Introduction to Arkansas Privacy Rights
Arkansas residents face a unique privacy landscape shaped by a combination of federal mandates and state-specific legislation. Unlike California, Virginia, or Colorado, Arkansas has not yet enacted comprehensive consumer data privacy legislation, placing the state among the majority that rely primarily on sector-specific privacy protections and the federal framework. However, this doesn't mean Arkansas residents lack privacy protections—the state has implemented targeted statutes addressing data breaches, financial privacy, and public records access that provide meaningful safeguards.
The Arkansas Freedom of Information Act (FOIA) serves as the cornerstone of public records transparency while simultaneously establishing important privacy exemptions. Arkansas has also enacted specific data breach notification requirements under Arkansas Code § 4-110-101 et seq., which mandates timely notification when personal information is compromised. The state's approach to privacy reflects a balance between government transparency and individual privacy rights, though it leaves significant gaps in areas like comprehensive consumer data protection and biometric information regulation.
Compared to states with comprehensive privacy laws, Arkansas offers fewer proactive consumer rights regarding data collection and use. Residents cannot typically demand that businesses delete their data or opt out of data sales unless covered by specific federal laws like the Health Insurance Portability and Accountability Act (HIPAA) or the Fair Credit Reporting Act (FCRA). However, Arkansas does provide strong protections in certain areas, particularly regarding Social Security number protection under Arkansas Code § 4-110-104 and financial institution privacy requirements. Understanding these specific protections—and their limitations—is essential for Arkansas residents seeking to protect their personal information in an increasingly digital world.
Arkansas's State Privacy Laws
Arkansas has enacted several targeted privacy statutes that address specific concerns rather than providing comprehensive data privacy protections. The most significant of these laws focus on data security, breach notification, and the protection of particularly sensitive information.
Personal Information Protection Act
Arkansas Code § 4-110-101 through § 4-110-108 establishes the state's Personal Information Protection Act, which primarily addresses data breach notification requirements and the disposal of personal information. Under § 4-110-103, any person or business that conducts business in Arkansas and owns or licenses computerized data containing personal information must implement and maintain reasonable security procedures to protect that information from unauthorized access, destruction, use, modification, or disclosure.
The statute defines "personal information" as an individual's first name or first initial and last name in combination with any of the following: Social Security number, driver's license number, state identification card number, or financial account numbers with security codes or passwords. This definition is narrower than some states' definitions, which may include biometric data, health information, or online credentials.
Social Security Number Protection Act
Arkansas Code § 4-110-104 specifically protects Social Security numbers from public display and misuse. This statute prohibits businesses and government entities from: (1) intentionally communicating or making available an individual's Social Security number to the general public; (2) printing Social Security numbers on cards required for access to products or services; (3) requiring transmission of Social Security numbers over the internet unless the connection is secure or the number is encrypted; (4) requiring use of Social Security numbers to access an internet website unless a password or unique personal identification number is also required; and (5) printing Social Security numbers on materials mailed to individuals unless required by law.
This protection applies broadly to both government agencies and private businesses, though exemptions exist for certain legitimate business purposes, including collection activities, internal verification, and administrative purposes.
Financial Privacy Protections
Arkansas follows the federal Gramm-Leach-Bliley Act (GLBA) requirements for financial institutions, but the Arkansas State Banking Department and the Arkansas Insurance Department enforce additional state-level requirements. Financial institutions operating in Arkansas must provide annual privacy notices explaining information sharing practices and must honor consumer opt-out requests regarding certain types of information sharing with non-affiliated third parties.
Employee Privacy Rights
Arkansas law provides limited specific protections for employee privacy. Arkansas Code § 11-3-124 prohibits employers from requiring employees or applicants to provide access to personal social media accounts as a condition of employment. Employers cannot request usernames, passwords, or other authentication information for accessing personal accounts, nor can they require employees to add supervisors or company representatives to their contacts lists on social media platforms.
However, Arkansas is an employment-at-will state with relatively few restrictions on workplace monitoring. Employers may generally monitor company-owned devices, email systems, and workplace activities without extensive notice requirements, though federal laws like the Electronic Communications Privacy Act still apply. Arkansas does not have specific statutes regulating workplace video surveillance, drug testing policies, or monitoring of employee communications beyond federal baseline protections.
