National Academies Press: OpenBook

Privacy Issues with the Use of Smart Cards (2008)

Chapter: V. TRANSIT AGENCIES AND SMART CARDS: POLICIES AND PROCEDURES GOVERNING INFORMATION, ACCESS, AND USE

« Previous: IV. STATE PRIVACY LAW
Page 17
Suggested Citation:"V. TRANSIT AGENCIES AND SMART CARDS: POLICIES AND PROCEDURES GOVERNING INFORMATION, ACCESS, AND USE." National Academies of Sciences, Engineering, and Medicine. 2008. Privacy Issues with the Use of Smart Cards. Washington, DC: The National Academies Press. doi: 10.17226/23104.
×
Page 17
Page 18
Suggested Citation:"V. TRANSIT AGENCIES AND SMART CARDS: POLICIES AND PROCEDURES GOVERNING INFORMATION, ACCESS, AND USE." National Academies of Sciences, Engineering, and Medicine. 2008. Privacy Issues with the Use of Smart Cards. Washington, DC: The National Academies Press. doi: 10.17226/23104.
×
Page 18
Page 19
Suggested Citation:"V. TRANSIT AGENCIES AND SMART CARDS: POLICIES AND PROCEDURES GOVERNING INFORMATION, ACCESS, AND USE." National Academies of Sciences, Engineering, and Medicine. 2008. Privacy Issues with the Use of Smart Cards. Washington, DC: The National Academies Press. doi: 10.17226/23104.
×
Page 19
Page 20
Suggested Citation:"V. TRANSIT AGENCIES AND SMART CARDS: POLICIES AND PROCEDURES GOVERNING INFORMATION, ACCESS, AND USE." National Academies of Sciences, Engineering, and Medicine. 2008. Privacy Issues with the Use of Smart Cards. Washington, DC: The National Academies Press. doi: 10.17226/23104.
×
Page 20
Page 21
Suggested Citation:"V. TRANSIT AGENCIES AND SMART CARDS: POLICIES AND PROCEDURES GOVERNING INFORMATION, ACCESS, AND USE." National Academies of Sciences, Engineering, and Medicine. 2008. Privacy Issues with the Use of Smart Cards. Washington, DC: The National Academies Press. doi: 10.17226/23104.
×
Page 21

Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

18 lists would be used for commercial or fund-raising pur- poses; iv. disclosure of information of a personal nature when disclosure would result in economic or personal hardship to the subject party and such information is not relevant to the work of the agency requesting or maintaining it; or v. disclosure of information of a personal nature reported in confidence to an agency and not relevant to the ordi- nary work of such agency; or vi. information of a personal nature contained in a work- ers' compensation record, except as provided by section one hundred ten of the workers' compensation law.141 Some state statutes apply to information accumu- lated by public transit providers that may impact Smart Card adoption by them. For example, the State of Washington has enacted a Public Records Act that pro- tects individual rights to privacy.142 It requires state agencies to promulgate rules and regulations providing full access to public records.143 Certain information is exempt from disclosure, however. Personal information of employees, appointees, and elected officials is exempt to the “extent that disclosure would violate their right to privacy.”144 Such privacy right is invaded if the “dis- closure of information about the person: (1) Would be highly offensive to a reasonable person, and (2) is not of legitimate concern to the public.”145 Credit card and debit card numbers, bank and other financial account numbers, and other financial information are exempt from public inspection unless disclosure is required by law.146 Certain intelligence information is exempt to the extent necessary for “effective law enforcement or for the protection of any person’s right to privacy.”147 The State of Washington has a specific provision ex- empting certain records held by public utilities and transportation entities. With respect to personally iden- tifying information contained on, inter alia, “stored value smart cards and magnetic strip cards,” the ex- emption from disclosure has three exceptions: (1) disclo- sure to an entity responsible for paying for the transit pass, (2) disclosure to news media when reporting on public transportation or public safety, and (3) disclosure to “governmental agencies or groups concerned with public transportation or public safety.”148 Exemptions from disclosure also exist for individually identifiable records collected for vanpool, carpool, or other rideshar- ing programs and paratransit.149 Georgia’s Open Records Act requires that all public records of an agency be available for public inspection, except those exempt from inspection by law or an order 141 N.Y. CONSOL. LAW PUB. O § 89. 142 WASH. REV. CODE ch. 42.56. 143 Id. § 42.56.100. 144 Id. § 42.56.230(2). 145 Id. § 42.56.050. 146 Id. §§ 42.56.230(4), 42.56.270. 147 Id. § 42.56.240(1). 148 Id. § 42.56.330(5). 149 Id. § 42.56.330(3-4). of a court.150 Numerous exemptions exist. One provision specifically exempts “the financial records or travel his- tory of any individual who is a purchaser of a Tran- sCard or Smartcards or similar fare medium.” Such financial information includes Social Security Numbers; home and email addresses; telephone numbers; and credit, debit card, and bank account information.151 An- other exempts certain personal information compiled for carpooling or ridesharing programs.152 Also generally exempt from disclosure in Georgia is information com- piled for law enforcement purposes;153 records that would “compromise security against sabotage or crimi- nal or terrorist acts, and the nondisclosure of which is necessary for the protection of life, safety, or public property…”;154 Social Security Numbers;155 and certain personal financial information.156 Note that both the Washington and Georgia statutes, though protecting privacy by limiting the dissemination of personal information to the public, are silent as to the information that can be acquired by its agencies or the internal use to which such information is put. V. TRANSIT AGENCIES AND SMART CARDS: POLICIES AND PROCEDURES GOVERNING INFORMATION, ACCESS, AND USE A. Transit ID Cards The Washington Metropolitan Area Transit Authority (WMATA) adopted pre-pay magnetic-strip cards in its Metro transit system in the 1970s. In 1999, in a pilot program, WMATA became the first public transit sys- tem to adopt Smart Cards. The cards were about the size of a credit card, and their magnetic strips recorded what had been pre-paid and allowed deductions there- from each time the card was “swiped” through the exit turnstile. By 2004, more than 800,000 Smart Cards (called SmarTrip®) had been sold. One-third of WMATA Metrorail riders use the cards regularly. SmarTrip® also has been expanded to cover Metro parking lots and bus transit.157 Since the inaugural launch by WMATA, Smart Cards have been adopted in a number of other cities, while a large number of transit providers are either planning to implement Smart Cards or are studying their imple- mentation. The Chicago Card was the nation's first multi-agency, intermodal Smart Card system for public transit. As of 2004, more than 67,000 Chicago Cards 150 GA. CODE ANN. § 50-18-70(b). 151 Id. § 50-17-72(a)(20). 152 Id. § 50-18-72(a)(14). 153 Id. § 50-18-72(a)(3), (4). 154 Id. § 50-18-72(a)(15) 155 Id. § 50-18-72(a)(11.1). 156 Id. § 50-18-72(a)(11.3). 157 http://www.apta.com/research/info/briefings/briefing_6.cfm (Last visited Nov. 9, 2007).

