The Federal Trade Commission Act: Regulates commercial practices.
Electronic Communications Privacy Act: This brings computer and other digital communications interceptions into what used to be called the Wiretap Act. It protects electronic communications from interception.
Computer Fraud and Abuse Act: Makes unauthorized computer and data access illegal. This law was intended to criminalize hacking but it is considered by many to be overbroad and have unintended consequences.
Children's Online Privacy and Protection Act: Requires parental consent before collecting information from children under the age of 13.
CAN-SPAM: Controlling the Assault of Non-Solicited Pornography and Marketing Act: Governs deceptive email marketing. We will discuss this more at a later date.
Financial Services Modernization Act: Governs personal information use by financial institutions.
Fair and Accurate Credit Transactions Act: Requires creditors and other financial institutions to maintain identity theft prevention programs.
Many states also have specific privacy laws. California's law, called the California Online Privacy Protection Act , is the most comprehensive and strict nationwide, so most companies use it for guidance when structuring their privacy policies. If your customers could come from all over the country, you should include California provisions in your terms and conditions.
If you have global customers or website visitors make sure you're meeting all the necessary legal requirements.