Browse Definitions :
Definition

What is the Driver's Privacy Protection Act (DPPA)?

The Driver's Privacy Protection Act (DPPA) is a United States federal law designed to protect the personally identifiable information of licensed drivers from improper use or disclosure. Congress passed the DPPA in 1994 in response to complaints that state agencies were selling drivers' information to direct marketing and auto insurance companies to augment revenue.

The DPPA requires all states to safeguard the privacy of personal information in an individual's motor vehicle record, including the driver's name, address, phone number, Social Security number, driver identification number, photograph, height, weight, gender, age, certain medical or disability information, and, in some states, fingerprints.

The DPPA makes it illegal to obtain drivers' information for unlawful purposes and to make false representations to obtain such information. Under the law, criminal fines can be levied for noncompliance, and individuals have a private right of action, including actual and punitive damages, as well as attorneys' fees.

Since its enactment, the DPPA has been updated to address new privacy concerns and technological advancements in data management.

Permissible uses under the DPPA

Under the DPPA, drivers' personal information can be obtained from motor vehicle departments for certain uses, including the following:

  • Legitimate government agency functions.
  • Matters of auto safety, theft, emissions and product recalls.
  • Insurance purposes.
  • Notices for towed or impounded cars.
  • Use by licensed investigators or security services.
  • Use by private toll transportation facilities.
  • Motor vehicle not-for-profit market research and surveys.

In addition, the law has expanded permissible uses to include compliance with federal and state regulations, and for activities related to vehicle recalls and safety notices.

Drivers' information is also available in response to requests for individuals' records if the state has received permission from the individual. Records of each additional disclosure must be kept, identifying each person or entity that has received the disclosure and for what purpose; the disclosure records must be retained for five years.

The legislation does not protect information about a driver's traffic violations, license status or accidents.

State-specific regulations and enhancements

Many states have laws to supplement the DPPA. Whether the DPPA applies to records of vehicles owned by corporations, proprietorships, partnerships, limited liability partnerships, associations, estates, lienholders or trusts varies by state.

Some states have implemented stricter regulations and additional safeguards to enhance the protection of drivers' personal information, reflecting the evolving landscape of data privacy.

Map of U.S. states that have passed data privacy laws.

Concerns about how personal data is processed and stored are leading to the passage of new privacy regulations that govern how companies handle consumer data. Explore the state of U.S. data privacy protection laws.

This was last updated in July 2024

Continue Reading About What is the Driver's Privacy Protection Act (DPPA)?

Networking
  • What is asynchronous?

    In general, asynchronous -- from Greek asyn- ('not with/together') and chronos ('time') -- describes objects or events not ...

  • What is a URL (Uniform Resource Locator)?

    A URL (Uniform Resource Locator) is a unique identifier used to locate a resource on the internet.

  • What is FTP?

    File Transfer Protocol (FTP) is a network protocol for transmitting files between computers over TCP/IP connections.

Security
CIO
  • What is data storytelling?

    Data storytelling is the process of translating complex data analyses into understandable terms to inform a business decision or ...

  • What is demand shaping?

    Demand shaping is an operational supply chain management (SCM) strategy where a company uses tactics such as price incentives, ...

  • What is data monetization?

    Data monetization is the process of measuring the economic benefit of corporate data.

HRSoftware
Customer Experience
  • What is Salesforce Commerce Cloud?

    Salesforce Commerce Cloud is a cloud-based suite of products that enable e-commerce businesses to set up e-commerce sites, drive ...

  • What is multichannel marketing?

    Multichannel marketing refers to the practice of companies interacting with customers via multiple direct and indirect channels ...

  • What is a contact center?

    A contact center is a central point from which organizations manage all customer interactions across various channels.

Close