The National Academies Press

Currently Skimming:

Pages 38-43

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 39... ... 39 Although some states have laws, regulations, and guidelines that apply to state agencies or to state and local agencies, none were located for the digest that apply specifically to transit agencies. Read the entire page →
From page 40... ... 40 storage, maintenance, dissemination, and access to government data in government entities."539 The MGDPA applies to all "data in which any individual is or can be identified as the subject of that data."540 In defining the term "data," the MGDPA uses the term "not data on individuals" to mean that there is no identification of individuals in the data.541 In Ohio, the privacy statutes that govern personal information systems require every state or local agency that maintains a personal information system to take steps and implement procedures to monitor the accuracy of the data and protect personal information in the system.542 Agencies are directed to "collect, maintain, and use" only personal information that is necessary and relevant to the agencies' functions as required by law.543 The term "personal information" is defined as any information that describes anything about a person, or that indicates actions done by or to a person, or that indicates that a person possesses certain personal characteristics, and that contains, and can be retrieved from a system by, a name, identifying number, symbol, or other identifier assigned to a person.544 Virginia's Government Data Collection and Dissemination Practices Act (GDCDPA) states that "an individual's privacy is directly affected by the extensive collection, maintenance, use and dissemination of personal information"545 and that procedures must be established for systems having records on individuals.546 The Virginia statute applies to "any agency…or governmental entity of the Commonwealth or of any unit of local government,"547 as well as any entity, public or private, having a contract to operate "a system of personal information…."548 The GDCDPA requires government agencies and entities to adhere to 10 principles of information practice, including a prohibition on keeping PII in a secret system, a requirement that agencies take precautions to prevent misuse of PII, and a prohibition on the collection of PII unless authorized by law.549 (b) Read the entire page →
From page 41... ... 41 A case involving the IPA is Bates v. Franchise Tax Bd.,559 in which the plaintiffs sued two state agencies and individuals who worked in those agencies.560 The IPA imposes "limitations on the right of governmental agencies to disclose personal information about an individual."561 Although public entities in California are immune from suit in the absence of a constitutional or statutory provision that "declares them to be liable,"562 Section 1798.45 of the IPA provides for a private right of action against a state agency that violates the IPA.563 As stated, in the event of a violation of Sections 1798.48(b) Read the entire page →
From page 42... ... 42 (2) Intentionally using or disclosing the personal information in a manner prohibited by law; (3) Read the entire page →
From page 43... ... 43 cannot be accessed, viewed or acquired unless authorized by law."589 Arizona also mandates that agency Web sites have a privacy policy that discloses the information "gathering and dissemination practices" related to the Internet.590 The statute requires that agencies describe at a minimum the information an agency obtains from individuals online,591 how the information is to be used,592 and the circumstances under which an agency would disclose the information to other entities.593 California requires agencies that collect PII to establish a privacy policy and provide a copy of the policy to subscribers.594 Illinois requires that Web sites of state agencies not "use permanent cookies or other invasive tracking programs that monitor and track website viewing habits"595 unless the tracking adds user value and is "disclosed through a comprehensive online privacy statement."596 In a similar manner, South Carolina requires state agencies to develop privacy policies to ensure that personal information is used only to fulfill a legitimate public purpose and directs that agencies "minimize instances where personal information is disseminated."597 E State Legislation Applicable to Electronic Communications or Stored Data Depending on the circumstances, there may be remedies under state law when an unauthorized person intercepts electronic communications or obtains access to archived data. Read the entire page →

From page 39...

... 39 Although some states have laws, regulations, and guidelines that apply to state agencies or to state and local agencies, none were located for the digest that apply specifically to transit agencies.

Read the entire page →

From page 40...

... 40 storage, maintenance, dissemination, and access to government data in government entities."539 The MGDPA applies to all "data in which any individual is or can be identified as the subject of that data."540 In defining the term "data," the MGDPA uses the term "not data on individuals" to mean that there is no identification of individuals in the data.541 In Ohio, the privacy statutes that govern personal information systems require every state or local agency that maintains a personal information system to take steps and implement procedures to monitor the accuracy of the data and protect personal information in the system.542 Agencies are directed to "collect, maintain, and use" only personal information that is necessary and relevant to the agencies' functions as required by law.543 The term "personal information" is defined as any information that describes anything about a person, or that indicates actions done by or to a person, or that indicates that a person possesses certain personal characteristics, and that contains, and can be retrieved from a system by, a name, identifying number, symbol, or other identifier assigned to a person.544 Virginia's Government Data Collection and Dissemination Practices Act (GDCDPA) states that "an individual's privacy is directly affected by the extensive collection, maintenance, use and dissemination of personal information"545 and that procedures must be established for systems having records on individuals.546 The Virginia statute applies to "any agency…or governmental entity of the Commonwealth or of any unit of local government,"547 as well as any entity, public or private, having a contract to operate "a system of personal information…."548 The GDCDPA requires government agencies and entities to adhere to 10 principles of information practice, including a prohibition on keeping PII in a secret system, a requirement that agencies take precautions to prevent misuse of PII, and a prohibition on the collection of PII unless authorized by law.549 (b)

Read the entire page →

From page 41...

... 41 A case involving the IPA is Bates v. Franchise Tax Bd.,559 in which the plaintiffs sued two state agencies and individuals who worked in those agencies.560 The IPA imposes "limitations on the right of governmental agencies to disclose personal information about an individual."561 Although public entities in California are immune from suit in the absence of a constitutional or statutory provision that "declares them to be liable,"562 Section 1798.45 of the IPA provides for a private right of action against a state agency that violates the IPA.563 As stated, in the event of a violation of Sections 1798.48(b)

Read the entire page →

From page 42...

... 42 (2) Intentionally using or disclosing the personal information in a manner prohibited by law; (3)

Read the entire page →

From page 43...

... 43 cannot be accessed, viewed or acquired unless authorized by law."589 Arizona also mandates that agency Web sites have a privacy policy that discloses the information "gathering and dissemination practices" related to the Internet.590 The statute requires that agencies describe at a minimum the information an agency obtains from individuals online,591 how the information is to be used,592 and the circumstances under which an agency would disclose the information to other entities.593 California requires agencies that collect PII to establish a privacy policy and provide a copy of the policy to subscribers.594 Illinois requires that Web sites of state agencies not "use permanent cookies or other invasive tracking programs that monitor and track website viewing habits"595 unless the tracking adds user value and is "disclosed through a comprehensive online privacy statement."596 In a similar manner, South Carolina requires state agencies to develop privacy policies to ensure that personal information is used only to fulfill a legitimate public purpose and directs that agencies "minimize instances where personal information is disseminated."597 E State Legislation Applicable to Electronic Communications or Stored Data Depending on the circumstances, there may be remedies under state law when an unauthorized person intercepts electronic communications or obtains access to archived data.

Read the entire page →

Key Terms

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.