E-Business 101, Part 3: Privacy - Various Acts and Laws
(Page 3 of 4 )
The Children's Online Privacy Protection Act of 1998 (COPPA) is designed to give parents the ability to control what information is collected from their children online. COPPA provides that Web sites cannot collect information from children under the age of thirteen without first obtaining parental consent. COPPA applies to commercial Web sites directed to, or knowingly collecting information from, children under the age of thirteen. Such Web sites must: (1) notify parents of their information practices; (2) obtain verifiable parental consent before collecting a child's personal information; (3) give parents a choice as to whether their child's information will be disclosed to third parties; (4) provide parents access to their child's information; (5) let parents prevent further use of collected information of their child; (6) not require a child to provide more information than is reasonably necessary to participate in an activity; and (7) maintain the confidentiality, security and integrity of the information.
The Protection of Children from Sexual Predators Act (PCSPA) requires an Internet service provider (ISP) to notify a designated federal agency regarding pornography discovered by the ISP that contains a visual depiction of a minor engaging in sexually explicit conduct. An ISP does not need to monitor communications for child pornography. Thus, the PCSPA, while not directly limiting ISPs from collecting information, does mandate that the ISPs disclose personal information in certain circumstances to government agencies. For example, if an ISP knows the identity of a communicator of child pornography and the originator is located with the United States, the ISP must notify an Federal Bureau of Investigation (FBI) office in the area in which the communicator is located. If the ISP does not know the identity of the communicator of the child pornography, but the ISP believes that the communication containing the child pornography originated within the United States, the ISP must notify an FBI office in the state in which the ISP is located. If the ISP believes that the originator of the child pornography is located outside of the United States, the ISP must notify the U.S. Customs Service, regardless of whether or not the ISP knows the identity of the communicator.
The Federal Trade Commission (FTC) has taken a very proactive role in pursuing privacy protections for consumers. For example, the Fair Credit Reporting Act (FCRA) protects user information collected by credit bureaus, medical information companies, tenant screening services, and other consumer reporting agencies. Under the FCRA, consumer reporting agencies cannot provide information in a consumer report to anyone who does not have a purpose as set forth in the FCRA. While the FCRA does not expressly apply to Web sites, it may apply to Web sites of consumer reporting agencies depending on how they collect, use and disseminate consumer information.
Another example of a law that might impact the operation of a Web site, even though the law is not directed solely and specifically to online activities is the Gramm-Leach-Bliley Financial Services Modernization Act of 1999 (GLBFSMA), which became effective on November 12, 2000. The GLBFSMA allows banks, insurance companies, and brokerage firms to affiliate and diversify. The GLBFSMA also allows affiliates of the same company to share consumer information among themselves, so long as the affiliates allow the consumers to opt-out of such sharing of information and the affiliates disclose privacy and confidentiality policies to the consumers.
Many states have also enacted laws that protect the privacy of Web users and Web site visitors. Many of these laws provide similar protections to the ECPA discussed previously above.
Next: International Implications >>
More Website Marketing Articles
More By Myles H. Alderman, Jr.
