Last reviewed March 2015
Minnesota Issues Resource Guides
Legislative History • Books and Reports • Articles • Internet Resources
Additional Library Resources • Federal Legislation
This guide is compiled by staff at the Minnesota Legislative Reference Library on a topic of interest to Minnesota legislators. It is designed to provide an introduction to the topic, directing the user to a variety of sources, and is not intended to be exhaustive.
State policy makers face the fundamental question of how to strike a balance between the free flow of public information and the protection of personal information. Privacy advocates feel consumers should have the opportunity to choose how (or whether) their personal information is used by the businesses and government agencies with whom they have direct contact - or by third parties. The data collected by law enforcement agencies is a major discussion point for Minnesota lawmakers this year due in part to national discussions over emerging details of National Security Agency mass surveillance programs and U.S. drone use, as well as local debate over license-plate readers and cell-phone tracking devices.
In 2014, Minnesota lawmakers introduced more than a dozen bills aimed at addressing growing concerns over surveillance and personal data privacy, as well as consumer protection efforts in response to the largest data breach on record experienced by a local retailer. In the end, the only reform enacted was Chapter 278 (SF 2466) requiring law enforcement agencies to obtain a court order before using high-tech snooping devices such as Kingfish and Stingray, which track people's movements via their cellphones. The bill passed easily through both chambers.
Over the past decade legislation relating to identity theft, telecommunications, financial institutions' sharing of customer data, medical records privacy, government records, and telemarketing has been debated. A selection of reports and resources that explore the many facets of privacy concerns in Minnesota are presented below.
Minnesota Government Data Practices - Minnesota Statutes, chapters 13, 13A, 13B, 13C (See Laws of Minnesota 1979, chapter 328, section 1, Laws of Minnesota 1974, chapter 479 and Privacy of Communications Act: Laws of Minnesota 1969, chapter 953.)
Significant Books and Reports
Cleveland, Emily. Genetic Privacy Law and the Bearder Case. St. Paul: Research Department, Minnesota House of Representatives, 2013. (KFM5862.5.P8 C54 2013)
Commercial Data Mining of Criminal Justice System Records / Delivery Team Report to the Criminal and Juvenile Justice Information Task Force. St. Paul: Criminal and Juvenile Justice Information Task Force, 2008. (JK6149.R4 C66 2008)
Douma, Frank. ITS Personal Data Needs: How Much do we Really Need to Know? Minneapolis, MN: Intelligent Transportation Systems Institute, Center for Transportation Studies, University of Minnesota, 2012. (TE228.3 .D68 2012)
Gehring, Matt. Criminal Background Checks: An Overview of Minnesota Law. St. Paul: Research Dept., Minnesota House of Representatives, Updated February 2014. (HF5549.5.E429 M45 2014)
Gehring, Matt. Minnesota Government Data Practices Act: A Data Privacy Overview. St. Paul: Research Dept., Minnesota House of Representatives, Updated 2010. (KFM5862.6.A25 M35 2010)
Genetic Information in Minnesota: A Report to the Minnesota Legislature. St. Paul: Minnesota Dept. of Administration, 2009. (KFM5862.5.P8 M56 2009)
Guarding your Privacy: Tips to Prevent Identity Theft. St. Paul: Minnesota Attorney General, 2007. (HV6679 .G83 2007)
A Legal Guide to Privacy and Data Security. St. Paul: Minnesota Department of Employment and Economic Development and Gray Plant Mooty, 2014.
Planning for Implementation of the REAL ID Act: Report to the Legislature. St. Paul: Minnesota Department of Public Safety, April 14, 2016. (KFM5697.6 P53 2016)
Request to Classify Data Obtained by the use of Automatic License Plate Readers as "Not Public Data" — Findings of Fact and Conclusions. St. Paul: Minnesota Dept. of Administration, 2013. (KFM5862.5.P8 A52 2013)
Smith, Robert Ellis. Compilation of State and Federal Privacy Laws. Providence, RI: Privacy Journal, 2013. (REF KF1262.A29 C66 2013).