Insurance Information Privacy
The Arkansas Insurance Department enforces Regulation 62, which implements the federal GLBA privacy requirements for insurance companies. This regulation requires insurers to provide clear privacy notices, establish opt-out procedures for certain information sharing, and maintain safeguards to protect consumer information. Arkansas insurance companies must provide initial privacy notices when establishing customer relationships and annual notices thereafter.
Freedom of Information / Open Records in Arkansas
The Arkansas Freedom of Information Act (FOIA), codified at Arkansas Code Annotated § 25-19-101 et seq., establishes the legal framework for public access to government records while protecting certain private information from disclosure. The Act reflects the principle that government transparency is essential to democracy, stating explicitly that "the public policy of the State of Arkansas is in favor of granting and maintaining the right of the people to inspect and copy public records."
What the Arkansas FOIA Covers
Under Arkansas Code § 25-19-103, public records include all writings, recorded sounds, films, tapes, electronic data, or other documentary materials regardless of physical form or characteristics, prepared, owned, used, possessed, or retained by a government entity. This broad definition encompasses emails, text messages, databases, reports, contracts, and virtually any recorded information created or maintained by state agencies, county governments, municipalities, school districts, and other public entities.
Response Time Requirements
Arkansas law requires custodians of public records to respond to FOIA requests within three working days of receipt. Under Arkansas Code § 25-19-105(c)(1), if records are immediately available, the custodian must provide them promptly. If records require more than three working days to produce, the custodian must provide a written explanation specifying the reason for the delay and the date when the records will be available. This three-day response requirement is one of the shorter timeframes among states, though it allows for extensions when records require extensive research, redaction, or retrieval from off-site storage.
Privacy Exemptions Under Arkansas FOIA
Arkansas Code § 25-19-105 establishes numerous exemptions protecting individual privacy. Key privacy-related exemptions include: undeveloped investigatory files of law enforcement agencies; medical records; scholastic records; records containing trade secrets or proprietary commercial or financial information; personnel records (with limited exceptions for certain information about public employees); adoption records; Social Security numbers; credit card, debit card, and bank account numbers; personal telephone numbers and addresses of employees and officials (with certain exceptions); and victim information in domestic violence and sexual assault cases.
Arkansas Code § 25-19-105(b)(12) specifically exempts "personal information" as defined by the state's data breach notification law when contained in government databases. Additionally, Arkansas Code § 16-90-1106 provides that expunged criminal records are not subject to disclosure under FOIA.
Fee Schedules and Costs
Arkansas law allows government entities to charge reasonable fees for copying public records. Under Arkansas Code § 25-19-105(d), charges cannot exceed actual reproduction costs. Many agencies charge $0.25-$0.50 per page for standard paper copies, though electronic records often incur minimal or no copying fees. The first 25 pages of copies must be provided at no charge. Research and retrieval time exceeding two hours may be charged at a reasonable rate, typically the hourly wage of the lowest-paid employee capable of performing the task.
Appeals Process
If a government entity denies a FOIA request, the requester may appeal to the Arkansas Attorney General's Office within 60 days under Arkansas Code § 25-19-105(e). The Attorney General must issue an opinion within 45 days. If the Attorney General determines the records should be released and the entity still refuses, the requester may file suit in circuit court. Prevailing requesters may recover attorney's fees and costs if the denial was without reasonable cause.
HIPAA and Health Privacy in Arkansas
The Health Insurance Portability and Accountability Act (HIPAA) establishes federal baseline protections for medical information that apply uniformly across all states, including Arkansas. HIPAA's Privacy Rule governs how covered entities—health plans, healthcare clearinghouses, and healthcare providers who transmit health information electronically—may use and disclose protected health information (PHI).
In Arkansas, HIPAA-covered entities must comply with all federal requirements, including obtaining patient authorization before most disclosures of PHI, providing Notice of Privacy Practices, implementing administrative, physical, and technical safeguards, and reporting breaches affecting 500 or more individuals to the U.S. Department of Health and Human Services. Arkansas residents have the same HIPAA rights as individuals nationwide: the right to access their medical records within 30 days of request, the right to request amendments, the right to receive an accounting of disclosures, and the right to request restrictions on certain uses and disclosures.
