Internet Privacy

AuthorJeffrey Wilson
Pages1033-1039

Page 1033

Background

Among the many legal issues presented by the Internet, privacy is a leading problem. In fact, Internet privacy covers a broad range of concerns: fears about the safety of children in chat rooms and on the World Wide Web, the privacy of e-mail, the vulnerability of web users to having their Internet use habits tracked, the collection and use of personal information, the freedom of people to chat and post messages anonymously. Moreover, the rapid evolution of the Internet has frequently brought such privacy concerns before lawmakers and the courts.

Privacy concerns are frequently newsworthy. During the 1990s, child safety advocates highlighted special online dangers for children following high-profile abuse cases. Internet commerce has also been affected, too. The Federal Trade Commission (FTC) report noted in 2000 in its annual report to Congress that survey data demonstrated 92% of consumers are concerned about the misuse of personal information online. Privacy concerns over unsolicited commercial messages arose as Internet users battled to keep this so-called "spam" out of their e-mail inboxes, while in 2001, civil liberties advocates opposed potential abuse by the Federal Bureau of Investigation of its Carnivore hardware, a data-collecting technology attached to Internet services for criminal investigation.

Congress has been reluctant to enact legislation, relying upon a privacy law last revised in 1986 and passing only one new Internet privacy law in the 1990s. This was not for want of ideas. Numerous bills proposing Internet privacy protections were submitted in Congress during the late 1990s and early 2000s, and the Federal Trade Commission (FTC) also proposed legal reform. But lawmakers showed deep reservations about trifling with Internet regulation of privacy, expressing fears about hurting online commerce and creating an unenforceable regulatory

Page 1034

scheme. Internet crime laws passed, but these criminalized intrusive and destructive behaviors without directly creating privacy rights.

The legal framework for online privacy thus rests largely on two federal laws, a subdued federal regulatory approach, a mixture of state laws, and contradictory case law from the courts:

In 1986, Congress significantly updated the Electronic Communications Privacy Act (ECPA), originally enacted two decades earlier in 1968 to prevent telephone wiretapping. The law protects the privacy of much online communication, such as e-mail and other digital messaging, but far from all of it. The law offers little privacy protection to electronic communication in the workplace, which courts have further restricted.

The Children's Online Privacy Protection Act of 1998 was passed amid complaints that websites frequently sought too much personal information from children. The law requires website operators to maintain privacy policies, grants parents powers to control information gleaned from their children by websites, and grants regulatory power to the FTC.

Throughout the 1990s, the FTC studied and recommended proposals for new Internet privacy laws. The commission made such recommendations again in its annual 2000 report on the issue, but in 2001 new FTC leadership called for more study of the issue and a continued emphasis on self-regulation by business.

Passed in response to the September 11, 2001 terrorist attacks upon the United States, the Patriot Act of 2001 appeared likely to significantly impact online privacy. The law dramatically increases federal police investigatory powers, including the right to intercept e-mail and track Internet usage.

Courts have offered mixed verdicts on anonymity on the Internet. In 1997, Georgia was prohibited from enforcing a statute that barred anonymous communication in ACLU v. Miller. In subsequent cases, courts have allowed plaintiffs to force disclosure of the identities of anonymous users of Internet message boards, but some have required that strict evidentiary standards are met by plaintiffs first.

Electronic Communication Privacy Act
Purpose of the law

The Electronic Communication Privacy (ECPA) of 1986 creates limited statutory privacy rights for Internet users. First enacted in 1968, the law originally sought to prevent wiretapping by determining limits on electronic surveillance. By 1986, growing federal concern about privacy in an age of new communication technology led to a major overhaul. Lawmakers amended the ECPA to extend its privacy protection to several forms of contemporary electronic communication, from cell phones and pagers to computer transmissions and e-mail.

On the Internet the ECPA protects both digital transmissions and stored messages. In general, the law prohibits their interception or disclosure by third parties. It spells out several separate offenses:

Intercepting or endeavoring to intercept communication

Disclosing communication without consent

Using electronic, mechanical, or other devices to intercept communication

Intercepting communication for commercial purposes

Intercepting communication for the purpose of impeding criminal investigations

Besides criminal penalties, the statute authorizes that injured parties may bring civil suits for any damages suffered, punitive damages, and other relief.

Protected Internet Communication

Electronic communication is defined in broad terms as "any transfer of signs, signals, writing, images, sounds, data, or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photo electronic or photo optical system." Thus the ECPA extends privacy protection to everything from e-mail to drawings, pictures, and sounds as well. For communication to receive the law's protection, it cannot be simply sent between two computers: the communication must take place in the course of interstate or foreign commerce.

However, numerous exceptions are spelled out in the law. These fall into three categories:

Limited exceptions allowing employees of network services access to communication under specific circumstances

Broad workplace exceptions allowing employers access to employee e-mail

Page 1035

Conditional government authority to carry out criminal investigations

Exceptions for Employees of Network Services

The ECPA prohibits employees of Internet providers from eavesdropping on subscribers' e-mail or other communication. However, it is not unlawful for these...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT