Statutory and Common Law Claims to Protect Online Privacy

Scope

• Use this page to list sources related to statutory or common law claims regarding online or computer privacy. These are typically those in which there is no government actor that would implicate Fourth Amendment concerns. Where a government entity is involved in a privacy matter, the source should probably be listed instead in Fourth Amendment as Applied to Online Privacy. The Federal Trade Commission's online privacy enforcement actions under Section 5 of the FTC Act, which prohibits unfair or deceptive practices, should typically be listed instead in Spam and Unfair or Deceptive Practices Online.

News / Editorial

• Dawn Kawamoto, Google Toolbar Spurs Another Privacy Lawsuit, Daily Finance (Nov. 9, 2010).
• CBS News, $610K Settlement in School Webcam Spy Case, CBS News (Oct. 21, 2010).
• Jacqui Cheng, Facebook app breach gets the attention of Congress, Ars Technica: Law & Disorder (Oct. 19, 2010).
• Staff, Online Posting of Motorcyclist's Traffic Stop Sets Off Debate on Wiretap Law, FOXNews.com (Jun. 17, 2010).
• Dan Yoder, Top 10 Reasons You Should Quit Facebook, Gizmodo (May 3, 2010).
• Jacqui Cheng, Cyber Privacy Act Not Specific Enough, Opens Door to Abuse, Ars Technica: Law & Disorder (Apr. 26, 2010).
• Kurt Opsahl, How to Opt Out of Facebook's Instant Personalization, Electronic Frontier Foundation (Apr. 22, 2010).
• Kurt Opsahl, Updated: Facebook Further Reduces Your Control Over Personal Information, Electronic Frontier Foundation (Apr. 19, 2010).
• Editorial, Dial-Up Law in a Broadband World, New York Times (Apr. 9, 2010).
• Michael Geist, State Farm challenges Canada's privacy law in court, thestar.com (Apr.5, 2010).
• Evan Brown, E-mails Sent Through Yahoo Account Using Work Computer Protected Under Attorney-Client Privilege, Internet Cases (Mar. 31, 2010).
• Richard Esguerra, Senators Unveil Yet Another Flawed National ID Card Plan, Electronic Frontier Foundation (Mar. 22, 2010).
• Update on Pennsylvania School District Webcam Surveillance Controversy, Privacy Lives Blog Archive (Mar. 22, 2010).
• Google Street View Privacy Lawsuit Fails: Boring v. Google, Inc., Internet Business Law Services (Mar. 17, 2010).
• Steve Lohr, Tracking Electric Use Could Allow Utilities to Track You, Too, New York Times (Mar. 15, 2010).
• Steve Lohr, How Privacy Vanishes Online, New York Times (Mar. 16, 2010).
• Ryan Singel, Classmates.com’s Facebook Mimicking Prompts Privacy Suit, Wired (Mar. 10, 2010).
• David Johnson, Keller v. Electronic Arts: Court Finds that Electronic Arts' Use of Personal Traits in Video Games Violated College Footballer's Rights of Publicity, David Johnson's Digital Media Lawyer Blog (Mar. 9, 2010).
• Thomas Claburn, Google Buzz Stung By Lawsuit , InformationWeek (Mar. 8, 2010).
• Thomas O' Toole, Newspaper Website's Privacy Policy Creates Expectation of Privacy for Commenters?, E-Commerce and Tech Law Blog (Mar. 5, 2010).
• Jacqui Cheng, Parents: school used webcam to spy on our kid at home, Ars Technica (Feb. 18, 2010).
• James Temple, Local Class Action Complaint Filed Over Google Buzz, San Francisco Chronicle (Feb. 17, 2010).
• Barbara Ortutay, Google Tweaks Buzz Social Hub After Privacy Woes, Associated Press (Feb. 12, 2010).
• Marshall Kirkpatrick, The Man Who Looked Into Facebook's Soul, ReadWriteWeb (Feb. 8, 2010).
• Thomas O' Toole, Court Finds Constitutional Significance in Defendant's Failure to Password-Protect Home Wireless Network, E-Commerce and Tech Law Blog (Feb. 3, 2010).
