I. Procedural Business.

Call to Order. The meeting was called to order by Temporary Cochairperson Lundby on January 2, 2001, at 11:10 a.m. in Room 116 at the State Capitol.

Recess. On January 2, the Committee recessed for the day at 3:50 p.m. The Committee had luncheon recess on both days.

Reconvene. On January 3, the meeting convened at 9:15 a.m.

Opening Remarks. Temporary Cochairperson Lundby presented a brief summary of the Committee's charge. Temporary Cochairperson Johnson commented that we need to balance an individual's right to privacy with the need for a free and open society. Senator Hammond stated that profiling a person's spending habits and then marketing directly to that person is an issue that needs to be looked at by the Committee. Senator King stated that we need to have a balance in how we approach privacy, but we also need to prevent fraud, especially voting fraud, through some reliable way in identifying individuals. Representative May stated that identity theft is becoming a larger problem in Iowa. Representative Boal stated that the Committee's work is timely, especially with the advent of the Internet. Representative Taylor stated we need balanced legislation in the privacy area.

Election of Cochairpersons. Senator Lundby stated that the Committee needs to elect permanent cochairpersons, Senator Hammond nominated Temporary Cochairpersons Hammond and Johnson, and the members of the Committee elected Senator Lundby and Representative Johnson to serve as permanent cochairpersons.

II. On-line Privacy and Security.

Doug Jacobson-On-line Privacy. Mr. Doug Jacobson, Director of Information Assurance Center at Iowa State University, stated that just because technology allows information to be gathered does not mean that society should have access to information. He also stated that technology is moving faster than rules and regulations on the subject. He stated that personal privacy issues involve the following: Internet tracking, traffic data and monitoring, e-mail "spamming," data mining, identity theft, social engineering, and anonymous use of the Internet. He commented that Internet tracking involves the use of default information, cookies, clear GIFS, activeX or java, cache files, and free software. He stated that each time you enter an Internet web site, the site can record your machine address, machine name, OS (operating system) type, browser type, what site you came from, and what time of day you entered the site.

He defined "cookies" as a file on your computer that contains information placed there by a web site. He defined "clear GIFS" to mean a graphic image on a web site that contains computer code that records information about you. He defined "cache files" as a file that contains pictures of a site you visited, which then are used to reduce the download time the next time you visit the site. He defined "free software" as tracking browsers, tracking plug-ins, and advertising-based services which track your moves on the web. He stated that workplace privacy controversy often involves company data versus personal data, traffic monitoring, illegal activities, and/or company property protection. He stated that corporations owe it to their customers to draft and implement a privacy policy and to ensure that any data collected is secure. He noted that privacy policies are not required, are not consistent, and are hard to find and read. He emphasized that consumers need to be educated about privacy policies; it is the best way to curb invasion of privacy. He stated that persons tell a computer things that they would never tell a person.

Security. He stated that best protection from private information released on the Internet from being disclosed is encryption, data storage, and public keys. He noted that cryptography can solve the problem of authentication of data and authentication of users, but stated that key distribution and poor key selection are problems with cryptography. He stated that public keys can encrypt, and any other key will decrypt, but stated that time to compute, key revocation, and public key authentication are drawbacks to using a public key. Digital signatures are the best way to ensure security of data. He further stated that digital signatures use a public and private key pair to authenticate a signature. He noted that a hash of data can be produced; then encryption of the signature using the private key of the signer is used to secure the data, but the digital signature needs to be archived. He stated that smart cards are another way to ensure security over the web.

III. IOWAccess and Privacy Concerns.

Tom Shepard. Mr. Tom Shepard, Director of the Office of Innovation in the Iowa Information Technology Department, stated that Iowa was the first state portal to post its privacy policy on the web. He stated the state's privacy policy on the web generally states that a user is entitled to as much personal information over the web as a person who walks into a state government office and legally receives information. He stated that IOWAccess does track Internet addresses that hit on the site, but that the information is only used for statistical purposes. He noted that links to private-sector web sites are not governed by IOWAccess's privacy policy. Cochairperson Johnson asked about the negative aspects to using a private key security system. Mr. Shepard stated that an employee could misuse the private key much like a signature stamp could be misused. Cochairperson Johnson asked where Iowa is in comparison to security with other states. Mr. Shepard responded that the state of Iowa is ahead of the federal government, but noted that security is a house that will never be finished; we must continually update security measures.

