Cyberlaw Topics: Privacy
This site contains an overview of privacy issues related to the use of the Internet, including:
Privacy Legislation
Privacy Topics
Selected Cases
Selected Articles and Reports
Samples of Privacy Statements
Other Useful Links
Privacy Legislation
Bank Secrecy Act
By Privacilla.org. Financial institutions are required by the federal government to spy on their customers. Congress authorized the Treasury Department to require them to do so in the Bank Secrecy Act.
Children's Online Privacy Protection Act of 1998 (COPPA)
It is unlawful for an operator of a website to collect personal information from a child in a manner that violates the regulations prescribed herein.
Electronic Communications Privacy Act of 1986 (ECPA)
This site contains the text of the ECPA, which is one of the most important federal statutes regarding privacy in cyberspace.
Fair Credit Reporting Act (FCRA) of 1970
This site from the Federal Trade Commission publishes interpretations concerning the Fair Credit Reporting Act (FCRA) of 1970.
Gramm-Leach-Bliley Act (GLB) of 1999 – information from US Senate
This site contains more information about GLB from the U.S. Senate Committee on Banking, Housing, and Urban Affairs, such as conference report and text of the GLB Bill, summary of provisions, and community reinvestment act amendments.
Gramm-Leach-Bliley Act (GLB aka Financial Modernization Act) of 1999
This site from the Federal Trade Commission outlines the Gramm-Leach-Bliley act, including the public laws regarding disclosure of nonpublic personal information and fraudulent access to financial information.
Health Insurance Portability and Accountability Act (HIPAA) of 1996
This act sets standards for electronic health information transactions and mandates providers and health plans to use the standards set forth. Notably, it protects the privacy of health and medical information; however, it does not preempt state laws that exist in Massachusetts.
Right to Financial Privacy Act of 1998
The Right to Financial Privacy Act (a.k.a. Identity Theft and Assumption Deterrence Act) of 1998 was Congress' response to a U.S. Supreme Court decision that found bank customers had no legal right of privacy for their financial information held by financial institutions.
USA Patriot Act of 2001
This is an anti-terrorism bill to deter and punish terrorist acts in the United States. It contains provisions to vastly expand government investigative authority, especially with respect to the Internet.
Policies that protect consumer rights proposed by the California Public Utilities Commission. Full text available click here.
Social Mapping
The new service that tracks your location in real-time mode is now available with “Sprint”, “Boost Mobile” and “Helio”. The service also lets you share your location with your friends as well as see their location. For more information visit Loopt or Helio.
Bank Secrecy Act - Anti-Money Laundering Handbook
By the U.S. Dept. of Treasury. This the handbook for the Comptroller of the Currency Administrator of National Banks. It provides an overview and background on the Bank Secrecy Act. It provides procedures on how to investigate and report suspicious activity.
Bank Secrecy Act – Financial Crimes Enforcement Network (FinCEN)
FinCEN is a network that brings people and information together in order to fight the complex problem of money laundering. It aids the implementation of the Bank Secrecy Act by supporting law enforcement and other agencies, domestically and globally.
Children's Online Privacy Protection Act of 1998 (COPPA)- How to Comply
By KEYTLaw. The Federal Trade Commission staff prepared this guide to help people comply with the new requirements for protecting children's privacy online and understand the FTC's enforcement authority
Cryptography
By EPIC. In the wake of the terrorist attacks in New York City and Washington D.C. on September 11, 2001, there have been renewed calls among some lawmakers for restrictions on the use and availability of strong encryption products. In Congressional floor statements on September 13 and 19, Senator Judd Gregg (R-NH) called for a global "new regime" in the area of encryption.
FBI: Carnivore, Sniffers, And You
By Computer Networking. The Carnivore network diagnostic tool (sniffer) may be peeking at your email. Get the scoop on the FBI's latest crime-fighting tool.
FBI: How Carnivore Works
By J. Tyson. The FBI's Carnivore can tap into networks to intercept anything done on the Net. Find out what's involved in Web eavesdropping.
Gramm-Leach-Bliley Act: - Financial Privacy Resources
By Privacy Rights Clearinghouse. Contains a variety of financial resources, including “Opt-out” Notices and Sample “Opt-out Letters”
Identity Theft
This site is maintained by the Federal Trade Commission and includes government reports and congressional testimony, law enforcement updates, and links to other sites with helpful information about identity theft."
International: U.S. Safe Harbor Provision
By U.S. Dept of Commerce. The provision allows the transfer of data from EU member countries to a U.S. company provided it certifies that it will follow the EU Directive.
International: 1995 European Union Directive on Privacy (effective October 25, 1998)
Allows the European Commission to prohibits the transfer of personal information and data to non-EU member countries that do not meet the standard of "adequacy" for privacy protection established by the European Parliament and Council.
Privacy Initiatives by Federal Trade Commission (FTC)
The Federal Trade Commission is educating consumers and businesses about the importance of personal information privacy. Read more about their efforts, lessons learned, and what one can do to protect the privacy of personal information.
Privacy Online: International Policy and Practical Guidance
By OECD. "This newly released report includes policy and practical guidance for implementing privacy protection online. It is addressed to OECD member countries, business and other organisations, individual users and consumers."
