The Internet is an infant in the eyes of the law. And given its explosive growth and expansion, the law — both at the federal and state level — has had difficulties enshrining concrete legal rules to control such a large forum of activity. Even for myself, I know that I am sometimes uncertain when clients come to me and ask whether anonymous speech posted on an internet message board is actionable for defamation, harassment, or cyber-bullying. I’ve also seen more and more legal articles pointing out how social networking sites such as Facebook and Twitter are becoming fertile sources of evidence in Paternity, Child Custody, Child Support and Divorce proceedings where attorneys try to spin information posted online as support for a legal finding that one party was at fault, or a child should be with one parent versus the other.
Cries for privacy, however, are becoming louder and louder as websites and search engines are tracking individual users’ activity. For instance, there is/was an uproar about Google’s continuing practice of scanning e-mails in a Gmail account and using that data to put targeted advertisements on an individual user’s Gmail page. Facebook does pretty much the same thing.
In the wake of growing criticism, Senators John Kerry and John McCain have pushed for a so-called Privacy Bill of Rights aimed at establishing a “baseline code of conduct for how personally identifiable information and information that can uniquely identify an individual or networked device are used, stored, and distributed.” The proposed legislation was only announced by the Senators on April 12, 2011, so there is not a whole lot of language that is public yet which would enable a thorough review. Accordingly, it remains to be to what extent privacy could be protected on the internet and whether this legislation would pass constitutional muster or judicial review.
Is there a need for such a Privacy Bill of Rights on the internet? In my opinion, there is not a lot of Constitutional protections afforded to internet activity. Recall that the Constitution’s Bill of Rights are only limits on governmental activity (e.g., you can only sue the government for infringing on your free speech rights, free exercise of religion, or right to be free from unreasonable searches and seizures). Thus, because much of the concern appears to be over tracking by private internet corporations, the Constitution does not provide a safe haven of privacy to consumers and users.
And in terms of private interactions between private consumers/users and internet companies, it seems that there is not much that can be done legally over alleged losses in privacy. For instance, with social networking sites and social media, there are usually disclaimers, contracts, or legal waivers that users “check the box” for in order to create an account, allowing the site to track your personal information. Further, supposing an individual filed a civil lawsuit for some sort of privacy violation against an internet company, the internet company would simply say that users/consumers generally do not have a reasonable expectation of privacy when “surfing the web.” The third party-access to internet websites and activity is seemingly limitless. Consequently, a person could hardly be considered to do anything on the internet privately. The status quo seems to suggest that there is a sort of assumption of risk when you go online which says the following: “yes you can use the internet and do all sorts of things, but it’s hardly a private transaction — even though it’s done in your office/home.”