Arkansas-Specific Health Privacy Protections
Arkansas law provides additional privacy protections for specific categories of health information. Arkansas Code § 20-9-602 establishes stringent confidentiality requirements for HIV/AIDS-related information. Healthcare providers cannot disclose HIV test results without written authorization from the patient, except in specific circumstances such as reporting to the Arkansas Department of Health as required by law, emergency medical situations, or pursuant to court order.
Mental health records receive enhanced protection under Arkansas Code § 20-47-107, which restricts disclosure of records from mental health treatment. These records cannot be released without patient consent except in limited circumstances such as medical emergencies, civil commitment proceedings, or when necessary to protect third parties from imminent harm.
Substance abuse treatment records are protected by both federal law (42 CFR Part 2) and Arkansas Code § 20-64-1602, which restricts disclosure of information about individuals receiving treatment for alcohol or drug abuse. These protections are generally stronger than standard HIPAA protections, requiring specific written consent for most disclosures.
Accessing and Protecting Your Medical Records in Arkansas
Arkansas residents seeking to access their medical records should submit written requests directly to their healthcare providers. Under both HIPAA and Arkansas Code § 16-46-106, healthcare providers must provide copies of medical records upon patient request, typically within 30 days. Providers may charge reasonable fees for copying, though Arkansas law limits these fees to actual costs. For records related to pending litigation or workers' compensation claims, Arkansas Code § 16-46-106 establishes specific procedures and fee limitations.
To protect medical privacy, Arkansas residents should review their Notice of Privacy Practices, request restrictions on particularly sensitive information if needed, and consider requesting an accounting of disclosures to identify any unexpected sharing of medical information. Complaints about HIPAA violations can be filed with the U.S. Department of Health and Human Services Office for Civil Rights, while complaints about Arkansas-licensed healthcare providers can be filed with the appropriate state licensing board.
Consumer Data Privacy Rights in Arkansas
Arkansas has not enacted comprehensive consumer data privacy legislation comparable to California's Consumer Privacy Act or Virginia's Consumer Data Protection Act. Consequently, Arkansas residents' rights regarding data collection by private businesses are primarily governed by federal laws and industry-specific regulations rather than broad state-level consumer privacy statutes.
Federal Privacy Rights Available to Arkansas Residents
Arkansas consumers benefit from several federal privacy laws. The Fair Credit Reporting Act (FCRA) provides rights regarding information collected by credit reporting agencies, including the right to access credit reports annually without charge, dispute inaccurate information, and limit prescreened credit offers. Arkansas residents can request free annual credit reports from Equifax, Experian, and TransUnion through AnnualCreditReport.com.
The Telephone Consumer Protection Act (TCPA) restricts telemarketing calls and robotexts. Arkansas residents can register phone numbers on the National Do Not Call Registry at DoNotCall.gov to reduce unwanted marketing calls. The CAN-SPAM Act provides limited rights regarding commercial email, requiring functioning opt-out mechanisms in marketing emails.
For financial services, the Gramm-Leach-Bliley Act requires financial institutions to provide privacy notices and honor opt-out requests regarding sharing information with non-affiliated third parties. Arkansas residents should review annual privacy notices from banks, credit card companies, and other financial institutions to understand and exercise available opt-out rights.
Data Broker Removal Rights
While Arkansas has no state law requiring data brokers to honor removal requests, many people-search websites and data aggregators provide opt-out mechanisms voluntarily or under pressure from states with stricter laws. Arkansas residents seeking to reduce their online footprint should systematically request removal from major data brokers including Spokeo, WhitePages, BeenVerified, Intelius, PeopleFinders, and TruthFinder. Each site maintains different opt-out procedures, typically requiring identity verification and manual submission of removal requests.
The process is time-consuming because Arkansas residents cannot invoke state law requiring compliance, and data brokers frequently re-aggregate information from public records and other sources. Persistent, repeated removal requests combined with limiting information available in public records (where legally possible) provides the most effective approach for Arkansas residents without comprehensive state privacy legislation.