Technology Solution: A Seal of Approval from TRUSTe
By TRUST.e, an independent, non-profit privacy initiative dedicated to building users' trust and confidence on the Internet and accelerating growth of the Internet industry. TRUST.e developed a third-party oversight "seal" program that alleviates users' concerns about online privacy, while meeting the specific business needs of each of their licensed Web sites.
Technology Solution: Platform for Privacy Preferences (P3P) Project
An Internet protocol developed by the WWW Consortium (W3C) by which net users can quickly determine the privacy policies of websites and identify those sites do not have adequate privacy protection policies regarding the personal information of the user.
The 25th International Conference of Data Protection and Privacy Commissioners urge better communication of data protection and privacy notice, and caution about automatic software updates. Solutions are posted on www.privacyconference2003.org
Canadian privacy officials is providing useful information to help businesses learn how they can comply with the Personal Information Protection and Electronic Documents Act (PIPEDA).
http://www.privcom.gc.ca/ekit/ekit_e.asp
On September 14, 2007 Peter Fleischer(global privacy counsel for California based company) said that new standards should be "mindful of commercial realities, and in line with oftentimes divergent political needs. They need to reflect technological realities." Click here for more information.
Anti-Spam Laws
Selected cases on Spam Laws by spamlaws.com
Network Solutions Inc.'s registration contract enforced against a Dutch company. Lakin Law Firm PC v. Federal Trade Comm’n, 7th Cir., No. 03-1689, 12/16/03
Pharmacy violarted customer's privacy by selling prescription drug records without customer's consent.
Anonymous v. CVS Corp., N.Y. Sup. Ct., No. 604804/99, 12/9/03
The national do-not-call registry, established by the Federal Trade Commission, is upheld constitutionality. Mainstream Marketing Service Inc., v. Federal Trade Commission, 10th Cir., No. 03-1429, 2/7/04
No reasonable exception of privacy by a state employees regarding the use of his desk, office computer and file cabinet. Pornography was found without a warrant.
United States v. Thorn
Customers' name, adresses, telephone numbers, and social security numbers held not to be private nor a privacy violation when disclosed by a mobile phone service. Busse v. Motorola Inc.
"Wiretaping Act protects e-mail in transit or temporarily stored while en route to its final destination argues the DOJ in a review of United States v. Councilman. An online listing service for rare books copied all e-mails amazon.com sent to its customers. The U.S. charged it with ciolating the Wiretap Act because it intentionally intercepted an electronic communication. The district court ruled that e-mails stored are not protected by the Wiretap Act. See DOJ petition at United States v. Councilman.
Selected Articles and ReportsImplementing the Gramm-Leach-Bliley Act: 2 Years Later
Remarks by Governor Mark W. Olson before the American Law Institute and American Bar Association, Washington, D.C. Feb 8, 2002.
Internet Privacy Law
By T. Walton. An internet attorney’s document about the law of privacy relating to computers and the Internet.
Privacy Law in Q1 2002
This survey, copyrighted by the law firm Collier, Shannon, Scott, PLLC, gives a summary of the major privacy issues as they stand in Q1 2002.
Workplace Privacy, An Oxymoron© (.pdf file)
By Professor S. D. Lichtenstein. It is legally and ethically prudent for the employer to fashion a written workplace privacy policy that includes monitoring of computer use while at the same time providing adequate safeguards and protections for employee privacy rights so as to survive judicial scrutiny.
The California government released recommended ‘Best Practices’, guiding company in complying with the new state law that requires companies to notify customers of computer security breaches. The best practices guidelines are available at http://privacy.ca.gov/recommendations/secbreach.pdf
Advertising groups offer guidelines that call on direct marketers to avoid using dishonest and deceptive activities. The guidelines are available at http://www.the-dma.org/press/e_mail_marketing_guidelines.pdf
Schumer released a new survey Oct. 15 in order to give momentum to his anti-spam bill (S. 1231). The survey is available online at http://www.unspam.com/fight_spam/information/survey_oct2003.html
Samples of Privacy StatementsCollecting Information From Visitors To University Web Sites
Online privacy policy statement of the University of Minnesota.
HP Privacy Policy-an example as Safe Harbor compliant by the U.S. Dept. of Commerce
HP provides this Privacy Statement to inform you of our Privacy Policy and practices and of the choices you can make about the way your information is collected online and how that information is used.
American Civil Liberties Union (ACLU)
The American Civil Liberties Union (ACLU) is working daily in courts, legislatures and communities to defend and preserve the individual rights and liberties guaranteed to all people in the U.S. by the Constitution and laws of the United States. See their web site regarding Privacy & Technology.
Center for Democracy and Technology
Has many useful links related to privacy issues and, in particular, to descriptions of legislation proposed and, in some instances, enacted by Congress.
Electronic Privacy Information Center
The Electronic Privacy Information Center (EPIC) focuses public attention on emerging civil liberties, privacy, First Amendment, and other constitutional issues.
Freedomforum
A nonpartisan foundation dedicated to free press, free speech and free spirit for all people.
Legal Information Institute: Privacy Law
Georgetown Internet Privacy Policy Study