19 were in use. The system is seamlessly interoperable across the Chicago Transit Authority’s (CTA) rail and bus networks, as well as the PACE suburban bus sys- tem.158 Since then, seven Seattle-area transportation agencies have formed a regional intermodal fare collec- tion program that enables customers to use a common interchangeable fare Smart Card (ORCA, or “one re- gional card for all”) on transit, ferry, and rail systems throughout the four-county Central Puget Sound area.159 The Metropolitan Atlanta Rapid Transit Authority (MARTA) inaugurated a Smart Card system (named “Breeze”) in 2005. The Breeze system allows commuters to use a single card to pay for rail, bus, paratransit, and park-and-ride fees.160 In Boston, the Massachusetts Bay Transportation Authority (MBTA) is installing auto- mated fare collection equipment at every subway sta- tion and on every bus, allowing riders to pay by swiping Smart Cards in their names. Each transaction will be recorded electronically, identifying where users were at a particular time on a particular day.161 Similar to the SmarTrip® issued by WMATA is the Maryland Transit Pass, which can be used on Maryland Transit Administration (MTA) local buses, light rail, and Metrorail. The MTA describes the Maryland Tran- sit Pass as a rechargeable “smart card” embedded with a computer chip to keep track of the cash value stored on the card. Think of it as an electronic wallet that stores a cash bal- ance directly onto your card. Fares are automatically de- ducted from the card each time you touch it to the Mary- land Transit Pass target on a bus farebox, or on faregates and Ticket Vending Machines.162 In 1993, the Bay Area Rapid Transit (BART) and the County Connection (the Contra Costa bus system) tested a Smart Card system that proved unreliable. In 1999, a new system was installed by Motorola at a cost of $61 million. Twenty-six transit agencies in the San Francisco Bay Area began testing a universal transit ticket, known as “TransLink,” in January 2002. Coins were replaced by the plastic Smart Card, allowing 4,000 riders a day to pay their fares by sliding the card over an electronic pad. The card was capable either of allow- ing monthly pass usage or of holding and deducting a stored value of money.163 158 Id. 159 http://transit.metrokc.gov/prog/smartcard/smartcard.html (Last visited Nov. 9, 2007). 160 http://www.apta.com/research/info/briefings/briefing_6.cfm (Last visited Nov. 9, 2007). 161 Thomas Caywood, Charlie’s Watching You, BOSTON HER- ALD, Dec. 27, 2005, at 3. 162 http://www.mdtransitpass.com/faq_transitpass.htm (Last visited Nov. 8, 2007). 