Currently, the United States does not have a universal online privacy law. However, portions of several laws do affect online privacy.

Gramm-Leach-Bliley Act

More commonly known as the Financial Services Modernization Act of 1999, Gramm-Leach-Bliley was the industry-changing law which effectively repealed the 1933 Glass-Stegall Act. Criticized by many, GLB freed the financial sector from various regulations. GLB is legislatively dense and includes several mandatory privacy regulations which effect e-commerce.

The financial privacy rule, safeguards rule and pretexting protection provisions are three components of GLB which outline various data collection and storage regulations. In short, online financial institutions (and certain other types of websites) must maintain a comprehensive data security system which includes an lawful, sound online privacy policy. Consumers must also be able to opt-out of programs which involve sharing information with 3rd parties.

Health Insurance Portability and Accountability Act

Originally sponsored by Sens. Edward Kennedy and Nancy Kassebaum and enacted by Congress in in 1996, the Health insurance portability and Accountability Act is broken up into two main sections: Title I protects health insurance coverage for people who are changing or lost their jobs; Title II, known as the Administrative Simplification (AS) section, outlines rules and standards for the collection and storage of electronic health data.

In addition to protecting sensitive, personally-identifiable, user data, one of the stated goals of the Act is to streamline the effectiveness of the health care field through increased use of “electronic data interchange”.

Children’s Online Privacy Protection Act

If you own or operate a website that attracts children and you’ve never heard of COPPA, start researching, stat! Enacted in 1998 and enforceable since 2000, the Children’s Online Privacy Protection Act governs the collection and storage of minor’s personally-identifiable data. In addition, the legislation outlines acceptable methods for confirming parental consent. Online advertising restrictions are also included in the Act’s provisions.

COPPA regulations must be followed by websites that cater to kids 13 and younger. If your website was not intended to be a child-centric, but you’re aware that tweens visit, by law, you’re still legally bound to the Act.

Looking for a lawyer who can assist with any legal needs associated with COPPA, HIPPA or GLB? Internet privacy law in one of my main areas of practice. To get in touch, fill out the secure form below or feel free to give me a buzz at 888-405-3232.