II. Constitutional Basis for Privacy
III. Invasion of Privacy
B. Unsolicited Email
E. Personal Databases
F. Free Speech
VII. Protection VIII. Conclusion
The right to privacy in Internet activity is a serious issue facing society. 1 Some users of the 'net wish to shield their identities while participating in frank discussions of sensitive topics. Others fulfill fantasies and harmlessly role play under the cover of a false identity in chatrooms, MUDs or the IRC. But there are the eternal "bad apples," and on the Internet, they are the people who use anonymous servers as more than a way to avoid responsibility for controversial remarks. Cases of harassment and abuse have become increasingly frequent, aided by a cloak of anonymity. 2 There are also problems with frauds and scam artists who elude law enforcement authorities through anonymous mailings and postings. Other users are concerned about the proliferation of information on the Internet. Databases of court records are now available for free over the World Wide Web. 3
Since no formal law exists within cyberspace, Internet users can find recourse only through the applicable laws of their own government. This web page will not attempt to discuss conflict of law in the international arena, but will address US law and its relevance to the American Internet user.
The United States Supreme Court has stated that American citizens have the protection of the Fourth Amendment (freedom from search and seizure absent warrant) when there is a reasonable expectation of privacy. 7 Without a reasonable expectation of privacy, however, there is no privacy right to protect. 8 Files stored on disk or tape in the home are protected, but the rule becomes less clear when applied to files stored on an Internet access provider's server. 9 Web servers, on the other hand, may be protected by federal law. 10 Some argue that consent of the access provider, however, is all that is required for law enforcement authorities to search and seize any files in the possession of that access provider. Internet service providers may have a lot of information about the users because servers routinely record information about users' e-mail and web browsing habits. 11
Unsolicited email is not regulated by federal law at present. Various states have outlawedunsolicited commercial email, however. A federal judge in Philadelphiahas ruled that companies have no First Amendment right to send unsolicited messages to online service subscribers. 13 One community remedy preferred by many users is to complain to the offender's service provider and publicly denounce the action on the Internet Blacklist. Another possibility for those with Eudora for the PC is to filter out unsolicited email. 14 Other free software claims to eliminate unwanted email. 15 Individuals have sued spammers in court and won. 16
Individual states specifically prohibit defamation, no matter what form it takes. Defamation consists of false and unprivileged publication which results in economic damages. Financial loss is not necessary where the statement implies that a person is a criminal or has an unpleasant disease, or which injures a person in respect to his other office, profession, or business. A judge in Texas issued an injunction to stop defamatory posting by an Internet user. 17 Hate messages sent by e-mail have also resulted in criminal penalties. 18
In some cases, companies have asked the court system to identify the authors of anonymous defamatorymessages. This has been done by filing "John Doe" lawsuits andissuing subpoenas to Yahoo! and other message boards where individuals have posted the disparaging messages. 19 Most such subpoenas go unchallenged. 20 One CompuServe user has complained that his service provider turned over account information, including credit card numbers, without any notice to him.21 One such plaintiff, Raytheon Corporation, dropped its suit as soon as it discovered the names of the people posting anonymous messages.22
Trade secrets and other confidential information can also pose legal problems. Unauthorized entry into a computer system is illegal, whether the target machine is connected to the Internet or not. 23 Nevertheless, hackers still manage to get past the most difficult of firewalls. 24 Compromise of company secrets can lead to millions of dollars in damages. Hacking is not the only danger to sensitive information, however. 25 Some software can tell webmasters which visitors came from which links. 26 In addition, all e-mail has an address attached. Even if the messagecontent is encrypted, system administrators have access to the fact of communication between two parties. 27 The existence of communication can itself often be secret, and the Internet cannot provide absolute security. In many ways, the Internet abhors secrecy. Many netizens believe in an absolute free-flow of all information.
A few companies are creating huge databases full of private information. 28 Websites may even collect email addresses inadvertently. 29 In many cases, there is no prohibition on the dissemination of personal information. 30 The federal government regulates only its own databases, leaving private database owners to decide how and when to distribute collected information. 31
Webmasters have begun using "cookies" as a means of accumulating information about web surfers without having to ask for it. 32 Cookies attempt to keep track of visitors to a Web site. 33 Criticism of cookies has included fear of the loss of privacy. 34 The information that cookies collect from users may be profitable both in the aggregate and by the individual. Whether the convenience that cookies provide outweighs the loss of privacy isaquestion each Internet user must decide for him or herself. 35
America OnLine has
been accused of selling data based information about users. 36
This has led to an effort on the part of cookie proponents to
control the amount of information that cookies collect. 37
Not all proponents of cookies adhere to the voluntary standards.
The Federal Trade Commission determined that Geocities, a popular
web site where users input personal information, was selling
In addition, there
is current disagreement about whether a system operator or an
access provider should be held liable.
The 1996 Telecommunications Act protects access providers from
liability for the unlawful acts of users (except copyright infringement
Some Courts have protected ISPs and online services from vicarious
liability for the acts of subscribers/customers. On the other
hand, vicarious liability, even without knowledge, may result
when either the web page designer or the ISP (1) has the right and
ability to control the infringer's acts and (2) receives a direct
financial benefit from the infringement.
Anonymous discourse is still available through the use of "remailers." 51 Various problems with the anon.penet.fi forwarding service, a famous anonymous remailing service in Finland, have led to a discontinuation of that service. 52 Other remailers continue to provide anonymity to e-mail and Usenet participants. 53
The key to anonymous publishing on the World Wide Web is to have as many web servers within the control and/or trust of the publisher. It also helpsto have a number of other servers performing a service to the community.Ian Goldburg and David Wagner at Berkeley are attempting to provide that service. 54
Recent versions of Netscape and Internet Explorer give web surfers the option of refusing to accept cookies. Windows users may automatically delete all cookies with every restart of the machine. 55