What Legislation Protects You Online?
As the network of internet users and web applications grew over the years, so did the potential for user data breaches. To protect online privacy, there are many pieces of legislation that have been effective enough.
- The Federal Trade Commission Act of 1914, which regulates unfair or deceptive commercial practices. The FTC is the primary federal regulator in the privacy area and brings enforcement actions against companies. This includes failing to comply with posted privacy policies and failing to adequately protect personal information.
- The Electronic Communications Privacy Act (ECPA) from 1986, which protects certain wire, oral, and electronic communications from unauthorized interception, access, use, and disclosure.
- Computer Fraud & Abuse Act (CFAA) from 1986, which makes unlawful certain computer-related activities involving the unauthorized access of a computer to obtain certain information, defraud or obtain anything of value, transmit harmful items, or traffic in computer passwords. The law has been in amended six times.
- Children’s Online Privacy Protection Act (COPPA) from 1998, which requires certain website and online service providers to obtain verifiable parental consent before collecting, using, or disclosing personal information from minors under the age of 13. It also requires websites to post an online privacy policy, collect only the personal information necessary, and create and maintain reasonable security measures.
- Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM Act) from 2003, which governs sending unsolicited commercial email and prohibits misleading header information and deceptive subject lines. It also requires senders to disclose certain information, include a valid opt-out mechanism, and it creates civil and criminal penalties for violations.
- Financial Services Modernization Act (GLBA) from 1999, which regulates the collection, use, and disclosure of personal information collected or held by financial institutions and requires customer notices and a written information security program.
- Fair and Accurate Credit Transactions Act (FACTA) from 2003, which requires financial institutions and creditors to maintain written identity theft prevention programs.
What Can You Do On Your End?
Here is what you can do to protect yourself from some of the most damaging online threats to your data and your privacy:
- Be meticulous about the websites you visit for information or to purchases goods and services. These websites could trick you into making an account and giving up your personal information.
- Install anti-virus software, and keep your web browser of choice up to date on software.
- Set your browser to delete cookies every time you finish browsing or set "opt out" cookies on your browser to cookies aren't allowed at all in your browser.
- You can request a private WHOIS listing. WHOIS is a public database that lists IP addresses and their owners.
- You may also use a Virtual Private Network (VPN) to mask your IP address from others.
- Use the HTTPS protocol instead of HTTP to browse secure websites.
- If you are storing data in cloud storage or using a cloud platform to host a website, you can:
- Find out who is in control of each cloud control security setting
- Ensure that your cloud services provider has your stored data encrypted
- Cloud providers offer logging tools. Use these logging tools to enable self-security logging, and to monitor any unauthorized access attempts and other issues.