Internet Law
by Tom W. Bell

Ch. 05: Privacy


  Prior Prior Chapter Up Title Page Next Next Chapter   Email Listserve Email Listserve  
Table of Contents

Ch.  Subject
01:  Course Management
02:  Introduction
03:  "Law" Online
04:  Free Speech
05:  Privacy
    A.  Common Law
    B.  Regulatory
    C.  Self-Help

06:  Trespass to Chattels
07:  Intellectual Property
08:  Encryption
09:  Hacking
10:  Commerce
11:  Jurisdiction
12:  Lawyers Online
13:  Review

A. Common Law Protections of Privacy

Restatement of Torts (2nd) §§ 652A-E (privacy-related provisions)

Bourke v. Nissan Motor Corp. in U.S.A., No. B068705 (Cal. Court of App., 2nd Dist., July 26, 1993) (finding that employer's reading of employees' email did not violate California common law, constitution, or privacy statutes) (not published) [an alternate source]


  1. What sort of protections do you think common law offers to the privacy of Internet users? Do those protections accord with your reasonable expectations?

  2. For a case finding that Washington state law may limit making freely available on the Internet information otherwise available through commercial services, see City of Kirkland v. Sheehan, 2001 WL 1751590, 29 Media L. Rep. 2367 (Wash Super. Ct. May 10, 2001) (enjoining Internet publication of law enforcement officials' social security numbers on grounds that it violated their privacy rights).

  3. The court in U.S. v. Bach, 310 F.3d 1063 (8th Cir. 2002), held that defendant's Fourth Amendment rights were not violated when Yahoo!, under the compulsion of a state search warrant but without an officer present, seized defendant's emails on its servers and delivered them to police investigators.

  4. For a case affirming that Illinois common law does not prevent the rental of information about consumers' purchasing habits, see Dwyer v. American Express Co., 273 Ill. App. 3d 742, 652 N.E.2d 1351 (Ill. App. 1995).


Bell's Classes #10 and #11: Please read the materials in Ch.05, or browse the websites referenced there, as appropriate.


B. Regulatory Protections of Privacy

McVeigh v. Cohen, 983 F. Supp. 215 (D.D.C. 1998) (finding ECPA bars government from obtaining a user's private information from an online service provider absent a warrant, subpoena, or court order) [an alternate source]

Jessup-Morgan v. America Online, Inc., 20 F. Supp. 2d 1105 (E.D. Mich. 1998) (finding ECPA does not regulate disclosure to private individual of identity of a subscriber of an electronic communication service) [an alternate source]

In Re:, LLC, Case No. 00-13995-CJK (Bankr. E.D. Mass. July 20, 2000) (setting forth stipulation and order establishing conditions on sale of customer information by in settlement of complaint brought by FTC) [an alternative source]

Federal Trade Commission, How to Comply with the Children's Online Privacy Protection Rule (Nov. 1999)

U.S. Dept. of Commerce Safe Harbor Overview (offering introduction to "safe harbor" that allows U.S. companies to avoid prosecution under the European Commission's Directive on Data Privacy by qualifying for certification as providers of "adequate" privacy protection, as defined by the Safe Harbor's Privacy Principles)


  1. Do the legal protections for private email accounts correspond to your reasonable expectations? What about the legal protections for employees' email accounts?

  2. Notwithstanding the evidently good intentions behind COPPA, it bears noting that it has increased legal uncertainty, see Lynne Burke, Contending with COPPA Confusion, Wired News, Aug. 23, 2000 (quoting Alex Bentacur, vice president of girl's clothing site, "[T]he law, which we support completely, is so unclear."), raised the costs of doing business online, see Carolyn Duffy Marsan, Net Privacy Law Costs a Bundle,, May 16, 2000 (relating high costs of complying with COPPA and effects on market), and even forced some web sites to shut down, see Tamara Loomis, Lawyers Wrestle With Online Privacy, New York Law Journal, July 13, 2000 (reporting that some companies have left the market rather than incur costs of complying with COPPA).

  3. The court in In re Toys R Us, Inc. Privacy Litig., 2001 U.S. Dist. LEXIS 16947 (N.D. Cal. Oct. 9, 2001) (MDL No. M-00-1381 MMC, Master File No. C 00-2746 MMC), grappled with the question of whether defendants' use of cookies and web bugs to collect information about plaintiffs' online purchasing and browsing habits violated Title II of the ECPA. The court found, inter alia, that cookies placed on hard drives are not in "electronic storage" for purposes of 18 U.S.C. § 2701 of the ECPA. 2001 U.S. Dist. LEXIS 16947 at *10-*14. The court also found that ECPA § 2520 does not provide a cause of action for aiding and abetting the interception of electronic communications. Id. at *22.

  4. For an account of federal authorities violating their own privacy policies--and perhaps even federal law--see White House on Cookies: Doh!, Wired News, June 26, 2000.

Useful Resources and Optional Reading




C. Self-Help Protections of Privacy

Browse the TRUSTe and BBBOnline websites.

Browse the and HushMail websites.


  1. Does industry self-regulation seem likely to offer adequate protection for the privacy of Internet users? Does it seem likely to prevent the problems that might follow from state regulation?

  2. Do you know how to configure your browser to reject cookies? Have you done so? Why or why not?

  3. Recall our discussion of how filtering software has affected the law and policy of regulating indecent speech. Do you foresee a similar effect with regard to privacy?

  4. For an argument that the availability of self-help alternatives for protecting Internet privacy renders regulation by state authorities constitutionally suspect and functionally inferior, see Tom W. Bell, Pornography, Privacy, and Digital Self-Help, 19 John Marshall J. Comp. & Info. L. 133 (2000).




Prior Prior Chapter Top Top of Page Next Next Chapter   Email Listserve Email Listserve
(C) 2001-05 Tom W. Bell. All rights reserved. Fully attributed noncommercial use of this document permitted if accompanied by this paragraph. - v.2005.09.29