This provocative question was posed by Robert Gellman in a 1997 essay that explores the federal Privacy Act of 1974. Gellman concluded that the Privacy Act largely failed to control the expansion of government personal information databases and matching of citizen data among agencies, but compared the act’s failures to the wiretapping law, which he found to be successful.
The Privacy Act’s failures are found in its vagueness, the social utility of computer matching, the intangible harms caused by government databases, and – crucially – its lack of a vigorous regulator. On the other hand, the wiretapping law regulates a much more specific and clearly harmful activity, it was backed by Fourth Amendment constitutional guarantees, wiretapping takes place among a relatively small group of law enforcement, and, finally, it is overseen by federal judges and can be enforced by private plaintiffs.
Gellman’s analysis militates strongly in favor of more narrow, technology- or industry-specific regulation, and in favor of stronger oversight of rules.
Robert Gellman, Does Privacy Law Work?, in TECHNOLOGY AND PRIVACY: THE NEW LANDSCAPE (Philip E. Agre & Marc Rotenberg, eds., 1997)
See Robert Gellman, A Better Way to Approach Privacy Policy in the United States: Establish a Non- Regulatory Privacy Protection Board, 54 HASTINGS L. J. 1183 (2003)