CRS Reports: Privacy Protections for Personal Information Online & 2 Additional Reports

Three Reports from the Congressional Research Service (via OpenCRS):

1. Privacy Protections for Personal Information Online

There is no comprehensive federal privacy statute that protects personal information. Instead, a patchwork of federal laws and regulations govern the collection and disclosure of personal information and has been addressed by Congress on a sector-by-sector basis. Federal laws and regulations extend protection to consumer credit reports, electronic communications, federal agency records, education records, bank records, cable subscriber information, video rental records, motor vehicle records, health information, telecommunications subscriber information, children’s online information, and customer financial information. Some contend that this patchwork of laws and regulations is insufficient to meet the demands of today’s technology. Congress, the Obama Administration, businesses, public interest groups, and citizens are all involved in the discussion of privacy solutions. This report examines some of those efforts with respect to the protection of personal information. This report provides a brief overview of selected recent developments in the area of federal privacy law. This report does not cover workplace privacy laws or state privacy laws. For information on access to electronic communications, see CRS Report R41733, Privacy: An Overview of the Electronic Communications Privacy Act, by Charles Doyle.

2. Privacy: An Overview of the Electronic Communications Privacy Act

This report provides an overview of federal law governing wiretapping and electronic eavesdropping under the Electronic Communications Privacy Act (ECPA). It also appends citations to state law in the area and the text of ECPA. It is a federal crime to wiretap or to use a machine to capture the communications of others without court approval, unless one of the parties has given his prior consent. It is likewise a federal crime to use or disclose any information acquired by illegal wiretapping or electronic eavesdropping. Violations can result in imprisonment for not more than five years; fines up to $250,000 (up to $500,000 for organizations); in civil liability for damages, attorneys’ fees and possibly punitive damages; in disciplinary action against any attorneys involved; and in suppression of any derivative evidence. Congress has created separate, but comparable, protective schemes for electronic communications (e.g., email) and against the surreptitious use of telephone call monitoring practices such as pen registers and trap and trace devices.

3. Privacy: An Abridged Overview of the Electronic Communications Privacy Act

See Also: Senator Leahy Introduces Bill to Update Digital Privacy Law (via EPIC)

Filed under: Associations and Organizations, News, Reports