OVERVIEW OF THE PRIVACY ACT OF 1974

AGENCY REQUIREMENTS

Each agency that maintains a system of records shall--

J. 5 U.S.C.  552a(e)(10)

"establish appropriate administrative, technical and physical safeguards to insure the security and confidentiality of records and to protect against any anticipated threats or hazards to their security or integrity which could result in substantial harm, embarrassment, inconvenience, or unfairness to any individual on whom information is maintained."

comment --

This provision may come into play when documents are "leaked." See, e.g., Pilon v. United States Dep't of Justice, 796 F. Supp. 7, 13 (D.D.C. 1992) (because subsection (e)(10) is more specific than subsection (b), it governs with regard to allegedly inadequate safeguards that resulted in disclosure); Kostyu v. United States, 742 F. Supp. 413, 414-17 (E.D. Mich. 1990) (alleged lapses in IRS document-security safeguards were not willful and intentional). One district court has found that disclosures that are the result of "official decisions" by an agency, "cannot be the basis for a claim under subsection (e)(10)." Chasse v. United States Dep't of Justice, No. 1:98-CV-207, slip op. at 16-17 (D. Vt. Jan. 14, 1999) (magistrate's recommendation), adopted (D. Vt. Feb. 9, 1999), aff'd on other grounds sub nom. Devine v. United States, 202 F.3d 547 (2d Cir. 2000). For a further discussion of this provision, see OMB Guidelines, 40 Fed. Reg. 28,948, 28,966 (1975).


Go to Table of Contents || Previous Section Agency Requirements: 5 U.S.C. 552a(e)(9) || Next Section Agency Requirements: 5 U.S.C. 552a(e)(11)