Limitations of Privacy Rights in Arkansas
Without comprehensive state privacy legislation, Arkansas residents cannot demand that businesses disclose what personal information they've collected, request deletion of that information, or opt out of the "sale" of their personal information—rights available to residents of states with comprehensive privacy laws. Businesses operating solely in Arkansas face no state-level requirement to provide privacy policies, honor access requests, or implement data minimization practices beyond sector-specific federal requirements.
This gap means Arkansas residents must rely on market pressure, voluntary corporate privacy policies, and federal enforcement actions rather than state-level rights and remedies. Advocacy organizations continue pushing for comprehensive privacy legislation in Arkansas, but until such laws pass, residents face significantly more limited privacy rights than counterparts in states with comprehensive privacy statutes.
Employment Background Checks & Privacy in Arkansas
Arkansas employers frequently conduct background checks on job applicants and employees, governed by a combination of federal law, limited state statutes, and common law privacy principles. Understanding these rules helps Arkansas residents protect their privacy rights during the employment process.
Federal Requirements Under the FCRA
When Arkansas employers use third-party background check companies (consumer reporting agencies), they must comply with the Fair Credit Reporting Act. The FCRA requires employers to: (1) obtain written consent before procuring a background check; (2) provide a copy of the report and a summary of FCRA rights before taking adverse action based on the report; (3) allow the applicant opportunity to dispute inaccurate information; and (4) provide final notice if adverse action is taken. These protections apply to background checks obtained through third-party services but not to research conducted directly by employers using public records.
Arkansas Criminal Records and Employment
Arkansas has no "ban-the-box" legislation prohibiting employers from asking about criminal history on initial job applications, except for specific government positions. Private employers in Arkansas can generally ask about criminal history at any point in the hiring process. However, Arkansas Code § 16-93-1201 et seq. provides for sealing of certain criminal records, which once sealed, need not be disclosed to private employers.
Felony records in Arkansas remain permanently accessible unless sealed or expunged. Misdemeanor records similarly remain indefinitely. Arkansas Code § 16-90-1401 through § 16-90-1419 establishes procedures for sealing criminal records. Eligible individuals may petition to seal records after completing their sentence and waiting periods: immediately for charges that were dismissed or resulted in acquittal; five years for certain misdemeanors; and varying periods for felonies depending on the offense classification. Violent felonies and sex offenses generally cannot be sealed.
What Arkansas Employers Can and Cannot Access
Arkansas employers can access: criminal records from the Arkansas Crime Information Center and county circuit clerk offices; civil court records including lawsuits and judgments; driving records from the Arkansas Department of Finance and Administration; and workers' compensation claims history. Arkansas has no statute limiting how far back employers can review criminal history, unlike California's seven-year limitation on most criminal records in employment decisions.
Employers cannot legally access: sealed or expunged criminal records (Arkansas Code § 16-90-1412 makes it unlawful to release sealed records); juvenile records without court order (Arkansas Code § 9-27-309); medical records without authorization under HIPAA; bankruptcy information more than ten years old under FCRA; or personal social media accounts (Arkansas Code § 11-3-124).
Disputing Inaccurate Background Check Information
Arkansas residents who discover inaccurate information on employment background checks should: (1) immediately notify the employer and background check company in writing, specifically identifying inaccuracies; (2) provide documentation supporting corrections; (3) file a dispute with the consumer reporting agency, which must investigate within 30 days under the FCRA; and (4) for inaccurate criminal records, contact the Arkansas Crime Information Center and the circuit clerk's office in the county where the case was handled to request corrections.
If inaccurate criminal records result from identity confusion, Arkansas residents should request a "name check" from the Arkansas State Police Identification Bureau, which can provide official documentation showing no criminal history or clarifying accurate records. This documentation can be provided to employers to contest inaccurate background check results.
Protecting Yourself in Arkansas: Practical Steps
Arkansas residents seeking to protect their privacy should take proactive steps across multiple domains. While Arkansas lacks comprehensive privacy legislation, individuals can still leverage existing laws and practical measures to enhance privacy protection.
