Marissa's Internet Law Blog

In this post I’m going to give a background of the legal protections of privacy rights in the U.S. This post will focus on laws against government intrusion into our privacy. Although such laws do not restrict non-government entities such as Google from invading people’s privacy, they are important in understanding how the right to privacy has been interpreted by the legal system.

Although the Constitution does not contain the word “privacy,” the Bill of Rights has been interpreted as protecting some privacy rights. For example, the Supreme Court ruled in Katz v. United States (1967) that the contents of telephone calls are protected by the 4^th Amendment. This ruling broadened 4^th-Amendment protection by recognizing as “searches” government surveillance activities that do not involve physically entering a location. According to Katz, in order to be protected by the 4^th Amendment, “there is a twofold requirement, first that a person have exhibited an actual (subjective) expectation of privacy and, second, that the expectation be one that society is prepared to recognize as ‘reasonable.’” (1)

However, in Smith v. Maryland (1979), the Court ruled that the telephone numbers one dials are not protected by the 4^th Amendment because a mere sequence of digits does not constitute communication content and because the expectation of privacy in this case is not reasonable. The expectation of privacy is not reasonable because an intelligent, inquisitive person would know that telephone companies have the technological ability to track the numbers that are dialed. (1)

Katz and Smith lay down the standards that the Supreme Court must use to determine whether Internet communications are protected by the 4^th Amendment. Unfortunately, these two rulings are somewhat contradictory. According to Katz, electronic communications such as e-mails and instant messages should be considered private, but according to Smith, such communications, and even telephone calls, might not be private because the technical ability exists to track them.

Later laws have been passed both by states and by the federal government to bolster people’s privacy rights online. A few of the most notable are listed below:

California Information Practices Act of 1977

This state law “limits the collection, management, and dissemination of personal information by state agencies. “ (2)

Electronic Communications Privacy Act of 1986

This federal law contains three parts. The first part, the Wiretap Act, forbids the government from observing or listening to private communications without the permission of at least one of the parties involved in the communication. The Stored Communications Act prohibits electronic communications services to provide user data or the content of communications to the federal government without a subpoena or warrant. Under the USA PATRIOT Act, however, the service provider may provide data to the government if it has a good faith belief that there is an imminent threat of death or serious injury. The third part is the Pen/Trap Statute, which authorizes courts to order the installation of “pen registers,” devices that record phone numbers, but makes it illegal for the pen registers to be able to record the contents of telephone calls. (2)

Computer Matching & Privacy Protection Act of 1988

This federal law sets standards that the government must follow when combining personal data that they have found out about individuals with personal data held by other federal, state, or local agencies. (2)

1. Crump, Catherine. “Data retention: privacy, anonymity, and accountability online.” Stanford Law Review 56.1 (Oct 2003): 191(39). LegalTrac. Gale. Harvard University Library. 10 Dec. 2007  <http://find.galegroup.com/itx/start.do?prodId=LT>.
2. “Privacy: Statutory Protections.” <http://ilt.eff.org/index.php/Privacy:_Statutory_Protections>.

Welcome to my blog! For those who don’t already know, I am writing this blog as my final project for my freshman seminar, Cyberspace in Court. My project will be a blog focusing on Google’s policies toward user privacy, especially their pending deal with DoubleClick and their collection of personally identifiable data without users’ awareness or consent.

Privacy is one of the most important issues facing today’s society. Technologies like the Internet have made it easy to find information without face-to-face contact with other people, producing an impression of increased privacy. However, this sense of privacy is largely an illusion. In addition to providing convenience for everyday people, technology also enables big companies and the government to monitor people’s activities more than ever before.

I decided to focus on Google because it is one of the most useful, well-known, and widely-used web sites in the world. I use Google a lot, and I didn’t know until recently how much of what I do is tracked and recorded. 

Basically, Google’s privacy policy (http://www.google.com/intl/en/privacypolicy.html) says that among the data Google collects from its users are:

1. Lists of users’ search queries, which are tied to particular users through the use of cookies

2. Internet protocol (IP) addresses

3. Which links and advertisements users click on

4. Any data that users voluntarily provide when signing up for Google’s services

Google says it uses these data to personalize users’ experiences, target ads more specifically, conduct research to improve its services and develop new ones, and ensure the functioning of their site. 

Google users can be divided into two groups: those who register for Google accounts by voluntarily providing personal data and those who use Google without creating accounts. The focus of my project will be the second group of people. Google’s policy of collecting data about this group is potentially more problematic, as these users have not consented to providing data and are not necessarily aware of what information Google is collecting about them.

In my next posts I will discuss the legal aspects of what Google is doing. What laws exist in the United States to protect the privacy rights of people who browse the Internet? Then I will discuss why privacy is so important and how it is impacted by technology. Next I will go into more detail on what data Google collects, what Google can use the data for, how the merger with DoubleClick will expand Google’s data-gathering powers, and what limits Google places on itself through its privacy policy. Then I will describe the dangers of third parties accessing this information, compare Google to other search engines in terms of privacy, and explain the arguments for and against limiting websites’ ability to gather data about their users. Finally I will give my opinion on what should be done legally to protect Internet privacy and what restrictions, if any, should be placed on search engines like Google. Along the way I may post about new developments related to my topic.