Home Op-Ed Online Privacy Laws
Gain Traction in Several States
Online Privacy Laws Gain Traction in Several States
0

Online Privacy Laws
Gain Traction in Several States

0

Over the past several years, online privacy has become a hot button issue in state legislatures across America. Here is a brief overview of some of the most prominent online privacy laws at the state level.

Privacy Policies for Online Services

When it comes to website privacy, California has enacted some of the most sweeping legislation of any state in the country. Through the Online Privacy Protection Act of 2003, California requires all operators to post a clearly stated privacy policy on all online services and websites. The privacy policy must identify all categories of personal information collected and disclose the third parties with which the information can be shared. As a result of the new legislation, operators of commercial websites and online services must now disclose the methods they use to respond to “Do Not Track” signals. Consumers can use this information to monitor online tracking of their personal information and make informed decisions about the online services they use. In the same vein, all postsecondary educational institutions must post a social media privacy policy on their official websites.

Monitoring of Employee Internet Access

Some states have enacted legislation governing an employer’s ability to monitor employees’ online activity. In Delaware and Connecticut, for example, employers must provide adequate notice before they begin monitoring the online activity of employees. Delaware allows for a number of exceptions to the law, most commonly in the case of computer system maintenance and court ordered actions. If a Connecticut employer wants to use electronic monitoring to produce evidence of illegal conduct, he or she is not required to submit written notice as long as there are reasonable grounds for monitoring. Similarly, in Colorado and Tennessee, state organizations and other public entities must establish an official policy regarding the monitoring of employee’s e-mail communication. Policies must state that all electronic mail correspondence of the employee may appear on public record. Be sure to advise your clients to see how the states in which their businesses operate deal with these issues before monitoring.

Personal Information Collected by Internet Service Providers

In Minnesota and Nevada, Internet Service Providers (ISPs) must uphold the privacy of certain types of customer information. Although both states expressly prohibit the release of personally identifiable information, Minnesota requires ISPs to obtain permission from customers before releasing information to third-party websites they have visited. Similarly, nonfinancial businesses in California and Utah must inform customers of the types of personal information they share with third party entities.

About the Author

Chris Sundermeier is General Counsel and Chief Privacy Officer for Reputation.com. He comes to the company after representing various Silicon Valley Internet and technology companies for more than a decade as a litigation partner at Cooley LLP.  There, Chris focused on disputes involving complex commercial contracts and technology agreements, securities, fiduciary duty, mergers and acquisitions, and intellectual property.

Mr. Sundermeier graduated magna cum laude with his law degree from Boston College, where he was a member of the Order of the Coif. Prior to attending law school, Mr. Sundermeier taught philosophy at multiple universities and colleges around New York City while working on a Ph.D. in Philosophy at Fordham University. He also holds an undergraduate degree in English and Philosophy from Creighton University.

Full disclosure, Legal Ink Magazine is an affiliate partner with Reputation.com.

Leslie Hobbs
Leslie Hobbs

LEAVE YOUR COMMENT

Your email address will not be published.

Time limit is exhausted. Please reload CAPTCHA.