Step 1: Freeze Your Credit Reports
Credit freezes prevent identity thieves from opening new accounts in your name. Arkansas residents can freeze their credit reports for free with all three major credit bureaus. Contact Equifax (1-800-349-9960 or equifax.com/personal/credit-report-services), Experian (1-888-397-3742 or experian.com/freeze), and TransUnion (1-888-909-8872 or transunion.com/credit-freeze). Arkansas law formerly charged fees for credit freezes, but federal law now requires free freezes nationwide under the Economic Growth, Regulatory Relief, and Consumer Protection Act.
You should also freeze reports with lesser-known consumer reporting agencies including Innovis (1-800-540-2505) and the National Consumer Telecom & Utilities Exchange (1-866-349-5355), which maintain separate databases used by utilities and telecommunications companies.
Step 2: Opt Out of Data Broker Websites
Systematically remove your information from major people-search websites. Key sites to target include:
- Spokeo: Visit spokeo.com/optout, search for your listing, and submit the removal request
- WhitePages: Visit whitepages.com/suppression-requests to request removal
- BeenVerified: Visit beenverified.com/f/optout/search, find your listing, and follow the removal process
- Intelius: Visit intelius.com/optout, locate your profile, and submit removal request
- PeopleFinders: Visit peoplefinders.com/manage, search for yourself, and request removal
- TruthFinder: Visit truthfinder.com/opt-out, search for your record, and submit removal
This process requires patience, as each site has different procedures, and listings may reappear as data brokers re-aggregate information. Consider using paid services like DeleteMe or Privacy Duck that systematically remove your information from dozens of data broker sites and monitor for reappearances.
Step 3: Register for the National Do Not Call Registry
Reduce telemarketing calls by registering all phone numbers at DoNotCall.gov or by calling 1-888-382-1222 from the phone you wish to register. Registration is permanent, though telemarketers have 31 days to update their lists. Note that political organizations, charities, telephone surveyors, and companies with which you have an existing business relationship are exempt from Do Not Call requirements.
Step 4: Request Record Sealing or Expungement
If you have eligible criminal records, petition to seal them under Arkansas Code § 16-90-1401 et seq. The process involves:
- Determine eligibility based on offense type and waiting periods specified in § 16-90-1401
- Obtain certified copies of the judgment and commitment order from the circuit clerk where convicted
- File a petition for sealing in the circuit court where the conviction occurred
- Pay the filing fee (currently $150) or file an affidavit requesting fee waiver if indigent
- Serve the prosecuting attorney, who may object within 30 days
- Attend the hearing if the court schedules one
Once sealed, Arkansas Code § 16-90-1412 provides that the proceedings shall be treated as though they never occurred, and sealed records need not be disclosed to private employers. For assistance, contact Arkansas Legal Aid at 1-800-952-9243 or visit arlegalaid.org. The Arkansas Public Defender Commission also provides resources at arpdc.org.
Step 5: Limit Public Records Exposure
Minimize information entering public records by: using a P.O. Box or commercial mail receiving agency instead of your home address for business registrations and licenses; requesting that the county recorder or assessor mark your property records as confidential if you qualify under Arkansas Code § 16-21-107 (available to law enforcement officers and certain public officials); and carefully considering what personal information you include in documents filed with courts or government agencies, as these often become public records.
Step 6: Contact Key Arkansas Privacy Agencies
Know which agencies to contact for specific privacy concerns:
- Arkansas Attorney General's Office: 323 Center Street, Suite 200, Little Rock, AR 72201; (501) 682-2007; arkansasag.gov—for FOIA appeals and consumer protection complaints
- Arkansas State Police Identification Bureau: 1 State Police Plaza Drive, Little Rock, AR 72209; (501) 618-8200—for criminal record information and corrections
- Arkansas Department of Health: 4815 W. Markham Street, Little Rock, AR 72205; (501) 661-2000—for health information privacy complaints
- Arkansas Department of Human Services, Division of Aging, Adult, and Behavioral Health Services: For mental health records issues
Arkansas Data Breach Notification Law
Arkansas Code § 4-110-105 establishes specific requirements for notifying individuals when their personal information is compromised in a data breach. This statute applies to any person or business that conducts business in Arkansas and owns or licenses computerized data containing personal information about Arkansas residents.
