1970

Fair Credit Reporting Act

Alan Westin (1929–2013)

In March 1970, a professor from Columbia University testified before the US Congress about shadowy American businesses that were maintaining secret databases on American citizens. These files, said Alan Westin, “may include ‘facts, statistics, inaccuracies and rumors’ . . . about virtually every phase of a person’s life: his marital troubles, jobs, school history, childhood, sex life, and political activities.”

The files were used by American banks, department stores, and other firms to determine who should be given credit to buy a house, a car, or even a furniture set. The databanks, Westin explained, were also used by companies evaluating job applicants and underwriting insurance. And they couldn’t be outlawed: without credit and the ability to pay for major purchases with installments, many people couldn’t otherwise afford such things.

Westin was well known to the US Congress: he had testified on multiple occasions before congressional committees investigating the credit-reporting industry, and he had published a book, Privacy and Freedom (1967), in which he argued that freedom in the information age required that individuals have control over how their data are used by governments and businesses. Westin defined privacy as “the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.” And he coined the phrase data shadow to describe the trail of information that people leave behind in the modern world.

On October 26, 1970, Congress enacted the Fair Credit Reporting Act (FCRA), which gave Americans, for the first time, the right to see the consumer files that businesses used to decide who should get credit and insurance. The FCRA also gave consumers the right to force the credit bureaus to investigate a claim that the consumer felt was inaccurate, and the ability to insert a statement in the file, telling his or her side of the story.

The FCRA was one of the first laws in the world regulating what private businesses could do with data that they collect—the beginning of what is now called data protection, an idea that eventually spread worldwide.

Today there are privacy commissioners in almost every developed country. The passage of the European Union’s General Data Protection Regulation (GDPR) marked the most far-reaching privacy law on the planet.

SEE ALSO Relational Database (1970)

Columbia professor Alan Westin was concerned about American businesses keeping secret databases on American citizens.