You Are Being Tracked: How License Plate Readers Are Being Used To Record Americans' Movements. New York, NY: American Civil Liberties Union, 2013. (TK7882.E2 Y68 2013)
(articles in reverse chronological order)
West, Jonathan P. "The Domestic Use of Drones: an Ethical Analysis of Surveillance Issues." Public Administration Review, July/August, 2016, p. 649-661.
"Domestic Drones: Balancing Privacy and Safety with Innovation and Opportunity." Congressional Digest, June 2016, entire issue.
Paquette, Joe R. "Uncle Sam is Watching You: a Recommendation for Minnesota Legislation Regarding Police Drone Use." William Mitchell Law Review, Vol. 42, Issue 4, 2016.
Seo, Olivia S. "Government Monitoring of Social Networks and the Reach of the Fourth Amendment." Criminal Justice, Winter 2014, p. 36-40, 62.
"Riley v. California". Supreme Court of the United States, Decision No. 13-132. Argued April 29, 2014 - Decided June 25, 2014. (In a landmark decision the Supreme Court has ruled that before police can search for information on an arrestee's cell phone they must secure a warrant.)
Taylor, Stuart Jr. "The Big Snoop: Life, Liberty, and the Pursuit of Terrorists." The Brookings Institute Essay, April 29, 2014.
Bierschbach, Briana. "Privacy, Please: Legislators, Cops and Agencies Wrestle Over Data Protection." MinnPost, April 25, 2014.
Carney, Eliza Newlin. "Shopping for Security: Credit Card Data Breaches Spotlight Not Only the Issue of Fraud But Also Friction between Banking, Retail Groups." CQ Weekly, March 23, 2014.
Ehling, Matt. "Lawmakers Must Act to Curtail Mass Surveillance." Minnpost, January 7, 2014.
Newman, Nathan. "The Costs of Lost Privacy: Consumer Harm and Rising Economic Inequality in the Age of Google." William Mitchell Law Review, Vol. 40, Issue 2, 2014.
Price, Tom. "Big Data and Privacy." CQ Researcher, Vol. 23, No. 38, October 25, 2013, entire issue.
Goodrum, Angela. "SNOPA and the PPA: Do You Know What it Means For You? If SNOPA (Social Networking Online Protection Act) or PPA (Password Protection Act) Do Not Pass, the Snooping Could Cause You Trouble." Hamline Journal of Public Law & Policy, Fall 2013, p. 131-155.
"Warrentless GPS Tracking: Applying the Fourth Amendment to New Technology." Supreme Court Debates, January 2012, entire issue.
Roberds, William and Schreft, Stacey L. "Data Security, Privacy, and Identity Theft: The Economics Behind the Policy Debates". Federal Reserve Bank of Chicago - Economic Perspectives, First Quarter 2009, p. 22-30.
Colburn, Joshua L. ""Don't Read This If It's Not for You": The Legal Inadequacies of Modern Approaches to Email Privacy." Minnesota Law Review, Vol. 91, No. 1, November 2006, p. 241-264.
Significant Internet Resources
Data Privacy topic area - Minnesota House Research Department.
Electronic Frontier Foundation - A member supported organization protecting rights and promoting freedom in cyberspace.
Existing Federal Privacy Laws (2008) - An index of existing federal privacy laws compiled by the Center for Democracy and Technology, a not-for-profit public-interest group, working to promote new forms of Net-centered governance for privacy that will serve as models for governance on the Internet.
Federal Trade Commission (FTC), Bureau of Consumer Protection - Legal and compliance resources related to Privacy and Security. See also their Privacy & Identity page.
Information Policy Analysis Division - This division of the Minnesota Department of Administration provides technical assistance and consultation to individuals, government entities, businesses, and associations on Minnesota's data practices act (Minnesota Statutes, chapter 13), the Open Meeting Law (Minnesota Statutes, chapter 13D), and other information policy laws.
Minnesota Attorney General's Office - The office "fights for stronger privacy protection on three main fronts- law enforcement, legislative advocacy, and public education." See their topic area for Identity Theft & Computers.
Privacy and Security - A National Conference of State Legislatures website with links to state laws, task forces, and policies. To learn more about state UAS laws, bills and resolutions, please see Current Unmanned Aircraft State Law Landscape.