IV. Overview of Privacy Issues for Workers.

Clara Oleson. Ms. Clara Oleson, program consultant at the University of Iowa, Labor Center, Division of Continuing Legal Education, discussed factors in evaluating Iowa workers' privacy. She noted that the law makes distinctions between public and private employees. Constitutional safeguards have a greater effect on a public employee's privacy. She stated that Iowa's drug testing law generally applies to private employees but not public employees. She noted that most private employees are employees "at will," which permits an employer to fire an employee without reason. She stated an employee's earnings affect how much privacy the employee has in the workplace. She also stated that an employee's technological capabilities affect privacy at work. She stated that employers need to balance between an employee's right to privacy and an employer's right to know. However, she stated that employees have no right to reasonable treatment by their employer. She listed the following privacy issues that confront employees today: background checks, arrest records searches, psychological tests, drug tests, workers' compensation surveillance, medical exams, security guard checks, vehicle searches, video surveillance, audio surveillance, telephone call monitoring, e-mail monitoring, voice mail monitoring, compiling databases on each employee, computer monitoring, off-duty restrictions, bodily function restrictions at work, and whether one can receive calls at work.

V. Driver's Privacy Protection Act and Access to Driver's License Information.

Shirley Andre. Ms. Shirley Andre of the Iowa Department of Transportation presented an overview of the department's privacy issues. She stated that the most highly restricted information at the department is a person's driver's license photograph, medical, and disability records. She stated the police have access to the photographs but that a private investigator does not have access to a driver's license photograph or social security number. She stated that a private investigator from a law firm can have access to obtain a social security number. She stated that a person's driving record is purged every five years except for OWI, which is kept indefinitely. She stated that insurance companies have access to driving records, if the company signs a privacy agreement with the department. Senator King asked how the department tracks a person requesting a commercial driver's license (CDL) from a state that does not use a social security number as an identifier for a driver. She stated that a person is issued a pseudo-social security number that is entered into a database to which the department has access, which enables the department to track a person's driving record.

VI. Educational Records Panel Discussion.

Dr. Leland Tack, Administrator of the Division of Financial Information at the Iowa Department of Education, and Ms. Chris Scase, Assistant Attorney General, led a discussion on educational privacy issues.

Dr. Tack stated that 151 school districts are sending district information to the Department of Education by e-mail. He stated the department built in safeguards to ensure that student confidential information is encrypted when sent to the department; then the department decrypts the information. He stated that the department has set a goal that all school districts e-mail required information to the district by the summer of 2002.

Cochairperson Lundby asked whether a student's name and address are public records and whether they can be sold to the public. Ms. Scase stated that, historically, all personal student information is confidential, but directory information under federal law must be public unless a parent opts out of the directory. She stated that names and addresses of students have been interpreted to be directory information. Cochairperson Lundby stated that the Cedar Rapids School District allows a parent to opt out of having information disclosed but that the parent must completely opt out.

Cochairperson Johnson asked whether the disclosure regarding directory information is in a separate mailing to parents. Ms. Scase said the disclosure is in the initial mailing at the first of the year and she is unaware of any separate mailing. Cochairperson Lundby stated that a list of elementary school children with home addresses should not be available to the public. Dr. Tack stated that there is no current law that allows the department to selectively identify appropriate or inappropriate requests for information.

VII. Public Records Panel.

A panel consisting of Ms. Mary Maloney, Polk County Treasurer, Mr. Jim Maloney, Polk County Assessor, Mr. William Angrick, Citizens' Aide/Ombudsman, Mr. Rob Berntsen, Office of the Iowa Secretary of State, and Ms. Julie Pottorff, Office of the Attorney General, led a discussion regarding public governmental records.

Ombudsman. Mr. Angrick stated he had 100 complaints in 2000 that records were not open enough under Code chapter 22. He further stated that the Ombudsman had 12 complaints in 2000 concerning privacy. He noted that in the 12 privacy complaints, the complaining person felt the government had broken the social contract that exists between government and citizens. He further commented that deer license requests contain a space to place an applicant's social security number, and that the social security number is required because a person who owes child support cannot obtain a license under current Iowa law, and that is how the individual is tracked.

Polk County Assessor. Mr. Maloney stated that the Polk County Assessor's web page had 14,500,000 hits last year. He emphasized that the web site has greatly reduced staff time spent fielding calls from the public. He stated that before the web site, the staff would average about 600 calls a day, but since implementation of the site, the staff has averaged about 300 calls a day. He stated that a property owner may block out his or her name from the web site under a name search, but that the information could still be obtained over the phone. He also stated that he has received complaints from people about the instant access people have to detailed information about an address, which could lead to problems if a person is being stalked, for example. He emphasized that a person could get any information about any property any person owned before the web site was implemented, and if a stalker does use the web site, then that person is leaving a piece of evidence on the Internet about visiting the site.

