The Fair Information Principles were developed by a U.S. Government
Study Committee in 1973, chaired by Willis Ware of the Rand
Corporation.  Shortly after the commission released its final report
("Records, Computers and the Rights of Citizens"), Congress passed
comprehensive privacy legislation:  the Privacy Act of 1974.  Much of
the privacy law that followed the Privacy Act (e.g., the Right to
Financial Privacy Act, the Cable Policy Act, the Electronic
Communications Privacy Act, and the Video Privacy Protection Act) are
based on the Fair Information Principles.

Many other countries follow the Fair Information Principles.  Recently
in Paris, European Data Protection commissioners recommended that the
EC 92 charter include mandatory provisions for the enforcement of Fair
Information Principles across all European countries.

These are the Principles:

1. There must be  a way for a person to prevent information about the
person that was obtained for one purpose from being used or made
available for other purposes without the person's consent.

2. There must be no personal data record-keeping systems whose very
existence is secret.

3. There must be a way for a person to find out what information about
the person is in a record and how it is used.

4. There must be a way for a person to correct or amend a record of
identifiable information about the person.

5. Any organization creating, maintaining, using, or disseminating records of
identifiable personal data must assure the reliability of the data for their
intended use and must take precaution to prevent misuses of the data.