Historical Chart of Privacy Laws in the United States

FOR GEORGIA TECH PROFESSIONAL EDUCATION PROGRAM INFORMATION SECURITY LAW  

By:  Rob Hassett

www.internetlegal.com

770-393-0990

 October 21, 2003   

LAW DESCRIPTION EFFECTIVE DATE
4th Amendment to US Constitution Prohibits unreasonable search and seizure      1791
5th Amendment to US Constitution Cannot be compelled to testify against oneself regarding criminal activities       1791
Bill of Rights Generally According to Griswold v. Connecticut – right to privacy provided in bill of rights and voided statutes that made the sale or use of contraceptives illegal       1791

Griswald v.

Connecticut   (1965)

14th Amendment to US Constitution All individuals born in the U.S. are citizens of state where they reside and no state shall make or enforce laws which abridge privileges or immunities and no state shall deprive any person of life, liberty or property without due process nor deny equal protection of the law

1868 (In Roe v. Wade, the U.S. Supreme Court held that state laws that made abortion a crime were unconstitutional 410 U.S. 959, 35 Lawyers Ed. 2nd 694 (1973)) (Court held that state could exercise some regulation after the first trimester and much more after the second trimester)

General state based laws regarding privacy and publicity rights

Based on article that appeared in the Harvard Law Review and one of the first cases was a Georgia case; wrongful intrusion, wrongful disclosure of embarrassing private facts; wrongful appropriation and false light

Article 1890; Ga. Case 1905

Federal wire tap statutes 18 USC §2510 and 47 USC §605, FCC Rule 47 CFER 164.501 Restricts listening to telephone conversations

1934

O.C.G.A. §31-12-2 Government agencies are prohibited from identifying people with sexually transmitted diseases

1964

United States Privacy Act5 USC §552.a Prohibits federal agency from disclosing personal data except for publicly announced purposes and requires agencies to keep an account of all disclosures

1966

Mail Privacy Statute, 39 U.S.C. §3623 Prohibits opening of mail without search warrant or consent

1971

Family Education Rights & Privacy Act, 20 U.S.C.  §1232 Restricts disclosures of educational records

1974

The Right to Financial Privacy Act, 12 U.S.C. §3401-3403 Restricts disclosure to government of financial records of banks and similar financial institutions

1978

O.C.G.A. §33-21-23 HMO’s may not disclose any information pertaining to diagnosis without express consent of patient with some exceptions

1979

Identity Theft and Deterrence Act, 18 U.S.C. §1028 Prohibits identity theft

1982

Computer Fraud and Abuse Act, 18 U.S.C. §1030 Prohibits unauthorized access together with either obtaining financial information, causing damage, obtaining something of value or affecting medical records

1984

Cable Communications Privacy Act, 47 U.S.C. §551 Requires notice and consent before cable service provider may collect data of viewing habits

1984

O.C.G.A. §33-39-1, et. seq. Insurance companies are required to keep personal health information confidential with exceptions

1984

Electronic Communications Privacy Act, 18 U.S.C. §2701 Restrictions on accessing another person’s electronic mail

1986

O.C.G.A. §24-9-47 Information about AIDS is confidential

1987

Video Privacy Protection Act, 18 U.S.C. §2710 Prohibits video tape sale and rental companies from disclosing data

1988

Employee Polygraph Protection Act, 29 U.S.C. §2001 Imposes restrictions on employer use of polygraph testing employees

1988

Driver’s Privacy Protection Act, 18 U.S.C.  §2721-2725 Restricts states from disclosing state drivers’ license and motor vehicle records (held constitutional by U.S. Supreme Court)

1994

O.C.G.A. §33-54-3 Information derived from genetic testing is confidential

7/1/1995

The Telecommunications Act , 47 U.S.C. §222 Imposes privacy protection on information held by telecommunications companies

1996

The Children’s’ Online Privacy Protection Act, 15 U.S.C. §6501 Restricts collection of data from children under 13 over Internet

2000

O.C.G.A. §31-33-2, et seq. Requires healthcare providers to provide copies of medical records to patients when requested

7/1/2001

Gramm-Leach-Bliley Act Restricts disclosure of personally identifiable information by financial institutions (broadly defined)

Privacy rules effective 7/1/2001; security rules FTC effective 5/23/2003; security rules for FDIC, Federal Reserve System, Etc. effective 7/1/2001

Georgia – Title 10, Chapter 15 Requires shredding, erasure, making unreadable or other reasonable action regarding medical information, customer accounts or identification numbers, account balances and the like

7/1/03

Health Insurance Portability & Accountability Act

Privacy rules effective 4/14/2003; security rules effective 4/20/2005