[Politech] EPIC on Doe v. Chao Supreme Court decision [priv]

From: Declan McCullagh (declan@private)
Date: Thu Feb 26 2004 - 21:12:27 PST

  • Next message: Declan McCullagh: "[Politech] DoubleClick predicts more profiling of Internet users [priv]"

    ======================================================================
    [1] Supreme Court Sides With Government on Privacy Act Damages
    ======================================================================
    
    
    The Supreme Court has ruled in a 6-3 decision that an individual must
    prove he has suffered actual harm before he can receive a $1,000
    minimum award guaranteed by law when the government wrongfully
    discloses personal information.
    
    
    The case, Doe v. Chao, arose from the Department of Labor's use of
    miners' Social Security numbers to identify their black lung claims on
    official agency documents, some of which were made public.  Several
    miners sued the agency, arguing that they were entitled to $1,000
    minimum damages from the government provided under the Privacy Act.
    The United States District Court for the Western District of Virginia
    found that only one miner, Buck Doe, was entitled to damages because
    he had shown that he suffered sufficient emotional distress as a
    result of the disclosure of his Social Security Number to be awarded
    damages.  The United States Court of Appeals for the Fourth Circuit
    disagreed, concluding that Doe was not entitled to damages under the
    Privacy Act because he failed to show that any tangible harm resulted
    from the disclosure of his Social Security Number.
    
    
    EPIC collaborated with numerous consumer and privacy organizations,
    legal scholars and technical experts to submit a "friend of the court"
    brief to the Supreme Court on Doe's behalf, arguing that the Privacy
    Act provides damages for those who suffer "adverse effects," which
    does not require actual harm.  The brief pointed to the dangers of
    Social Security Number disclosure, the tradition of providing similar
    awards under other privacy laws, and the history of the Privacy Act to
    show that actual harm is not necessary to recover the $1,000 award
    under the Privacy Act.
    
    
    The Supreme Court concluded, however, that an individual must prove
    actual damages to receive the $1,000 award from the government.
    Justice Souter (joined by the Chief Justice and Justices O'Connor,
    Scalia, Thomas, and Kennedy) found that the most straightforward
    reading of the Privacy Act supported the conclusion that an individual
    must prove actual harm to collect minimum damages under the Privacy
    Act, noting that it is unusual for a law not to require proof of harm
    suffered before an individual is awarded of damages.
    
    
    In a dissenting opinion, Justice Ginsburg (joined by Justices Stevens
    and Breyer) argued that the majority's interpretation of the law
    failed to take into account each word of the section of the Privacy
    Act that provides for damages.  Justice Ginsburg pointed out that the
    majority's decision is at odds with the Office of Management and
    Budget's guidelines for interpreting the Privacy Act, which were
    issued just six months after the law was passed.  She asserted that
    the majority's holding encourages individuals to "arrange or
    manufacture" actual damages, such as paying a fee to run a credit
    report, in order to be allowed to recover the minimum $1,000 under the
    Privacy Act.  She also noted that the Privacy Act's language is
    similar to that of other federal laws that do not require proof of
    actual harm for an individual to collect the minimum award provided
    under the law. In a separate dissent, Justice Breyer found "no support
    in any of the statute's basic purposes for the majority's restrictive
    reading of the damages provision."
    
    Doe v. Chao, Supreme Court Docket No. 02-1377:
    
    http://www.supremecourtus.gov/opinions/03pdf/02-1377.pdf
    EPIC's amicus brief filed in Doe v. Chao:
    
    http://www.epic.org/privacy/chao/Doe_amicus.pdf For more information about 
    the case, see EPIC's Doe v. Chao Page:
    
    http://www.epic.org/privacy/chao/
    _______________________________________________
    Politech mailing list
    Archived at http://www.politechbot.com/
    Moderated by Declan McCullagh (http://www.mccullagh.org/)
    



    This archive was generated by hypermail 2b30 : Thu Feb 26 2004 - 21:32:17 PST