Technology is changing how we do everything, from connecting with friends to investigating our family history. While most of these changes are for the better, the reality is that many of these new technologies expose us to serious privacy risks, especially as legislation has struggled to keep up. Yet both here in the U.S. and around the world, that could soon change. There are numerous new and pending laws that are starting to seriously tackle the challenges posed by modern technology, helping close gaps in legislation and enforcement that open you up to online stalking, medical data breaches, and disclosure of your online data. Even if you don’t realize it, many of these laws can have a major impact on your life, from how you buy insurance to which bits of personal information are gathered while you shop online, go to the bank, or talk on the phone. What follows is a brief guide to many of the newer and upcoming laws regarding privacy in the United States. You’ll learn what the bills propose, how they’ll affect your life, and when they’ll go into effect, if they haven’t already.
These laws and proposals are designed to protect your privacy in the online and mobile spheres, ensuring that you and those you care about aren’t tracked, subject to data seizures, or the victims of online predators.
Proposed by Rep. Lamar Smith of Texas, this bill is designed to increase the enforcement of laws related to child pornography and child sexual exploitation, specifically by requiring Internet service providers (ISPs) to provide data about subscribers to law enforcement officials. While still on the table for debate, the law has attracted a lot of attention from those who believe it has serious implications with regard to consumer privacy.
- How It Will Affect You: This law doesn’t just affect those who create and distribute child pornography. If passed, all Internet users would see a reduction in privacy. The law would require ISPs to retain user IP addresses and subscriber information for one year, even in the event service is cancelled. This information would include names, addresses, telephone numbers, and account numbers, with no limits on the scope of subscriber information that can be retained and accessed by the government. What’s more, this collected information could be used to prosecute for any issue with probable cause and a warrant. This not only poses problems for the misuse of data by law enforcement; it could also result in serious security issues if information is hacked. It also opens up that information to gross violations of personal privacy and security.
- Timeline: The bill passed the United States House Judiciary Committee on July 28, 2011, but hasn’t gone much further since then, despite garnering 39 co-sponsors by January 2012. It seems to have stalled, and little has been heard of it since it garnered widespread backlash. That’s no guarantee, however, that similar legislation won’t pop up in the future.
The Electronic Communications Privacy Act is almost 30 years old, so why does it appear on this list? Because it’s likely going to see some major revisions to reflect the increased variety and prevalence of electronic communications. The original act was designed to help expand federal wiretapping and electronic eavesdropping provisions, as well as protect communications that occur via wire, oral, and electronic means and to balance the right to privacy of citizens with the needs of law enforcement. In the years since, the law has been under increased scrutiny for being out of date and failing to protect all communications and consumer records. For example, under current law, government agencies can demand ISPs hand over personal consumer data stored on their servers that is more than 180 days old without a warrant. This wasn’t an issue in the past, when most emails were downloaded to individual computers, but with the advent of webmail programs like Gmail and Yahoo, now nearly all consumer email communications are fair game. Major tech companies, like Google, Facebook, Verizon, and Twitter, have advocated for greater privacy and reform of the law.
- How It Will Affect You: If reforms to the ECPA go through, law enforcement and government officials will no longer be able to access your personal emails stored on a server without a warrant, regardless of their age. This is a strong first step towards updating the bill and ensuring the privacy concerns are addressed for present day technology.
- Timeline: No changes have gone through to update ECPA yet, but in November 2012, the Senate Judiciary Committee approved a bill that would strengthen privacy protection for emails by requiring a warrant to access them. It is set to debate in the Congress early this year. Other legislation will likely be needed to deal with privacy issues related to mobile phones, text messages, and social media but no bills reflecting this type of data have been proposed.
Children’s Online Privacy Protection Act:
COPPA isn’t new, either, but it has seen some significant amendments over the past year that are worth mentioning. COPPA, which went into effect in early 2000, protects children under 13 from the online collection of personal information. As a result, many sites today often disallow children under 13 from using their services or require parental permission for disclosure of any personal information. In September 2011, the FTC announced proposed revisions to COPPA that expand the definition of what it means to collect data from children. These new rules would include regulations on data retention and deletion and would require any third parties to whom a child’s information is disclosed to have policies in place to protect the information.
- How It Will Affect You: You will likely only be directly affected by this law if you own or operate a website or have children under 13 who use the Internet. The new amendment is largely positive for parents and children, preventing abuses of data, laying out guidelines for stricter parental approvals, and ensuring that children’s information stays secure. A number of tech giants, however, have pushed back against this legislation. Apple, Facebook, Google, Microsoft, and Twitter, as well as Viacom and Disney, have all objected to several aspects of the new FTC rules stating that they make it nearly impossible for companies to create and disseminate child-focused material.
- Timeline: In late 2012, nearly a year after revisions were proposed, the FTC adopted the final amendments to COPPA, and they are currently in effect.
The GPS Act: The GPS Act, proposed by Representative Jason Chaffetz and Senator Ron Wyden, seeks to give government agencies, commercial entities, and private citizens specific guidelines to when and how geolocation information can be accessed and used. At present, there are no U.S. laws that directly address GPS tracking data, and with the proliferation of trackable devices like cell phones and GPS systems, the act is aiming to update regulations and guidelines to reflect modern sources of privacy concerns.
- How It Will Affect You: If passed, the act will detail the legal procedures and protections that apply to electronic devices that use GPS, will require warrants for the release of GPS data, will make it illegal for individuals to be tracked without their knowledge, and will create criminal and civil penalties for violating these new GPS regulations. This could be a big boon to protecting your personal privacy and security, as it will make it illegal for others to track you (including family members) and will prevent data about your activities from being disseminated without your knowledge, consent, or a court order.
- Timeline: The GPS Act was introduced to the Senate on June 15, 2011. It has not passed, in part because of opposition to two major court decisions, United States v. Jones and United States v. Knotts, which have ruled in favor of allowing law enforcement to place GPS trackers on cars, as well as opposition from the Obama administration. Yet a more recent case addressed by the Supreme Court, United States v. Jones , found that such measures violated the Fourth Amendment, which may help strengthen its passage as it waits to be considered by the Senate Judiciary Committee and the House.
This is part 1 of a 4 part series. Links to part 2, 3 and 4, which will elaborate on effects of privacy laws on Digital Commerce, Work & Employment and Personal information will be updated soon.