A federal commission will recommend to President Carter and Congress that the law protecting the privacy of personal records held by the government be extended to private industry.

Under the Privacy Act of 1974, a person has the right to know what files a federal agency keeps on him or her and to what uses they will be put, to see and correct those files and to be asked permission each time the files is used for other than routine purposes. An agency is barred from collecting information on political and religious activities or acquiring data that is not relevant or necessary, except in certain circumstances.

The still secret recommendation by the Privacy Protection Study Commission would extend the act's provisions to records kept by such private institutions as medical, insurance, educational and financial organizations.

Such a universal privacy law would restrict the present policy of selling or giving data to third parties - like debt collection agencies, mail order services and law enforcement officials - without the subject's knowledge.

It would grant the individual the right to see, copy and correct information about him held by a company except in certain specified cases. It would prohibit dissemination of this data, except in certain specified cases, without the subject's permission.

The commission's recommendations resulted from an 18-month, $2 million inquiry into how well the Privacy Act was working and whether it also should be applied to non-governmental record keepers. New York international management consultant David F. Linowes was the chairman and Rep. Edward I. Koch (D-N.Y.), spearheaded the commission as it interviewed 300 witnesses, from corporation chairmen to small-time bill collectors to the head of the Internal Revenue Service.

For example, American Express said it often supplied information about its credit card holders' travel and entertainment accounts to government agencies such as the IRS and even to divorce lawyers without requiring a subpoena or telling the card holders.

Other practices alleged during the hearings were the theft for profit of medical records by agents of Factual Service Bureau, Inc., posing as nurses, priests, revenue agents, and making "emergency" calls to hospital record sections in the middle of the night.

Then there were Wackenhut detectives working for insurance companies who impersonated detergent manufacturer representatives in order to get into private homes and check out suspected insurance frauds. The commission will recommend that such pretext interviews be made a federal crime.

Throughout the hearings, the question often arose as to whether the abuses the commission sought to remedy were actual or potential resulting from increased use of computerized data banks. Chairman Linowes said in not found "massive evidence" (of abuses), "but they're there." He singled out the medical records, insurance and credit industries as having the most abuses.

Yet he cautioned that unless the amount and type of data fed into computers were reduced and information destroyed after use, the day would come when computer operators could profile not only how an individual acts, but how he thinks, "and pretty soon, how he will vote."

Last June, the commission offered preliminary recommendations on tax returns. It said returns should be made available to prosecutoin non tax-related cases only on issuance of a court order based on probable cause a crime has been committed and only after the taxpayer has had a chance to fight the order.

That proposal drew, fire this year from Attorney General Griffin Bell, who claimed is would impede justice, but Congress refused to take the provision out of the Tax Reform Act.

Because insurers are not regulated by the federal government, most of the burden of curbing privacy abuse would be left to state insurance commissioners. However, the commission also will recommend extending the Fair Credit Reporting Act to the low a person to see his or her insurance records.