Until recently business owners have had limited reason to consider an individual's right of e-commerce and Internet-use privacy. But now privacy issues are rapidly moving to the forefront of e-commerce policy and Internet-use considerations because of the proliferation of electronic business transactions.
Every day courts around the country attempt to interpret and apply the ever-changing legislation pertinent to privacy issues. Ideally courts would balance privacy against other rights such as freedom of speech. But unfortunately the courts are not always moving in the same direction. Currently there are almost 50 bills pending in Congress relating to Internet privacy rights. If enacted, some of this legislation would help clarify on-line privacy issues for business owners.
On-line and Internet privacy is such an important issue because employers can be found liable for defamatory statements, racially insensitive and sexually suggestive employee e-mails when the employer had the right, but failed to monitor its employee computer messages. A California court recently held that companies cannot track employee Internet use unless a specific written policy explains to the worker that monitoring may occur. But other courts have determined that employees don't have a reasonable expectation of privacy for any electronic communication or Internet use while at work. Pending legislation will help clarify employer rights and obligations with respect to employee computer use.
The ability to rapidly accumulate and transfer databases of consumer data, i.e. customer lists, has spurred a booming on-line industry. One of the most important privacy issues at hand relates to the collection, brokering, transferring and publishing of this consumer information. Again, courts don't particularly agree as to what is the permissible scope of dissemination of consumer information. Congress is working to impose restrictions and requirements on collection and use of on-line consumer information.
The Gramm-Leach-Bliley Act, enacted in 1999, requires a financial institution to notify consumers before disclosing any nonpublic personal information to third parties. Pending amendments to the Act will impose further restrictions on disclosure of information to which a consumer has a reasonable expectation of privacy.
Another current hot topic is the use of "cookies" by on-line businesses. Web users may be assigned a cookie, which allows a Web site server to track user information, such as which sites the user visits, how long they are at the site and the stream of sites visited. The cookie allows anonymity of the Web user because no personal data is typically associated with the cookie. This information is accumulated and becomes quite valuable to on-line marketers for determining placement of advertisement, as they can see how a particular Web user, or group of users, move from site to site. Now, however, Internet advertisers are pushing the privacy envelope.
DoubleClick, Inc., a large on-line advertiser, was sued in California for accumulating and using personal Web user information such as names, addresses and telephone numbers. Courts in New York have shut down information sharing activities where there isn't adequate assurance that the consumers had notice that their information would be brokered. At least five states have legislation pending that would eliminate or limit collection and dissemination of consumer information. The pending Consumer Internet Privacy Enhancement Act would address collection of on-line consumer information at the federal level.
Just because the legislature passes a law, however, does not mean that it will be enforced. In 1998, Congress passed the Child On-line Protection Act (COPA), which imposes liability on publishers profiting from Web sites containing any material harmful to minors. The day after COPA was enacted, litigation commenced by the American Civil Liberties Union alleged that the act violated free speech rights. The trial court and appellate court enjoined, or stopped, the Attorney General from applying the COPA penalties against several on-line pornography sites. The legislation will be reviewed by the Supreme Court this Fall. In 1996 a similar statute, the Communications Decency Act, was struck down on First Amendment grounds by the Supreme Court.
Traditionally, very limited avenues have been available to those who believe their privacy is being violated. With the advent of on-going legislative efforts to structure on-line privacy rights, businesses engaging in on-line transactions may have to increase their awareness and application of privacy issues. At very least, enforceable legislation could unite the courts and promote uniform application of privacy rights across the country.