• Amy Miller, Facebook GC Tells Lawyers He's Looking for a Fight, Law.com (Feb. 02, 2010)
• Sophia Pearson, Google Must Face Trespass Suit Over Street View of House, Pool, Business Week (Jan. 29, 2010).
• Nate Anderson, Is Netflix "borking" lesbians with subscriber data releases?, Ars Technica (Dec. 18, 2009). (Netflix being sued under VPPA for releasing "anonymized" data on users' viewing history for its algorithm contests.)
• Larry Magid, Facebook and MySpace delete N.Y. sex offenders, CNET (Dec. 1, 2009).
• Elinor Mills, EFF sues feds for info on social-network surveillance, CNET News (Dec. 1, 2009). (Summary: EFF sued the CIA, Dept. of Defense, and Dept. of Justice for failing to comply with EFF's Freedom of Info. Act request for information regarding their use of social networks in investigations.)
• Howard Mintz, Bank snafu sets up Gmail privacy clash, The Mercury News (Sep. 22, 2009).
• Mark Sherman, Govt review: No privacy problems in cyber security, The Seattle Times (Sep. 18, 2009).
• Declan McCullagh, Facebook fights Virginia's demand for user data, photos, CNET News (Sep. 14, 2009).
• Ryan Paul, Privacy advocates want regulation of behavioral advertising, Ars Technica (Sep. 3, 2009).
• Thomas O'Toole, Marketers make good on threat to challenge Maine privacy law, E-Commerce and Tech Law Blog (Aug. 27, 2009).
• Sarah Schmidt, Facebook to comply with privacy recommendations: Commissioner, Canada.com (Aug. 27, 2009).
• Scott Duke Harris, Facebook knows too much, ACLU says in warning of quizzes, SiliconValley.com (Aug. 26, 2009).
• Eric Bangeman, Swiss privacy commissioner says "nein" to Google Street View, Ars Technica (Aug. 23, 2009).
• CNET, Users file privacy lawsuit against Facebook, CNET News (Aug. 17, 2009).
• Spencer S. Hsu & Cecilia Kang, U.S. Web-Tracking Plan Stirs Privacy Fears, Washington Post (Aug. 11, 2009).
• Todd Lewan, Special alloy sleeves urged to block hackers?, Physorg (Jul. 12, 2009).
• AP, Chips in Official IDs Raise Privacy Fears, Fox News (Jul. 11, 2009).
• Lisa M. Krieger, Online gene testers propose their own regulations, SiliconValley.com (Jul. 9, 2009).
• Richard Wray, Phorm dealt major blow as TalkTalk drops Webwise, The Guardian (Jul. 7, 2009).
• Saul Hansel, Four Privacy Protections the Online Ad Industry Left Out, New York Times (Jul. 6, 2009).
• Richard Wray, BT drops plan to use Phorm targeted ad service after outcry over privacy, The Guardian (Jul. 6, 2009).
• Reuters, Web advertisers propose self-regulation principles, Reuters (Jul. 2, 2009).
• John Timmer, Behavioral advertisers discover the self-regulation gospel, Ars Technica (Jul. 2, 2009).
• Charles Toutant, Restaurateurs Invade Waiters' MySpace, New Jersey Law Journal (Jun. 19, 2009).
• Federal Trade Commission, Sears Settles FTC Charges Regarding Tracking Software, FTC File No. 0823099 (Jun. 6, 2009).
• Tom Espiner, U.K. to monitor, store all social-network traffic?, CNET News (Mar. 18, 2009).
• Tresa Baldas, Web Behavioral Advertising Goes to Court, The National Law Journal (Mar. 2, 2009).
• Stephanie Condon, Congressman, privacy groups challenge FTC Web-ad policy, CNET News (Feb. 12, 2009).
• Nate Anderson, FTC warns of "day of reckoning" for online advertisers, Ars Technica (Feb. 12, 2009).
• Robert L. Mitchell, What the Web knows about you, Computerworld (Jan. 27, 2009).
• Jia Lynn Yang, Careful what you search for, Fortune (Dec. 31, 2008).
• WSGR, Children's Privacy Violations Lead to 1 Million Dollar Penalty, wsgr.com (Dec. 17, 2008).