When Notification Is Required
Under § 4-110-105(b), notification is required when there has been a breach of the security of the data system resulting in unauthorized acquisition of personal information that compromises the security, confidentiality, or integrity of that information. Personal information means an individual's first name or first initial and last name in combination with: Social Security number, driver's license number or state identification card number, or account number or credit/debit card number combined with security codes or access codes that would permit access to the account.
Notification is not required if, after a reasonable investigation, the entity determines that there is no reasonable likelihood of harm to customers. This determination must be documented in writing and retained for five years.
Notification Timeframe
Arkansas law requires notification "in the most expedient time possible and without unreasonable delay," consistent with the needs of law enforcement and measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system. While this language doesn't specify an exact number of days, Arkansas courts would likely find delays beyond 45-60 days unreasonable absent extraordinary circumstances.
If the breach affects more than 1,000 Arkansas residents, the entity must also notify the Arkansas Attorney General "without unreasonable delay" under § 4-110-105(e). This notification must include: the number of affected Arkansas residents, a description of the incident in general terms, and the estimated date of the breach if known.
Content and Method of Notification
Breach notifications must clearly describe: (1) the incident in general terms; (2) the type of personal information compromised; (3) general acts taken or to be taken by the entity to protect personal information from further unauthorized access; (4) a telephone number or website where affected individuals can contact the entity for information; and (5) advice to remain vigilant by reviewing account statements and monitoring credit reports.
Notice may be provided by written notice, electronic notice if consistent with E-SIGN Act requirements, or substitute notice if the entity demonstrates that the cost of providing notice would exceed $250,000 or the affected class exceeds 500,000 persons. Substitute notice includes email notice when the entity has email addresses, conspicuous posting on the entity's website, and notification to major statewide media.
Penalties for Violations
Arkansas Code § 4-110-108 authorizes the Attorney General to bring civil actions to enforce data breach notification requirements. Violations constitute deceptive and unconscionable trade practices under Arkansas Code § 4-88-101 et seq., which authorizes civil penalties up to $10,000 per violation. Additionally, affected individuals may pursue civil remedies for damages resulting from violations of the statute.
Children's Privacy in Arkansas
Children's privacy receives special protection under both federal law and Arkansas-specific statutes addressing educational records and online data collection.
COPPA Requirements in Arkansas
The federal Children's Online Privacy Protection Act (COPPA) applies uniformly across all states, including Arkansas. COPPA requires operators of websites and online services directed to children under 13, or operators with actual knowledge they're collecting personal information from children under 13, to: provide notice of information practices; obtain verifiable parental consent before collecting, using, or disclosing personal information from children; provide parents access to their children's information and opportunity to prevent further use; maintain reasonable data security; and retain children's personal information only as long as necessary.
Arkansas residents concerned about children's online privacy can file complaints with the Federal Trade Commission at ftc.gov/complaint or by calling 1-877-382-4357. The FTC enforces COPPA and has assessed significant penalties against violators.
Arkansas Student Privacy Laws
The federal Family Educational Rights and Privacy Act (FERPA) protects student education records nationwide, including in Arkansas. FERPA grants parents rights to: inspect and review education records; request amendments of inaccurate records; consent to disclosure of personally identifiable information (with specified exceptions); and file complaints with the U.S. Department of Education. These rights transfer to students at age 18 or upon attending postsecondary institutions.
Arkansas Code § 6-18-1301 et seq. establishes additional requirements for student data privacy. Arkansas law requires the Arkansas Department of Education to implement policies protecting student data collected through the state's education data system. The statute prohibits selling or renting student data and restricts disclosure of personally identifiable student information except in specified circumstances.
Arkansas Code § 6-18-1304 requires school districts to annually notify parents of their rights regarding student data, including rights to access, review, and request correction of student information. The statute also requires transparency regarding what data is collected, how it's used, and with whom it's shared.
Protecting Children's Privacy in Arkansas
Arkansas parents should: annually review notices from schools about data collection practices and privacy rights; request copies of student records to verify accuracy; limit consent for optional data collection that isn't educationally necessary; discuss online privacy practices with children, emphasizing caution about sharing personal information; and file complaints with the Family Policy Compliance Office at the U.S. Department of Education (1-800-USA-LEARN) if schools violate FERPA rights.
