Media Awareness Network
HomeAbout UsMembershipSponsorsPress CentreContact Usfrançais
Search
Media Issues
Media and Internet Education Resources
For Teachers For Parents

Blog & News
Media Issues
Research
Educational Games
Special Initiatives
Resource Catalogue

Content Cart
Site Directory
Help



You have
items
in your content cart
Review your selections

issues : privacy : information privacy - u.s. legislation
 

U.S. Legislation

The Public Sector

Federal Trade Commission logoAmerica's Privacy Act of 1974 protects all records held by U.S. federal government agencies, and requires them to apply basic fair information practices in the collection, storage and use of personal information. But unlike Canada, which has the Office of the Privacy Commissioner, the U.S. has no independent agency to oversee privacy issues.

Although about half of the 50 U.S. states have laws dealing with government records, fewer than a dozen give individuals the right to see and correct their files.

The Private Sector

The United States has no federal privacy act to govern the collection, use and storage of personal information by the private sector. The Federal Trade Commission (FTC) is the only agency with authority over such information-gathering; and it can only enforce existing laws—it cannot create new ones.

Consumers and Internet users have often expressed concern over the protection of their personal information online. Privacy advocates have also long argued that online businesses should be subject to fair information practices, and that such practices should be legally enshrined.

In the United States, there have been attempts to draft legislation outlining fair information practices for online businesses; but nothing has yet passed into law. Instead, the industry regulates itself: companies draft their own privacy policies to explain how and why they collect personal information. As it stands right now, however, companies are not legally required to draft such policies.

One exception to this laissez-faire approach is the Children's Online Privacy Protection Act. COPPA was passed by the United States Congress in October 1998, and came into effect in April 2000. The Act, which applies to commercial Web sites, is regulated by the FTC. Its provisions include several requirements for marketers:

  • On the Web, personal information cannot be collected from children younger than 13 without permission from a parent or legal guardian.

  • In most instances, permission from parents and guardians must be verifiable—either through an authorization form mailed or faxed to the company, or through a phone call to a toll-free number.

  • Parents can review the personal information collected from their child, and determine to whom it can be given. If they wish, it can even be deleted.

  • Children cannot be required to give out more information than is reasonably necessary to participate in Web site activities, such as contests and games.

  • Sites must prominently post a clear privacy policy.

All commercial Web sites originating in the United States must adhere to the COPPA guidelines. Site operators face financial penalties if they do not respect these provisions.


 
 
 
 
 
 
U.S. Legislation
 
Overview Media Violence Media Stereotyping Online Hate Electronic Privacy Media and Canadian Cultural Policies
 

Recommended
reading, viewing, surfing

Reports

Privacy and Human Rights Report 2003: An International Survey of Laws and Developments (Electronic Privacy Information Center and Privacy International, September 2003)

Privacy Online: A Report to Congress (Federal Trade Commission, 1998)

Article

E-Commerce and Fair Information Practices for Nonprofit Organizations (Benton Foundation)

Legislation

Children's Online Privacy Protection Act of 1998 (Federal Trade Commission)

 
Information Privacy - U.S. Legislation  

top of page

© 2006 Media Awareness Network