http://groups.csail.mit.edu/mac/classes/6.805/articles/priva...
That's been considered the foundation of privacy laws in the US. Europe generally has stricter laws -- for instance in Norway, until recently, it was technically illegal to keep an electronic[1] list of names and phone numbers of parents in a school class, or an electronic membership list for a club (esp: minor members).
That's now changed, and the requirement for being granted a "data license" are less stringent -- most electronic record keeping is legal -- everyone being granted a pre-emptive licence of sorts. However, that license is subject to things like a) being responsive in giving out/responding to requests to correct data, to show what data you have on an individual to that individual, and b) making a reasonable effort to keep the data safe.
Breach of those can lead to fines, and the revocation of the implicit license -- meaning you're not allowed to keep such electronic records any more.
Understandably Germany have a stronger emphasis on privacy, being a) a fascist dictatorship under Hitler recently, and b) half of Germany being under the Stasi also recently.
Why people in the US aren't more afraid of personal data ending up in privately held data banks where they are subject to National Security Letters, hackers, anti-union organizations working with big business, anti-native American rights activists and whatever else -- I don't know.
Maybe most people think that the next group to be frozen out of the job market won't be communist but Muslims -- and, hey, I don't know any Muslims -- so why should I be worried?
[1] Note the electronic bit. This is due to how trivial it is to link digital data, and how trivial it is to copy/get hold of a copy without the original missing etc.