163 Michael Cabanatuan, Public Transit 'Smart Card' to be Tested: One Ticket Will Pay for Bay Area Travel, S.F. CHRONI- CLE, Nov. 30, 2001, reproduced at http://www.sfgate.com/cgi- In 2003, seven transit agencies in the four-county Puget Sound area—Community Transit, Everett Tran- sit, Kitsap Transit, King County Metro Transit, Pierce Transit, Sound Transit, and the Washington State Fer- ries—created the Central Puget Sound Regional Fare Coordination Project, establishing a common Smart Card named ORCA, which began testing in 2006. The card allows seamless intermodal connections between rail, transit, and ferry modes of transport. It also allows each participant to expand its strategic marketing al- ternatives.164 In 2006, the Los Angeles County Metropolitan Trans- portation Authority, in cooperation with 11 other agen- cies, announced deployment of a Smart Card system for transit riders (the Regional Transit Access Pass pro- gram) for fare payment on all regional rail and bus sys- tems, to be implemented over a 5-year period at a cost of between $32 million and $60 million. A private con- tractor will build and operate the regional service cen- ter to administer cardholder registration, card inven- tory and distribution, and point-of-sale network management, accessible to passengers through a Web site, interactive voice response phone system, customer service representatives, mail, and fax.165 A survey of transit providers disseminated by the Transportation Research Board in late 2006 revealed that, of those responding, 91 percent had not yet adopted Smart Cards.166 Yet, of that group, 65 percent expected to adopt Smart Cards, many in the near fu- ture. One indicated it was evaluating the potential for accepting bank-issued contactless devices for the pay- ment of transit fares. The questionnaire attempted to ascertain what financial, trip, and personal data is gathered; who has access thereto, how long the data is stored; and what privacy and identity theft protections are in place.167 http://www.sfgate.com/cgi- bin/article.cgi?f=/c/a/2001/11/30/MN24612.DTL (Last visited Nov. 9, 2007). 164 http://transit.metrokc.gov/prog/smartcard/smartcard.html (Last visited Nov. 9, 2007). 165 William Welsh, L.A. County Awards Transit Smart-Card Deal, GCN, June 5, 2006, reproduced at http://www.gcn.com/online/vol1_no1/40938-1.html (Last visited Nov. 9, 2007). 166 Thirty-four transit providers responded to the question- naire, of which only three were using Smart Cards in late 2006/early 2007. 167 Essentially, the questionnaire focused on the following issues: 1. Do you now use Smart Cards? If not, do you expect to adopt Smart Cards? If so, when? 2. If you have, or plan to, adopt Smart Cards, for what pur- pose(s) will they be used? Employee access to secured areas? Passengers? By rail? By bus? Both? Can the card be used for non-transit purposes? If yes, please describe? 3. If you have adopted Smart Cards, what are the economic benefits you have realized? Can they be quantified? Are there other non-economic benefits you have realized?

