Regulating Online Privacy: Some Policy Guidelines, Including Guidelines for International Harmonization

Abstract

With dramatic changes in technology capabilities, much of current privacy law in the US and abroad has been rendered out of date. Analogies and precedents are difficult to interpret, leading to decisions that are inconsistent, problematic, or wrong. Searching the text messages on an iPhone is not the same as overhearing a conversation. Searching an entire Facebook account for evidence of fraud is not the same as searching a bank account. We review the lessons of four current court cases involving online privacy and develop a set of guidelines that could be used to develop coherent privacy policy. The guidelines were developed with the expectation that they could confer no advantage on firms in nation, and that they would provide all citizens with the privacy protections no less than those they enjoy in their home countries.