About Privacy at the SEC

Privacy Compliance

The Securities and Exchange Commission (SEC) is committed to protecting the privacy of individuals.  We utilize the Fair Information Practice Principles (FIPPs), which are listed below, to evaluate privacy risks and develop mitigation strategies, consistent with requirements of the Privacy Act of 1974, as amended and the E-Government Act of 2002, and other Federal privacy laws, regulations, standards, and guidance.  

Fair Information Practice Principles (FIPPs):

  • Transparency
  • Individual Participation
  • Purpose Specification
  • Minimization
  • Use Limitation
  • Data Quality and Integrity
  • Security
  • Accountability and Auditing

Information related to our privacy compliance activities is available below under Privacy Impact Assessments (PIA) and Systems of Records Notices (SORN).

Contact Information

Individuals who wish to submit a privacy-related question or complaint may contact the following individuals at privacyhelp@sec.gov.

Senior Agency Official for Privacy — Pamela C. Dyson
Sr. Privacy Analyst — Ronnette McDaniel
Attorney Adviser — Darwana Hall

Mail to:

Securities and Exchange Commission
Office of Information Technology
100 F Street, NE
Washington, DC 20549-2654
Attn: Privacy

Privacy Impact Assessments (PIA)

Section 208, Privacy Provisions of the E-Government Act of 2002 requires agencies to conduct privacy impact assessments (PIAs) for electronic information systems and collections, and in general, make the assessment results publicly available. Privacy impact assessments identify and prevent privacy risks.  PIAs ensure that:

  • The public is aware of the information we collect about them
  • Any impact these systems have on personal privacy is adequately addressed
  • Only personal information necessary to administer our programs is collected, and no more
  • Adequate system safeguards are in place to protect the personal privacy of individuals

Current SEC PIAs are available below or by request at pia@sec.gov.

System of Records Notices (SORN)

The Privacy Act of 1974 (5 U.S.C. 552a) requires each Federal agency to publish a notice in the Federal Register of each system of records that it maintains. A system of records is any grouping of information about an individual under the control of a Federal agency from which it retrieves information by the name, social security number, or some other personal identifier. The system of records notice (SORN) describes the personal information that we receive, why we receive it, how we use it, and why and how we may share it.

The SEC has established the following Privacy Act Systems of Records and published notices in the Federal Register.