Polk County Treasurer. Ms. Maloney stated that the Polk County Treasurer's Office Internet site has the same name-block provisions as the Polk County Assessor. She noted she has had to devote staff to comply with the new federal regulations regarding motor vehicle records and privacy. Cochairperson Lundby asked why names need to be included when you do a search. Mr. Maloney responded that the use of a person's name is useful for the real estate agents, appraisers, DOT, and other governmental agencies. Ms. Pottorff stated that Iowa Code chapter 22 states that the public has the right to view all government records. However, she stated there are 41 exceptions to the general rule under the current Code. She stated that the Attorney General recently held training seminars to increase compliance with the public records law. She stated that the Attorney General's Office recently held training on the ICN which was well attended. She noted that the Attorney General has issued 10 opinions in the last five years on Code chapter 22, the public records law. Cochairperson Johnson asked where a citizen could go if the local county attorney refused to enforce the open records law. Ms. Pottorff responded that the Attorney General's Office could enforce the law.

Secretary of State. Mr. Berntsen stated that the Secretary of State's web site receives about 20,000 searches per month about the Uniform Commercial Code and about 15,000 searches per month on other items on its web site. He noted that a notary public's business and home address are available over the Internet, but that a notary public may have his or her home address blocked on the Internet. However, he stated the home address would be available over the phone. He stated a notary public is required to give a home address because they frequently move and are difficult to track. Senator King asked whether it was possible to lie about your address and social security number and vote in every county; Mr. Bernsten stated yes, but it would be burdensome and difficult to accomplish. Senator Hammond asked why social security numbers are included on lists of registered voters; Mr. Bernsten responded by saying that the Secretary of State's Office is addressing the issue.

VIII. Financial Records Panel.

Insurance Division. Ms. Susan Voss, Deputy Director of the Iowa Department of Commerce, Insurance Division, stated that the Gramm-Leach-Bliley Act (GLB) applies to insurance companies and that the Insurance Division is in the process of determining what rules to adopt as a result of GLB. Mr. Paul Von Ebers, a member of the Governor's Task Force on Privacy Issues, stated that GLB does not allow a state to enact more strict legislation than GLB. He stated that the task force is taking a close look at GLB, and that the task force would like more public comment on the issue and that it is attempting to determine what areas are not covered by GLB.

Attorney General's Office. Mr. Bill Brauch, Director of the Consumer Division for the Attorney General, believes that GLB sets a floor rather than a ceiling, and that states could enact future legislation that is stricter than GLB. He stated that the Legislature should review possible legislation in the following areas: requiring opt-in provisions; having more staff work as privacy advocates; allowing consumers to have private remedies; allowing consumers meaningful access to consumer information compiled in their name; allowing writers of checks to not display credit card numbers if asked by a clerk; and enacting more legislation that deals with businesses that have free trial offers, but then make it too difficult to cancel the offer. He emphasized that the preceding list is not necessarily the view of Attorney General Tom Miller, but is just some ideas to consider.

Senator King asked what is driving this increased attention to privacy issues. Mr. Brauch responded that people have charges on their credit cards that they did not authorize, annoying phone calls, and spam (mass) e-mails. He stated that people are also overwhelmed with all the information. Representative Boal asked about thefts occurring from mailboxes. Mr. Brauch stated that this is a typical method used to steal a person's identification. Cochairperson Johnson asked whether there are any constitutional impediments to requiring an opt-in rather than an opt-out provision. Mr. Brauch stated that there are none.

ICLU. Mr. Randall Wilson, Legal Director for the Iowa Civil Liberties Union, stated that the state should focus in four areas. First, social security numbers should remain private. Second, personal consumer information should remain private, or should not be sold without consent. Third, retailers should be prohibited from requesting a credit card number on a check. Fourth, consumers should be allowed a private right of action in the consumer fraud area.

Iowa Bankers Association. Ms. Sharon Presnell of the Iowa Bankers Association stated that banks are trusted guardians of customer information. She stated that GLB requires that banks annually disclose to customers the bank's privacy policy. She also stated that consumers have a right to prevent disclosure of information. She stated that if opt-in standards would be imposed, the standards would be burdensome, and would restrict the flow of information, which may prevent banks from testing new and innovative products.

Credit Bureaus. Mr. Eric Ellman, representative of the Associated Credit Bureaus, stated that social security numbers are important to authenticate an individual's identity. He stated that there are plenty of laws governing privacy, and that consumers can prevent those annoying calls at dinnertime. He stated that if an identity theft occurs, it then becomes a shared responsibility of the credit bureau with reporters and consumers. He stated that credit bureaus have implemented new standards when an identity theft occurs. He noted that if fraud is suspected, the person's file is identified as such so that anyone purchasing the file will be on notice that a fraud complaint has been filed. He also noted that credit bureaus conduct account monitoring for suspicious activity.