Frequently Asked Questions
Can I request removal of my personal information from Arkansas public records?
Generally, no. Arkansas public records laws do not provide mechanisms for removing accurate information from official government records. Property records, court records, business registrations, and similar documents remain public indefinitely. However, you can request that certain records be sealed under specific circumstances: criminal records may be sealed under Arkansas Code § 16-90-1401 if you meet eligibility requirements; and some public officials and law enforcement officers may request confidentiality for property records under Arkansas Code § 16-21-107. For inaccurate records, contact the agency maintaining the records to request corrections with supporting documentation.
How do I obtain my FBI criminal background check in Arkansas?
Arkansas residents can obtain FBI Identity History Summary Checks (commonly called criminal background checks) by submitting fingerprints and a request to the FBI. You can submit electronically through FBI-approved channelers or by mailing a completed application, fingerprint card, and $18 fee to FBI CJIS Division, Attention: SCU, Mod. D-2, 1000 Custer Hollow Road, Clarksburg, WV 26306. For Arkansas state criminal records, contact the Arkansas State Police Identification Bureau at (501) 618-8200 or visit asp.arkansas.gov. The fee for Arkansas state records is currently $22.
Does Arkansas have a comprehensive data privacy law like California's CCPA?
No. Arkansas has not enacted comprehensive consumer data privacy legislation. Unlike California, Virginia, Colorado, Connecticut, and Utah, Arkansas residents cannot invoke state law to demand that businesses disclose what personal information they've collected, delete that information, or opt out of sales of personal information. Arkansas privacy protections are primarily sector-specific, addressing data breach notification, Social Security number protection, and specific categories like financial and health information, but lacking broad consumer data rights against private businesses.
How long does an Arkansas employer have to respond to a request for my personnel file?
Arkansas has no specific statute requiring private employers to provide current or former employees access to personnel files. Unlike states with explicit personnel file access laws, Arkansas employers generally have no legal obligation to share personnel files with employees unless required by other laws (such as FCRA requirements for background check reports) or company policy. Public employees may access certain personnel information through FOIA requests, though Arkansas Code § 25-19-105(b)(12) exempts most personnel records from disclosure. Employees should review employee handbooks for company-specific policies regarding personnel file access.
Can I sue someone for violating my privacy rights in Arkansas?
Arkansas recognizes common law invasion of privacy torts, including: (1) intrusion upon seclusion or solitude; (2) public disclosure of private facts; (3) false light publicity; and (4) appropriation of name or likeness. To prevail, you must demonstrate that the defendant's conduct was highly offensive to a reasonable person and caused damages. Arkansas courts have recognized these claims in cases involving unauthorized recording, disclosure of private medical information, and misuse of personal images. Additionally, specific statutes like the data breach notification law (Arkansas Code § 4-110-108) authorize certain privacy-related lawsuits. Consult with an Arkansas attorney specializing in privacy law to evaluate whether your specific situation supports a viable claim.
How do I remove an arrest record from online databases if charges were dismissed?
If your charges were dismissed or you were acquitted, you should first petition to seal the records under Arkansas Code § 16-90-1401. Once sealed by court order, the records become confidential and should not appear in official background checks. However, private databases and websites may still display the information if they collected it before sealing. For these, you must contact each website individually to request removal, providing proof of sealing or dismissal. Major background check companies covered by the FCRA must investigate disputes and remove inaccurate information. For websites not covered by FCRA, removal depends on their voluntary policies. Consider consulting with an attorney experienced in online reputation management for persistent listings after sealing.
Are dashcam recordings of me on public roads considered public records in Arkansas?
It depends on who made the recording. Dashcam footage from police vehicles is generally subject to Arkansas FOIA and may be accessible as public records, though exemptions might apply if the footage is part of an ongoing investigation under Arkansas Code § 25-19-105(b)(6) or contains information exempt from disclosure. Private dashcam recordings made by individuals are not public records and are not subject to FOIA. However, Arkansas has no general prohibition on recording in public spaces where there's no reasonable expectation of privacy, so private individuals can generally record traffic and public areas without violating privacy laws,