Legal Briefs / Opinions / Statutes

• American Civil Liberties Union v. DOJ, 10-5159 (D.C. Cir. 2011) (Affirming the district court's order requiring release of certain documents under the Freedom of Information Act relating to the government's use of cell phone location data in criminal prosecutions and remanding for further development of the record regarding other requested documents).
• United States v. Amanuel, No. 06-1103 (2d Cir. Jul. 29, 2010) (law enforcement's failure to properly record electronic pager evidence not a constitutional violation yet testimonial uses barred for failure to comply with ECPA's sealing requirements. However, non-testimonial uses permitted, thus suppression of evidence from follow-on warrants vacated. Defendants may nonetheless be eligible for civil remedies for violative interception.).
• Complaint Melkonian v. Facebook, Orange County Superior Court Case No. 30-2009-00293755-CU-BT-CJC (privacy lawsuit against Facebook that was voluntarily dismissed).
• Zheng v. Yahoo! Inc., No. 08-1068 (N.D. Cal. Dec. 2, 2009) (ECPA does not apply extra-territorially to disclosures by Yahoo!'s Chinese subsidiary of stored communications of plaintiffs that resulted in torture and imprisonment).
• Alamar Ranch, LLC v. County of Boise, No. 09-004, 2009 U.S. Dist. LEXIS 101866 (D. Ida. Nov. 2, 2009) (knowledge of employer monitoring of employee communications over its network could be imputed, not only to the employee but to employee's attorney, resulting in waiver of attorney-client privilege for messages sent by employee to attorney using employer-assigned e-mail account, and vice versa).
• Stengart v. Loving Care Agency, Inc., No. A-3506-08T1 (Sup. Ct. N.J. Jun. 26, 2009) (employer was not entitled to read e-mails exchanged between an employee and her attorneys through her Yahoo! account, even though the emails were stored on the employee's company-issued laptop).
• Steinbach v. Village of Forest Park, No. 06-04215, 2009 U.S. Dist. LEXIS 59907, 2009 WL 2060054 (N.D. Ill. Jul. 14, 2009) (where government employee's personal email accessed without authorization, Stored Communications Act and intrusion upon seclusion claims survive motion to dismiss).
• In re United States, Nos. 08-9131 and 08-9147 (D. Or. Jun. 23, 2009) (§ 2703(a) of the Stored Communications Act incorporates all procedural aspects of Rule 41, including the so-called "notice" requirement of Rule 41(f)(1)(C), which is satisfied by leaving a copy of the warrant with the third-party ISP, and where no property is actually seized—as is true in most cases involving search warrants for e-mail—the notice requirement of Rule 41(f)(1)(C) is not even triggered).
• Yath v. Fairview Clinics, No. A08-1556, 2009 Minn. App. LEXIS 117 (Minn. Ct. App. 2009) (unauthorized posting of personal medical information on MySpace is "publicity" per se for invasion of privacy tort).
• Burnett v. County of Bergen, 198 N.J. 408 (N.J. 2009) (under the Open Public Records Act, SSNs must be removed from documents sought before they are provided, and the requestor must pay for the cost of this removal).
• Van Alstyne v. Electronic Scriptorium Ltd., 560 F.3d 199 (4th Cir. 2009) (plaintiffs pursuing claims under the Stored Communications Act must prove actual damages in order to be eligible for statutory damages, but not for punitive damages or attorney’s fees).
• Moreno v. Hanford Sentinel Inc., 172 Cal. App. 4th 1125 (Cal. Ct. App. 2009) (an author who posts on a public social networking website cannot state a cause of action in CA for invasion of privacy, but may state a cause of action for IIED against a person who submits that article to a newspaper for republication).
• Brahmana v. Lembo, No. 09-106, 2009 WL 1424438 (N.D. Cal. May 20, 2009) (recording keystrokes using software and hardware monitoring tools is sufficient to render plausible the claim that communications were monitored, but the keystrokes must also affect interstate commerce under the Wiretap Act).
• Quon v. Arch Wireless Operating Co., 529 F.3d 892 (9th Cir. 2008) reh'g denied 554 F.3d 769 (9th Cir. 2009).
• Hall v. Earthlink Network, Inc., 396 F.3d 500 (2d Cir. 2005).
• Orin Kerr, Amicus Brief on behalf of CDT, EFF, EPIC, ALA, ACLU, and CNSS in United States v. Councilman, 418 F.3d 67 (1st Cir. 2005).
• Patricia L. Bellia and Peter P. Swire, Amicus Brief on behalf of Sen. Patrick J. Leahy in United States v. Councilman, 418 F.3d 67 (1st Cir. 2005).
• Marc Rotenberg and Marcia Hoffman, Amicus Brief on behalf of Dr. Whitfield Diffie, Dr. Edward W. Felten, Dr. John R. Levine, Dr. Peter G. Neumann, and Dr. Bruce Schneier in United States v. Councilman, 418 F.3d 67 (1st Cir. 2005).
• Theofel v. Farey-Jones, 359 F.3d 1066 (9th Cir. 2004).
• Fraser v. Nationwide Mutual Ins. Co., 352 F.3d 108 (3d Cir 2003).
• Doe v. GTE Corp., 347 F.3d 655 (7th Cir. 2003).
• Bourke v. Nissan Motor Corp., No. B068705 (Cal. Ct. App., July 26, 1993).

Scholarship

• William McGeveran, Disclosure, Endorsement, and Identity in Social Marketing, Univ. of Illinois L. Rev. (2009).
• James Grimmelmann, Facebook and the Social Dynamics of Privacy, Iowa Law Review, Vol. 95, No. 4, (May 2009).
• Deirdre Mulligan, Reasonable Expectations in Electronic Communications: A Critical Perspective on the Electronic Communications Privacy Act, 72 Geo. Wash.L. Rev. 1557 (2004).
• Ben Bratman, Brandeis & Warren's 'The Right to Privacy and the Birth of the Right to Privacy', 69 Tenn. L. Rev. 623 (2002).
• Jarrod J. White, E-Mail @ Work.com: Employer Monitoring of Employee E-Mail, 48 Ala. L. Rev. 1079 (1997).