20 Of those transit providers indicating that they were currently using Smart Cards, the following benefits were identified: (1) customer convenience enhanced, (2) product distributed more efficiently, (3) progressive image enhanced, (4) more expeditious movement of pas- sengers through the transit system, and (5) facilitation of innovative marketing and pricing approaches. The type of personal information collected included the pas- senger’s name, address, and telephone number, but not his or her credit card number, checking account num- ber, or driver’s license number. Employers were identi- fied if the customer was part of a transit benefit pro- gram. One transit provider indicated that it correlated trip data with personal information at the zip code level, but not at the personal level; the others did not correlate trip and personal data, but had the capacity to do so. None correlated personal information with data obtained from outside sources. All restricted the class of persons having access to Smart Card data, usually to database and IT administrators and customer service staff. The data collected by most of the transit providers using Smart Cards fell subject to state freedom of in- formation or privacy laws; one had promulgated its own internal regulations and guidelines addressing these issues. Most noted that the data they collected would be subject to court subpoena. The Smart Card Alliance lists the following transit providers as having implemented Smart Card systems as of 2007: • Atlanta/MARTA. • Boston/MBTA. • Chicago/CTA (Chicago Card and Chicago Card Plus). • Houston/Metropolitan Transit Authority of Harris County, Texas/METRO. • Las Vegas/Monorail. 4. If you have adopted Smart Cards, have you encountered any problems with them? If so, of what nature? Were the prob- lems anticipated or unanticipated? 5. Do you gather personal data from Smart Card users? If so, of what nature? 6. Do you gather financial and trip data from Smart Cards? If so, for how long is it stored? Who can access the data? 7. Are you governed by the privacy laws or regulations of your State or local jurisdiction? If so, could you please provide a copy? 8. Have you adopted policies and procedures governing the collection, storage and dissemination of information from Smart Card users? If so, please provide a copy. What was the process by which such policies and procedures were developed? 9. Have you been asked by non-transit entities for informa- tion you have collected in the issuance of Smart Cards? If yes, by whom? By governmental institutions? By judicial institu- tions? By police or security agencies? By the press? By commer- cial institutions? How often? Is data collected by you subject to acquisition under FOIA or state public record laws? 10. What procedures and practices have you adopted to pro- tect the privacy and to protect against identity theft of Smart Card users? • Los Angeles/Los Angeles County Metropolitan Transportation Authority (LACMTA) Universal Fare System (UFS). • Maryland Transit Administration (MTA). • Miami-Ft. Lauderdale-Palm Beach/Miami-Dade Transit (MDT)/South Florida Regional Transportation Authority (SFRTA) (Universal Automated Fare Collec- tion (UAFC)). • Minneapolis/St. Paul/Metro Transit. • New York/Metropolitan Transit Authority (MTA)/New York City Transit (pilot). • Newark/Port Authority of New York and New Jer- sey (PANYNJ) and New Jersey Transit (NJT) (SmartLink). • Orlando/Central Florida Regional Transportation Authority (LYNX)/ Orlando Regional Alliance for Next Generation Electronic Payment Systems (ORANGES). • Port Authority Trans-Hudson (PATH). • Philadelphia/Port Authority Transit Corporation (PATCO). • San Diego/Metropolitan Transit Development Board (MTDB). • San Francisco/Metropolitan Transportation Com- mission (MTC) (Translink®). • Seattle-Puget Sound/King County (KC) Metro. • Utah Transit Authority (pilot). • Ventura County. • Washington/WMATA.168 B. Transit Agency Procedures As a creature of interstate compact not subject to state privacy or freedom of information laws, the multi- jurisdictional WMATA has adopted two policies of rele- vance by resolution of its Board of Directors: (1) a Pub- lic Access to Records Policy, and (2) a Privacy Policy. In them, the WMATA Board recognized the “competing policy concerns between the need to guarantee the pub- lic as much access to information as possible and the need to protect the privacy expectations of persons who are the subject of records….”169 The Public Access to Records Policy is designed to make all official or public records generated in the regular course of business available to the public for inspection or reproduction to the greatest possible extent unless they fall within an exemption from disclosure.170 A specific exemption exists for “personnel and medical files and similar files the disclosure of which would constitute a clearly unwar- 168 http://www.smartcardalliance.org/pages/smart-cards- applications-transportation (Last visited Nov. 9, 2007). See also the Web site of the American Public Transportation Asso- ciation, http://www.apta.com/research/info/briefings/briefing_6.cfm (Last visited Nov. 9, 2007). 169 WMATA, Resolution of the Board of Directors of the Washington Metropolitan Area Transit Authority (May 19, 2005). 170 Id. Exhibit A (Public Access to Records Policy) §§ 1.0 and 3.0.

