of the Commission.
SEC. 7. POWERS OF COMMISSION.
(a) Hearings and Sessions.--The Commission may, for the purpose of
carrying out this Act, hold hearings, sit and act at times and places,
take testimony, and receive evidence as the Commission considers
appropriate. The Commission may administer oaths or affirmations to
witnesses appearing before it.
(b) Powers of Members and Agents.--Any member or agent of the
Commission may, if authorized by the Commission, take any action which
the Commission is authorized to take by this section.
(c) Obtaining Official Information.--
(1) In general.--Except as provided in paragraph (2), if
the Chairperson of the Commission submits a request to a
Federal department or agency for information necessary to
enable the Commission to carry out this Act, the head of that
department or agency shall furnish that information to the
Commission.
(2) Exception for national security.--If the head of that
department or agency determines that it is necessary to guard
that information from disclosure to protect the national
security interests of the United States, the head shall not
furnish that information to the Commission.
(d) Mails.--The Commission may use the United States mails in the
same manner and under the same conditions as other departments and
agencies of the United States.
(e) Administrative Support Services.--Upon the request of the
Director, the Administrator of General Services shall provide to the
Commission, on a reimbursable basis, the administrative support
services necessary for the Commission to carry out this Act.
(f) Gifts and Donations.--The Commission may accept, use, and
dispose of gifts or donations of services or property to carry out this
Act, but only to the extent or in the amounts provided in advance in
appropriation Acts.
(g) Contracts.--The Commission may contract with and compensate
persons and government agencies for supplies and services, without
regard to section 3709 of the Revised Statutes (41 U.S.C. 5).
(h) Subpoena Power.--
(1) In general.--The Commission may issue subpoenas
requiring the attendance and testimony of witnesses and the
production of any evidence relating to any matter that the
Commission is empowered to investigate by section 4. The
attendance of witnesses and the production of evidence may be
required by such subpoena from any place within the United
States and at any specified place of hearing within the United
States.
(2) Failure to obey a subpoena.--If a person refuses to
obey a subpoena issued under paragraph (1), the Commission may
apply to a United States district court for an order requiring
that person to appear before the Commission to give testimony,
produce evidence, or both, relating to the matter under
investigation. The application may be made within the judicial
district where the hearing is conducted or where that person is
found, resides, or transacts business. Any failure to obey the
order of the court may be punished by the court as civil
contempt.
(3) Service of subpoenas.--The subpoenas of the Commission
shall be served in the manner provided for subpoenas issued by
a United States district court under the Federal Rules of Civil
Procedure for the United States district courts.
(4) Service of process.--All process of any court to which
application is made under paragraph (2) may be served in the
judicial district in which the person required to be served
resides or may be found.
(i) Rules.--The Commission shall adopt other rules as necessary for
its operation.
SEC. 8. TERMINATION.
The Commission shall terminate 30 days after submitting a report
under section 4(c).
SEC. 9. AUTHORIZATION OF APPROPRIATIONS.
(a) In General.--There are authorized to be appropriated to the
Commission $5,000,000 to carry out this Act.
(b) Availability.--Any sums appropriated pursuant to the
authorization in subsection (a) shall remain available until expended.
SEC. 10. BUDGET ACT COMPLIANCE.
Any new contract authority authorized by this Act shall be
effective only to the extent or in the amounts provided in advance in
appropriation Acts.
SEC. 11. PRIVACY PROTECTIONS.
(a) Destruction or Return of Information Required.--Upon the
conclusion of the matter or need for which individually identifiable
information was disclosed to the Commission, the Commission shall
either destroy the individually identifiable information or return it
to the person or entity from which it was obtained, unless the
individual that is the subject of the individually identifiable
information has authorized its disclosure.
(b) Disclosure of Information Prohibited.--The Commission--
(1) shall protect individually identifiable information
from improper use; and
(2) may not disclose such information to any person,
including the Congress or the President, unless the individual
that is the subject of the information has authorized such a
disclosure.
(c) Proprietary Business Information and Financial Information.--
The Commission shall protect from improper use, and may not disclose to
any person, proprietary business information and proprietary financial
information that may be viewed or obtained by the Commission in the
course of carrying out its duties under this Act.
(d) Individually Identifiable Information Defined.--For the
purposes of this Act, the term ``individually identifiable
information'' means any information, whether oral or recorded in any
form or medium, that identifies an individual, or with respect to which
there is a reasonable basis to believe that the information can be used
to identify an individual.
<all>