Section 6403 of the Intelligence Reform and Terrorism Prevention Act of 2004 calls upon the U.S. Attorney General to “make recommendations to Congress for improving, standardizing, and consolidating the existing statutory authorizations, programs, and procedures for the conduct of criminal history record checks for non-criminal justice purposes.” This report responds to the congressional interest in these issues expressed in Section 6403 and seeks to provide insight on possible ways that the law can be changed to create a framework for providing broader private sector access to state and FBI-maintained criminal history records without the need to enact separate statutes that create inconsistent levels and rules for access. This document discusses the Freedom of Information and Privacy Acts, Privacy and Fair Information Practices Interests in criminal background screening, the National Crime Prevention and Privacy Compact, privacy protections in private sector criminal history databases and screening services, Private Sector Interest in Access to FBI-Maintained Criminal History Record Information, data quality issues, privacy protection recommendations, and much more on the topic of privacy as it relates to background checks.
The NSTC Subcommittee on Biometrics and Identity serves as part of the internal deliberative process of the NSTC. The Subcommittee reports to and is directed by the NSTC Committee on Technology, and part of its charter is to facilitate the inclusions of privacy-protecting principles in biometric system design. The goal of this policy is to establish a framework to reach interagency consensus on biometric standards adoption for the federal government. Federal-agency adoption of these recommended standards and associated conformity assessment programs will enable necessary next-generation federal biometric systems, facilitate biometric system interoperability, and enhance the effectiveness of biometrics products and processes. The policy includes a listing of the roles and responsibilities of agencies with biometric programs, including compliance with the requirements of the Privacy Act of 1974 and the E-Government Act of 2002, as well as other applicable privacy-related laws and agency policies.
This directive establishes a framework to ensure that federal executive departments and agencies use mutually compatible methods and procedures in the collection, storage, use, analysis, and sharing of biometric and associated biographic and contextual information of individuals in a lawful and appropriate manner, while respecting their information privacy and other legal rights under United States law.
The purpose of this report is to provide an analysis of how the applicable U.S. laws impact the use of biometrics in general in the United States, particularly with respect to national security. The report demonstrates that the use of biometrics as part of the nation’s efforts to increase security and protect against future terrorist attacks is not at odds with the protection of privacy and civil liberties. The report further demonstrates how, under the current legal system and state of the law, biometrics can be legally used as a system to verify identity in virtually any situation and, under certain circumstances, to positively identify individuals through the use of databases. Contents include Privacy Law Applicable to the Public Sector (Constitutional Privacy Law and Statutory Privacy Laws), Privacy and National Security, Privacy Law Applicable to the Private Sector (HIPAA, Statutes Governing Banks, and Statutes Governing computers), Common Law Tort Privacy Rights, and Conclusion: Impact of U.S. Privacy Law on the Use of Biometrics. A related resource, also developed by NBSP, is the Report on International Data Privacy Laws and Application to the Use of Biometrics in the United States.