Internet privacy laws have been implemented to protect us from legal violations. These laws are meant to protect us against cyber threats and data intrusions which are designed to extract personal or confidential information (e.g., intellectual properties, trade secrets) without authorization. Data privacy is paramount when it comes to the collection, use, and storage of personal or confidential information. However, not many are taking proper steps to ensure security. These steps can include encryption, firewalls, intrusion detection systems, and two-factor authentication.
It is important to realize that even though the criminals are not personally entering your private space or domain, however, they are still able to follow your digital footprints. These digital footprints can be followed by using special tools – e.g., keylogger – which can follow you without your knowledge and consent. Also, cookies can be used to follow you around in a clandestine manner.
What are the internet privacy rules or regulations?
There are several state and federal laws that are designed to protect your privacy. The federal laws are as follows: FTC Act, ECPA, CFAA, COPPA, CAN-SPAM Act, GLBA, and FACTA which apply to financial institutions and creditors and require them to use special programs.
In California, some remarkable state privacy laws include:
- Anti-Phishing Act makes “phishing” or “phishing attacks” unlawful in the state.
- Computer Spyware Laws make the intentional installation of malware in order to take control or use another’s computer illegal.
- Cyberbullying Laws define “bullying” and make it unlawful under certain conditions.
- California Penal Code Sections 502, 502.01, 647, 647.8, 786 and Civil Code § 1708.85 relate to cyber-exploitation (a/k/a “revenge porn”). For example, Civil Code § 1708.85 allows the victim to file a lawsuit against the individual who intentionally and without the victim’s consent distributed the nude photographs or videos.
- Digital Privacy Rights for Minors Laws prohibit websites that are directed to minors from marketing items that those minors would be prohibited to purchase (e.g., cigarettes, alcohol, guns).
- Business & Professions Code Section 22948.20 was enacted in reference to connected televisions (i.e., smart television). It requires a manufacturer to provide the operational information of a voice recognition feature to the user during the initial setup or installation of the connected television.
The California Consumer Privacy Act (“CCPA”) was enacted under AB 375. It allows consumers to demand to see information a company has stored about them and a list of all the third parties that data is shared with. The statute permits consumers to file a legal action against companies if the privacy guidelines are violated. This law affects all companies that serve residents and have at least $25 million in annual revenue. It affects companies of any size that store personal data on at least 50,000 individuals or collect more than half of their revenues from personal data sales. These companies need not be based in California or have a physical presence there to fall under the law.
There are several ways we can be unprotected online. For example, many of us have access to private or confidential information of clients or customers – e.g., bank account information, credit card or social security numbers. Therefore, it is important to train your employees on privacy and cybersecurity rules. It is also important to have access to a reference book that outlines the best practices. The reference book should include information about web browsing, web tracking, internet protocol tracking, VPN tools, encryption tools, SSL websites, cloud computing, and training protocols.
We work with clients regarding internet, technology, and computer laws. Please feel free to contact our law firm in order to speak with an attorney who has knowledge about internet privacy and cybersecurity laws.