The Internal Revenue Service could no longer conduct "fishing expeditions" in airline records to find out who had flown to Los Vegas to gamble.
An insurance investigator could no longer pose as a nurse or relative to gain access to medical records of a patient suspected of fraud.
Employers could no longer require job applicants to underground lie detector tests.
There are some of the inroads on privacy that would be curbed under recommendations of the Privacy Protection Study Commission. Its 650 page, $1.75 million study, which was presented yesterday to the President and to Congress, concludes that in this age of computerized data banks. Americans should have the right to expect that their personal records will neither be disclosed without their permission nor used against them by government or business.
The commission's 162 recommendations deal with financial medical, insurance, education and employment records. In general, the recommendations call for federal or state laws of voluntary action to assure that the individual knows what information is being kept on him, the uses to which it is being put and to afford him the opportunity to change or amend it.
In receiving the report yesterday President Carter termed it "an important study that I've been looking forward to going over." He said he would personally pass out copies to Cabinet officers at their Monday meeting and would use the influence of the office to get action on it.
During a joint hearing yesterday, Sen. Abraham A. Ribicoff (D-Conn.) outlined the need for action in the privacy area. In 1976,97 federal agencies had 6,753 personal data systems containing nearly 4 billion individual records. The federal government alone now spends over $10 billion annually on computer systems, 5,000 fold increase in the past quarter century.
Ribicoff and other legislators generally lauded the commission report, although they criticized its provisions for safeguarding employment files which would be done on a voluntary basis only, and its vagueness on a proposed watchdog board to monitor statutes and areas of privacy concern in both the public and private sectors.
David F. Linowes, chairman of the commission that spent over two years interviewing 300 witnesses, said the group's mission was to call attention to this "new massive phenomenon the computer." Likening it to the printing press and the automobile, he added. "A revolution is taking place and we must give the system an opportunity to adjust."
The privacy commission grew out of the Privacy Act of 1974, which opened up access to heretofore secret files on individuals. The commission has suggested tightening that act in the public sector and extending its principles - though not its exact provisions - to the private sector. Mindful of popular opposition to additional layers of bureaucracy on business, the commission shied away from more control.
Of all the business areas studied, the least abuse was found in the mailing list industry and in the use of Social Security numbers as a method of personal identification. The greatest misuse of personal data occurred in the credit and medical records - including unsurance - industries.
Eleven bills based on recommendations by the commission were introduced yesterday by Sen. Birch Bayh (D-Ind.) and Reps. Barry M. Goldwater Jr. (R-Calif.) and Edward I. Koch (D-N.Y.). These include restriction of the use of Social Security numbers as identification, and cutting off Medicare and Medicaid funds to certain state welfare agencies that do not keep individually identifiable records confidential.
Other commission recommendations:
Government agencies would have to get administrative or judicial subpoenas to obtain private files without permission unless authorities deem material would be destroyed* or the subject might flee.
No government body, such as the Federal Reserve System, could operate an electronic funds transfer system that involves transactions among private parties.
Mailing list companies would have to inform persons how they are selected, what is done with the list, and inform businesses if persons want their names removed.
An insurance company could not refuse to write a new policy based on the fact another company refused to do so.
Students and applicants would be able to see letters of recommendation, favorable or otherwise, unless the student agreed in advance with the writer the letter should remain secret from him.
Medical records would be made available only on a "need-to-know" basis for the patient or society's safety for audit or law enforcement purposes.
Many of these recommendations can be expected to become law through amendments to the Fair Credit Reporting Act. Only in the area of mailing lists, where there is little problem, and in employment - where commission feared workers could be fired for demanding their records - would the measures be voluntary.
In establishing a legal expectation of confidentiality, the commission has provided that the individual could recover ganeral damages, up to $10,000 if a court determines a business willfully or intentionally violated a person's privacy.