21 ranted invasion of privacy.”171 WMATA issues Smart- Trip® Cards. Identifiable personal information obtained for such cards is exempt from release unless the request is made pursuant to a court order, by a law enforcement official, or by the registered user of the card.172 Financial and transactional information of WMATA customers is also exempt, but is also subject to these same three ex- ception as cards.173 The WMATA Privacy Policy: (1) prevents the disclo- sure of information about a person without his or her permission; (2) provides the individual with an oppor- tunity to access information about him or her in WMATA records; and (3) gives the individual an oppor- tunity to request amendment of those records.174 WMATA is authorized to maintain only those records concerning an individual that are “relevant and neces- sary to accomplish its purpose in accordance with the WMATA Compact.”175 The Federal Privacy Act,176 spe- cifically prohibits the retention of information of “how any individual exercises rights guaranteed by the First Amendment unless expressly authorized by statute, by the individual about whom the record is maintained, or pertinent to and within the scope of an authorized law enforcement activity.”177 The names and addresses of passengers may not be sold or rented unless specifically authorized by law.178 A general rule prohibits the dis- semination by WMATA personnel of information ob- tained by WMATA and not generally available to the public except in the performance of official duties or in connection with judicial proceedings. Moreover, “Any applicable statute, regulation or WMATA policy provid- ing greater privacy protection controls over this pol- icy.”179 Certain records maintained by the Metro Transit Police involving criminal law enforcement are exempt from release.180 Dan Grabauskas, MBTA General Manager, insists that MBTA will guard personal travel information col- lected by the CharlieCard system. “We are doing more to protect the privacy of the card holders than any other transit agency in America,'' Grabauskas said. MBTA developed a privacy policy after a series of public hear- ings and meetings with civil rights and privacy watch- dogs. The Smart Card automated fare system will re- cord where a passenger boards the system and at what time. It will not record any data on the rider's destina- tion. The information will be archived for 1 1/2 to 2 171 Id. Exhibit A (Public Access to Records Policy) § 6.1.6. 172 Id. Exhibit A (Public Access to Records Policy) § 6.1.8 173 Id. Exhibit A (Public Access to Records Policy) § 6.1.9. 174 Id. Exhibit B (Privacy Policy) § 1.0. 175 Id. Exhibit B (Privacy Policy) § 7.6.1. 176 5 U.S.C. § 555a(e)(7). 177 WMATA, Resolution of the Board of Directors of the Washington Metropolitan Area Transit Authority (May 19, 2005). Exhibit B (Privacy Policy) § 7.6.6. 178 Id. Exhibit B (Privacy Policy) § 7.6.9. 179 Id. Exhibit B (Privacy Policy) § 6.2. 180 Id. Exhibit B (Privacy Policy) § 9.4. years.181 Procedures and policies regarding the collec- tion, storage, and dissemination of information from Smart Card users also are under development at the Metropolitan Atlanta Rapid Transit Authority. A random search of transit Web sites revealed that virtually no transit providers address privacy concerns associated with Smart Cards. Many do have a “privacy policy” link that addresses privacy concerns associated with visiting their Web sites, but that is an entirely different issue. One exception was the Web site of the University of Washington, which has this entry on a page of “frequently asked questions”: I have seen a great deal in the news lately about security and privacy issues with smart cards and I am concerned about the security of my personal information. How will this be addressed? There will be no personal information stored on the smart chip. The chip will simply be a number in the transit sys- tem that either has the U-PASS activated or not. The UW will send files to the transit agency "clearing house," which identifies which smart cards are active, valid U- PASS holders. These files will have the serial number of the active U-PASSes but will contain no names. Transportation Services will be the office that maintains the information on who has a valid U-PASS, and will keep this information private in accordance with the UW privacy policy, "UW Electronic Information Privacy Policy on Personally Identifiable Information."182 Public confidence surrounding privacy issues with Smart Cards would be enhanced if transit providers would, first, adopt a privacy policy on the subject (iden- tifying the type of information collected, how it is to be stored, who will have access to it, and under what cir- cumstances it will be released outside the agency), and second, post that policy on their Web sites. Transpar- ency is a fundamental component of good government. C. Suggestions for Access to Collected Information Although governmental agencies are given wide lati- tude in collecting information from transit users and then using that information in their operations, there is a widespread belief that it would be prudent for transit providers to protect individual privacy in designing their ITS: In the first place, recognition of privacy as a value seems worthy of concern in designing ITS systems, because in the long run public acceptance and use of ITS services will depend on public confidence in the technology as not predatory or harmful. Respecting privacy fosters public confidence in ITS and will add to the consumer appeal of ITS services. Second, taking account of privacy is man- dated under the federal organic act, which created the 181 Caywood, supra note 161. 182 http://hfs.washington.edu/husky_card/default.aspx?id=953 (Last visited Nov. 9, 2007).

