Private Data Vs. Public War

A number of bills in Congress reflect concerns about a loss of privacy as the government increases its snooping abilities in the war on terrorism.

One bill would require new federal regulations to come with a "privacy impact statement." That, says one sponsor, Rep. Bob Barr (R) of Georgia, would force government to put privacy concerns more top of mind.

Data collected on individuals by financial institutions has become of greater interest to federal officials trying to track money-laundering and terrorist-funding networks. The USA Patriot Act passed after Sept. 11 requires financial firms to share data with federal investigators. That mobilizes privacy champions like Mr. Barr.

Case in point: The recently formed Transportation Security Administration (TSA) is looking into tapping credit, tax, and insurance histories that would be used to "score" airline ticketholders on the probability of their being terrorists. Barr's measure would force bureaucracies to rethink such an intrusion of private financial records in order to avoid reducing public trust in government.

Though its value to law enforcement is undeniable, the idea of fusing government and private-sector databases in the name of greater efficiency crosses a privacy line, and sets up a troubling convergence of information resident in a single location.

One Senate bill requires businesses operating online to obtain a customer's permission before sharing personal data, whether credit history or ethnicity. This "opt-in" approach puts the onus on business to seek approval first. Business interests are lobbying against the opt-in bill.

A similar idea, also in play at the TSA, would allow frequent flyers to choose to undergo a thorough background check in order to get through airport security more quickly. This makes more sense than a carte blanche ability to gather private-sector information and use it to screen passengers.

Privacy policies used by most businesses, online and off, also give customers an "opt-out" option, allowing them to indicate that they don't want their personal data shared. Under a 1999 federal law, companies have to offer that option, but the issue has become whether they offer it in terms understandable to most consumers. The "opt-out" notices in mailings from banks and big retailers are understood by only 5 percent of recipients.

Either approach would give people more control over how their personal information is used.