National Security Agency (NSA)/Central Security Service (CSS) - Information and background on these two federal privacy-related agencies.
Privacy Journal - The online companion to the monthly newsletter by the same name published by Robert Ellis Smith.
Privacy Rights Clearinghouse - A nonprofit consumer information and advocacy group that offers consumers in-depth information on a variety of privacy issues, including useful fact sheets.
Epic.org - A site for news, information and action from Electronic Privacy Information Center, a public interest research center in Washington, D.C.
U.S. Department Health and Human Services - Office for Civil Rights - HIPAA - Health Insurance Portability and Accountability Act and medical privacy.
Additional Library Resources
For historical information, check the following codes in the Newspaper Clipping File and the Vertical File: P150 (Privacy), R40 (Records & Record Management), M7 (Mailing Lists)
For additional reports at the Legislative Reference Library, use these Library catalog searches:
Data Protection; Identity Theft; Electronic Privacy.
Federal Legislation Highlights
1966 - The Freedom of Information Act (5 U.S.C. § 552) - Gives any person the right to request access to federal agency records or information.
1970 - Fair Credit Reporting Act (15 U.S.C. §§ 1681 et seq.) - Governs certain kinds of financial and other personal information included within the definition of a "consumer report."
1974 - The Privacy Act (5 U.S.C. § 552a) - Establishes certain controls over what personal information is collected by the federal government and how it is used. The act guarantees three primary rights: (1) the right to see records about oneself, subject to the Privacy Act's exemptions; (2) the right to amend that record if it is inaccurate, irrelevant, untimely, or incomplete; and (3) the right to sue the government for violations of the statute, including permitting others to see your records, unless specifically permitted by the act.
1976 - Government in the Sunshine Act (5 U.S.C. § 552b) - Presumptively opens the policymaking deliberations of collegially headed Federal agencies - such as boards, commission, or councils - to public scrutiny. Pursuant to the statute, agencies are required to publish advance notice of impending meetings and make those meetings publicly accessible.
1978 - Foreign Intelligence Surveillance Act (50 U.S.C. Chapter 36) - Designed to regulate foreign intelligence gathering. FISA was initially limited to electronic eavesdropping and wiretapping. In 1994 it was amended to permit covert physical entries in connection with "security" investigations, and in1998, it was amended to permit pen/trap orders. FISA can also be used to obtain some business records.
1986 - Electronic Communications Privacy Act (18 U.S.C. § 2511, aka Wiretap Act) - Extends the coverage of Title III to new forms of voice, data and video communications including cellular phones, electronic mail, computer transmissions, and voice and display pagers.
1994 - Drivers Privacy Protection Act (18 U.S.C. § 2721) - Creates a baseline standard of privacy protection for state DMV records.
1996 - Health Insurance Portability and Accountability Act (Public Law 104-191) - Creates new restrictions on electronic health care data.
1998 - Identity Theft and Assumption Deterrence Act (18 U.S.C. Chapter 47) - Prohibits knowingly transferring or using, without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, any unlawful activity that constitutes a violation of Federal law, or that constitutes a felony under any applicable State or local law.
1998 - Children's Online Privacy Protection Act (15 U.S.C. § 6501) - Commercial websites designed for children must now obtain "verifiable parental consent" before collecting, using, or disclosing personal information from all children under 13.
1999 - Gramm, Leach, Bliley Financial Services Modernization Act (15 U.S.C. Chapter 94) - Requires all financial services firms to provide annual notices about their data-use policies to all their customers, and also to provide mechanisms for customers to "opt out" — to decide that they no longer want information about them to be used in certain ways.
2002 - USA Patriot Act (Public Law No: 107-56) - Updated surveillance laws to reflect the digital world and expands surveillance powers of law enforcement and intelligence gathering agencies. Many provisions in the act were set to expire in 2005. The USA Patriot Act was reauthorized by the USA PATRIOT and Terrorism Prevention Reauthorization Act of 2005 (Public Law No: 109-177) and USA PATRIOT Act Additional Reauthorizing Amendments Act of 2006 (Public Law No: 109-178).