22 federal ITS program. Third, a variety of existing privacy laws will constrain how ITS can be operated.183 The threshold question is what personal information is really necessary to obtain and maintain. To answer that, one must ask for what the information will be use- ful. If the only thing the transit provider views as es- sential is simply monitoring financial payment, then an anonymous debit card will do nicely. If, however, the transit provider would like to enhance its marketing data, then a correlation of travel patterns with personal demographic information, including such things as age and income, frequency of travel, and proximity of home vis-à-vis work, may be quite useful. Additional informa- tion, including biometric identifiers correlated with TSA and law enforcement information, may enhance transit security. In the 1970s the U.S. Congress developed “Fair In- formation Standards” to address the question of protect- ing privacy. These principles to date have not been codi- fied; however, they have been used by Congress and federal and state agencies as the framework for privacy- related legislation and regulations. 184 These guidelines have been widely used in the assessment and imple- mentation of the guidance for Homeland Security Presidential Directive 12185 and TSA privacy regula- tions. 186 The U.S. Department of Justice has incorporated the Fair Information Principles as follows: 1. Collection limitation principle. There should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject. 2. Data quality principle. Personal data should be rele- vant to the purposes for which they are to be used and, to the extent necessary for those purposes, should be accu- rate, complete, and kept up to date. 3. Purpose specification principle. The purposes for which personal data are collected should be specified not later than at the time of data collection and the subsequent use limited to the fulfillment of those purposes or such others as are not incompatible with those purposes and as are specified on each occasion of change of purpose. 4. Use limitation principle. Personal data should not be disclosed, made available, or otherwise used for purposes other than those specified in accordance with Paragraph three except (a) with the consent of the data subject or (b) by the authority of law. 5. Security safeguards principle. Personal data should be protected by reasonable security safeguards against such 183 Glancy, supra note 10, at 151, 170. 184 See MARK MCNULTY, TREATMENT OF PRIVACY ISSUES IN THE PUBLIC TRANSPORTATION INDUSTRY (Transportation Re- search Board, Transit Cooperative Research Program, Legal Research Digest No. 14, app. A, 2000). 185 http://www.whitehouse.gov/news/releases/2004/08/20040827- 8.html (Last visited Jan. 24. 2008). 186 http://www.tsa.gov/assets/pdf/rt_standards_v3_0.pdf. risks as loss or unauthorized access, destruction, use, modification, or disclosure of data. 6. Openness principle. There should be a general policy of openness about developments, practices, and policies with respect to personal data. Means should be readily avail- able of establishing the existence and nature of personal data, and the main purposes of their use, as well as the identity and usual residence of the data controller. 7. Individual participation principle. An individual should have the right to (a) obtain from a data controller, or otherwise, confirmation of whether or not the data con- troller has data relating to him; (b) have communicated data relating to him within a reasonable time, at a charge, if any, that is not excessive, in a reasonable man- ner, and in a form that is readily intelligible to him; (c) be given reasons if a request made under (a) and (b) is de- nied, and to be able to challenge such denial; and (d) chal- lenge data relating to him and, if the challenge is success- ful, to have the data erased, rectified, completed, or amended. 8. Accountability principle. A data controller should be accountable for complying with measures which give ef- fect to the principles stated above. 187 The State of California transportation agency (Cal- trans) issues broad privacy guidelines that can be used by state agencies to design policies specific to each op- eration. The text below reflects general requirements for State departments. Pursuant to Government Code Section 11019.9, all de- partments and agencies of the State of California shall enact and maintain a permanent privacy policy, in adher- ence with the Information Practices Act of 1977 (Civil Code Section 1798 et seq.), that includes, but not neces- sarily limited to, the following principles: (a) Personally identifiable information may only be ob- tained through lawful means. (b) The purposes for which personally identifiable data are collected shall be specified at or prior to the time of collection, and any subsequent use of the data shall be limited to and consistent with the fulfillment of those purposes previously specified. (c) Personal data may not be disclosed, made available, or otherwise used for a purpose other than those specified, except with the consent of the subject of the data, or as required by law or regulation. (d) Personal data collected shall be relevant to the pur- pose for which it is needed. (e) The general means by which personal data is pro- tected against loss, unauthorized access, use, modifica- tion, or disclosure shall be posted, unless the disclosure of those general means would compromise legitimate agency objectives or law enforcement purposes. Each department shall implement this privacy policy by: 187 See Justice Information Privacy Guideline, app. A (2002), available at http://www.ncja.org/Content/NavigationMenu/PoliciesPractices /JusticeInformationPrivacyGuideline/privacyguideline.pdf (Last visited Jan. 24, 2008).

Next: VI. CONCLUSION »
Privacy Issues with the Use of Smart Cards Get This Book
×
 Privacy Issues with the Use of Smart Cards
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

TRB’s Transit Cooperative Research Program (TCRP) Legal Research Digest 25: Privacy Issues with the Use of Smart Cards examines basic privacy issues associated with the acquisition and storage of financial and trip data associated with the use of a transit smart card. The report explores who can access the data collected, what data may be accessed and under what conditions, and how the information can be used.

READ FREE ONLINE

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  6. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  7. ×

    View our suggested citation for this chapter.

    « Back Next »
  8. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!