What You Need to Know about Online Privacy Laws

Whether you use it to read email, listen to music, track your child’s progress at school, shop, read, or job hunt, the Internet is a useful tool that touches nearly every part of contemporary life. However, there are privacy risks associated with Internet use. Although you may think that such risks are outweighed by the convenience of seamless online access, in order to make that assessment, you need to know what’s at stake and how online privacy laws may or may not protect you.

When you are online, you provide personal information to others at almost every step of the way.  Your online privacy risks range from the gathering of statistical data about your Internet use, to the spread of largely undetected software programs capable of stealing personal information for fraudulent purposes, to the use of emails and other information about your online habits by law enforcement.

Safeguards in Place to Protect Your Online Privacy

In the United States, the Internet remains largely unregulated. While some states have Internet privacy laws on the books, federal online privacy laws do not provide uniform privacy protections for IP addresses or personal data submitted to search engines. Furthermore, the United States Supreme Court has taken a hands-off approach to regulating the Internet in favor of free speech.

That said, there are some safeguards in place to protect Internet privacy rights. For example, your private email is protected for the most part. The federal Electronic Communications Privacy Act (ECPA) makes it unlawful under certain circumstances for someone to read or disclose the contents of an electronic communication (18 USC § 2511). In addition, in the U.S. Court of Appeals case U.S. v Warshak, decided December 14, 2010, the Court found that given the fundamental similarities between email, postal mail and telephone calls, it follows that email requires strong protection under the Fourth Amendment.

The privacy of children online is also protected by certain online privacy laws. The Children’s Online Privacy Protection Act of 1998 (COPPA) is a federal law that requires website operators to obtain verifiable parental consent for the collection, use, or disclosure of personal information from children. It also mandates that the website disclose what information is collected from children, how such information will be used, and its practices for disclosing gathered information.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. It is important to note that, with regard to the collection and distribution of information gathered during your use of a particular website, FTC compliance merely requires the website to honor its own privacy policy. However, a website may change its privacy policy at any time.

The Commission issues an administrative complaint when it has reason to believe that the law has been or is being violated, and it appears to the Commission that a proceeding is in the public interest. The complaint is not a finding or ruling that the respondent has actually violated the law. The consent agreement is for settlement purposes only and does not constitute admission by the respondent of a law violation. When the Commission issues a consent order on a final basis, it carries the force of law with respect to future actions. Each violation of such an order may result in a civil penalty of up to $16,000.

In a recent complaint, the FTC alleged that a corporation that handles marketing operations for Sears and Kmart websites failed to disclose adequately that its software application downloaded to a particular computer would monitor nearly all Internet activity on that computer, including the sender, recipient, and subject of web-based email and secure transactions such as online banking, prescription information, and video rentals. The consent order points out that companies must disclose the nature of the data that will be tracked before the program is installed, and such disclosure cannot be buried in the lengthy user agreement.

The FTC recently charged two other companies with deceptively claiming that consumers could opt out of receiving targeted ads by changing their computer’s web browser settings to block cookies, but the advertisers used Flash cookies that users couldn’t block on their Web browsers.

Despite these protections, however, consumer groups agree that enforcement of current laws is not sufficient to protect your online privacy rights, and they continue to push for new online privacy laws.

Additional Steps You Should Take to Safeguard Your Privacy Online

Several social networking sites provide their users with protection for their personal information. For example, Facebook offers privacy settings which the user can set for individual facets of the program, from wall posts and status updates to photos and videos. You can block certain individuals from seeing your profile and limit who has access to your pictures. Privacy settings are also available on other social networking sites, such as E-harmony and MySpace, but it is up to the user to apply such settings when providing personal information on the Internet.

Find and read the privacy policy on a website before giving up any personal information. Look for how the site will use and protect the personal information. A privacy policy should answer at least the following basic questions.
• What information is collected?
• How is it collected?
• Why is it collected?
• How will it be used?
• Who will have access to your information?
• What choice do you have if you do not wish to share the information?
• Can you review your information?
• What security measures are in place to protect your information?
• How long will the company honor its privacy policies?
• Who is accountable for the organization’s privacy policies?
Always make sure you trust the site before sharing any private information and that you are aware of applicable online privacy laws. Before you fill out an application for credit in a store or bank, or type your credit card number into an online order form, ask to see a copy of the privacy policy. If you are not happy with the policy’s terms or if you are told there is no written privacy policy, consider looking for another company that is transparent nough to explain how it handles and protects their personal information.

Tags: COPPA, FTC, Internet Privacy, Privacy Policies