IX. Medical Privacy.

University of Iowa. Dr. James Torner, Director of the Department of Epidemiology at the University of Iowa, stated that legislation concerning privacy should protect the individual from abuse of purposes unintended or undisclosed. He also stated that public health officials need access to health records in order to monitor and evaluate trends and causes of disease. He emphasized that analysis and presentation of public health information should be done so that no individual can be identified, and that the distribution of private information should be for legitimate purposes. He noted that research investigation of medical information should be done with the approval of an institutional review board.

Mr. Chuck Lynch, Director of the State Health Registry, stated that databases of disease-related statistics help the medical community and policymakers determine trends and provide explanations of diseases. He noted that the state has a data security policy and can be updated with legislation.

Genetic Information. Ms. Sandy Daack-Hirsch, genetic counselor, University of Iowa Genetic Research, stated that genetic data is obtained only if the patient consents. She stated that once the genetic material is obtained, the patient's name is separated out from the genetic material. She emphasized that any genetic information will not be released to any insurance company; the material is only used for research purposes. She stated that the patient does not have access to the information unless the patient goes through the institutional review board. Cochairperson Johnson asked if she would need to disclose genetic material, if requested by subpoena. She stated that she would need to make disclosure of the genetic material if the subpoena was not quashed by the court. Senator King asked how much a DNA test costs. She responded that the costs are $1,000 to $2,000 to sequence the gene she is studying.

HIPAA. Ms. Voss stated that new federal regulations under the federal Health Insurance and Portability Accountability Act (HIPAA) are very comprehensive, and that the state is reviewing its effect on Iowa. She stated that HIPAA only regulates 25 percent of health insurance provided in Iowa. She noted that the state regulates 800 health care-related companies.

Ms. Janine Freeman, Vice President of Public Policy and Advocacy, Iowa Medical Society, stated that under the principles of medical ethics, a patient's medical records are kept confidential under the strictest standards. She stated that the exception to the standard is if a patient signs a release. She stated the American Medical Association did not stand in the way of HIPAA being implemented. She also stated that under HIPAA, if a doctor e-mails a medical record to another person, the paper copy of the e-mail is still subject to HIPAA and its privacy rules. Senator King commented that if we tighten the rules regarding the release of medical records too much, we may end up doing more harm than good. Senator Hammond asked about how criminal law affects a doctor's decision to release medical records. She responded that doctors are mandatory reporters, and will only release information that is subject to the alleged abuse.

Pharmacy Records. Mr. Tom Temple of the Iowa Pharmacy Association stated that pharmacists have a fundamental responsibility to protect privacy. He stated that some pharmacy benefit management companies are not regulated, which may create a potential loophole about keeping a patient's pharmacy records private. Cochairperson Lundby asked whether a centralized database exists on a person's pharmacy records. Mr. Temple responded that a person's pharmacy records are segmented.

X. Recommendation.

Cochairperson Lundby stated that the purpose of the Committee this year was to gather information and to become educated on privacy issues. She stated that the Committee would not propose any legislation this year. She further stated that she would like the Legislative Service Bureau to draft a letter proposing that the Committee meet again after the 2001 Legislative Session has been completed.

XI. Items Filed With the Legislative Service Bureau.

Introductory material on privacy.
On-line privacy issues.
Outline of Mr. Doug Jacobson's presentation.
State government website policy issues.
Workplace privacy issues.
Workplace testing.
Driver's license information issues.
Driver records.
Vehicle records.
Health privacy and public health research.
Statement by the Iowa Bankers Association by Ms. Sharon Presnell.
Educational records issues.
A guide for victims of identity theft.
Iowa Pharmacy Association - patient confidentiality.
Medical Privacy - by the Iowa Medical Society.
State Health Registry of Iowa.
State Health Registry of Iowa - Cancer in Iowa.
On-line access to government records.
Voter views on privacy and the sharing of financial information.
Existing privacy laws already regulate information sharing.
Medical records issues.
Telecommunications issues.
Board of Regents - handout on privacy.
Cedar Rapids Gazette article - "War on Drugs."
Public record issues.
Memorandum on privacy by Mr. Frank Stork.
Financial records issues.
Social security government and commercial use of the social security number.
Public record - Information privacy and access.
Iowa Retail Federation - handout.

Please remember that the person listed above does not vote on bills. Direct all comments concerning legislation to State Legislators.