EPIC logo

Before the
United States Postal Service
Washington, D.C. 20260

In the Matter of Privacy Act of 1974; Postal Service Distribution Quality Improvement

August 13, 2004

The United States Postal Service has announced its intention to engage in a "Distribution Quality Improvement" (DQI) program where the government will use a commercially available name and address database to improve mail processing.[1] This backup system will be employed where addresses are inaccurate, incomplete, or illegible. Information available on the mailpiece will be matched against a commercially available database of names and addresses, and where a match if found, the USPS will spray an accurate delivery barcode onto the mailpiece. The USPS has articulated clear security and privacy standards for employment of DQI data once the information reaches the agency.

We applaud the USPS for carefully designing the DQI system with privacy in mind. Specifically, we support the USPS' use of the minimum necessary amount of information to perform address correction functions. We also think it important that USPS maintain its proposed policy of not providing information on names or addresses back to the commercial database vendor.

Our primary concern involves the increasing government reliance on commercial data brokers (CDBs). Commercial data brokers allow some government entities to perform an end-run around important privacy legislation, such as the Privacy Act of 1974.[2] Essentially, CDBs allow government to do what it cannot do legally­build dossiers on every American without a legitimate agency purpose.

We think it important that the USPS require that any contractor hired to perform DQI voluntarily comply with a series of Fair Information Practices (FIPs) in all of their business functions. USPS has a unique opportunity here to promote best practices in the CDB field by choosing a vendor that promises to protect privacy.

We wish also to express here that while the USPS has clearly invested exhaustive analysis on distribution improvement, many Americans want a reduction in distribution. That is, they receive an inordinate and growing amount of unwanted commercial solicitations in the mail. Standard techniques to avoid these solicitations (such as limiting disclosure of home address information, using a private mailbox, prohibitory orders, etc.) have become increasingly ineffective, in part because of the sale of address information by CDBs and other businesses. Even where CDBs claim to offer the ability to opt-out of address sale and the exploitation of other personal information, barriers have been erected to consumers' choice.[3] In other communications systems, federal agencies have stepped in to supplement consumer choice where the market has failed to produce privacy. For instance, the Federal Trade and Federal Communications Commissions recently created the wildly popular and successful Telemarketing Do-Not-Call Registry. Just last week, the Federal Communications Commission prohibited wireless spam, and declared that unsolicited messages sent by the Short Message Service violate federal consumer protection laws.

Because existing methods of shielding the mailbox from unwanted commercial solicitations are ineffective and self-regulatory efforts have failed, we call upon the USPS to research and implement systems that would give individuals more control over the mailbox. One possibility is a Do-Not-Mail list, a system where individuals could set preferences to block saturation mailings and/or individually-addressed commercial solicitations.

Promoting Best Practices

The USPS has an excellent opportunity to raise accountability of CDBs by requiring successful bidders for the DQI system to comply with a series of best privacy practices. The USPS should require that the commercial vendor adhere to the following Fair Information Practices (FIPs):

Other Recommendations

Recipients of mail have no way of knowing that the DQI system was employed on any given mailpiece. DQI corrects addresses by spraying an accurate barcode onto the mailpiece. The majority of mail recipients, upon seeing a DQI-generated barcode, will not realize that a commercial database was consulted to obtain accurate contact information.

In order to improve notice, encourage accuracy, and reduce reliance on commercial databases, we recommend that the USPS investigate whether a notice that the address was inaccurate, incomplete, or illegible could be sprayed on the mailpiece along with the barcode. A simple message, such as, "Inaccurate/Incomplete/Illegible Address Rectified Using DQI; Notify Sender of Correct Address," could alert recipients to errors and encourage them to contact the sender.

Respectfully submitted,

Chris Jay Hoofnagle
Associate Director
Electronic Privacy Information Center

Jordana Beebe
Communications Director
Privacy Rights Clearinghouse

[1] Privacy Act of 1974, System of Records, 69 Fed. Reg. 42221 (Jul. 14, 2004), to be codified at USPS 500.100.
[2] See Chris Jay Hoofnagle, Big Brother's Little Helpers: How ChoicePoint and Other Commercial Data Brokers Collect and Package Your Data for Law Enforcement, 29 N.C.J. Int'l L. & Com. Reg. 595 (Summer 2004).
[3] See, e.g. Ryan Singel, Acxiom Opts Out of Opt-Out, Nov. 17, 2003, available at http://www.wired.com/news/print/0,1294,61240,00.html (explaining that Acxiom, a major CDB, will not honor bulk opt-out requests from Private Citizen, Inc., a company that for a small fee will opt out individuals from many different list brokers and other sources of commercial mailings).

EPIC Privacy Page | EPIC Home Page

Last Updated: August 13, 2004
Page URL: http://www.epic.org/privacy/postal/dqi_comment.html