Legal Frameworks and Natural Rights Within the Digital Age
Module 8 explores how privacy, surveillance, and legal protections intersect in the digital age. As technology continues to transform how information is created, stored, and shared, new questions arise about how individual rights are safeguarded against unauthorized access and government surveillance. This module examines the constitutional, statutory, and judicial frameworks that shape privacy protections and electronic monitoring in cyberspace.
Students will analyze how federal statutes such as the Electronic Communications Privacy Act (ECPA), the Stored Communications Act (SCA), and the Computer Fraud and Abuse Act (CFAA) regulate surveillance and electronic evidence. They will also study landmark U.S. Supreme Court decisions, including Riley v. California (2014) and Carpenter v. United States (2018), which have redefined privacy expectations in the context of digital searches and data collection.
Beyond U.S. law, the module highlights international and regional privacy standards, emphasizing the importance of cross-border cooperation and harmonized legislation in addressing cybercrime. Concepts of search and seizure and digital evidence are examined in detail, focusing on how traditional legal principles adapt to emerging technologies and evolving threats.
By the end of this module, students will understand how law enforcement’s need to investigate cybercrime must be balanced against constitutional protections and human rights standards. Through readings, case studies, and multimedia resources, learners will evaluate how privacy rights can be preserved while ensuring security and justice in a connected world.
Learning Objectives
After completing this module, you should be able to:
- explain how individual privacy rights are challenged and protected in the digital environment, as discussed in The Battle for Digital Privacy Is Reshaping the Internet.
- evaluate how government surveillance and corporate data collection practices affect public trust and digital freedom, drawing from ‘Facebook is a Snitch’ and ‘In 2021, the Police Took a Page Out of the NSA’s Playbook.’
- analyze how the Electronic Communications Privacy Act (ECPA), the Stored Communications Act (SCA), and the Computer Fraud and Abuse Act (CFAA) regulate electronic surveillance and safeguard communications data.
- explain the impact of U.S. Supreme Court rulings like Riley v. California (2014) and Carpenter v. United States (2018) on digital searches, data access, and privacy expectations.
- examine how educational, workplace, and corporate surveillance practices shape a culture of monitoring, with examples from ‘Teacher Spying Is Instilling Surveillance Culture Into Students’ and how one of America’s largest employers relies on federal law enforcement.
- examine the connection between digital privacy and international data security using the case study ‘Clubhouse in China: Is the Data Safe?’, emphasizing cross-border data protection issues.
- compare U.S. and international privacy laws, including California’s data deletion legislation and the global framework of the Budapest Convention on Cybercrime, to understand how different jurisdictions regulate privacy.
- explain how advancing technology challenges the constitutional ideas of search and seizure, and relate these principles to modern digital investigations.
- evaluate how lawful electronic surveillance and evidence collection are balanced against civil liberties and human rights standards in democratic societies.
- evaluate the ethical and legal conflicts between public safety, private industry cooperation, and personal privacy, as reflected in recent legislative and judicial developments reviewed in Supreme Court to scrutinize U.S. protections for social media.
- identify the risks of hidden data tracking within mobile applications, as shown in Privacy: Here is How You Find iOS Apps That Monitor Accelerometer Events, and explain how this surveillance impacts user privacy.
- analyze how browser design and corporate data policies affect consumer privacy choices, based on insights from Why You Shouldn’t Use Google Chrome After New Privacy Disclosure.
- reflect on the broader human rights implications of digital surveillance, emphasizing the principles of necessity, proportionality, and legality in cybersecurity enforcement.
- apply understanding of privacy law, surveillance rules, and digital evidence standards to develop informed positions on current cybercrime policy debates.
Summary
The increasing interconnectedness of digital networks has changed how society understands privacy, surveillance, and individual rights. As people share personal details across platforms, the question of who controls that data and how it is used has become central to legal and ethical discussions. Brian X. Chen’s article The Battle for Digital Privacy Is Reshaping the Internet shows how consumer worries about data tracking and targeted ads are changing online business models and leading to new laws. These changes demonstrate that privacy is not just a legal right but also a key factor in how the internet develops.
Several readings emphasize how surveillance has grown beyond government monitoring to include schools, employers, and corporations. Liam Day’s Teacher Spying Is Instilling Surveillance Culture Into Students shows how educational surveillance normalizes constant monitoring among young users, while Emily Birnbaum and Daniel Lippman’s How One of America’s Largest Employers Leans on Federal Law Enforcement demonstrates how major companies now collaborate with law enforcement for policing and intelligence gathering. Similarly, J.D. Tuccille’s Facebook Is a Snitch and Jennifer Lynch’s In 2021, the Police Took a Page Out of the NSA’s Playbook illustrate how government agencies and tech companies increasingly share data, blurring the line between public safety and personal privacy.
International examples further highlight the complexity of global privacy protection. The Stanford Internet Observatory’s Clubhouse in China: Is the Data Safe? shows how national security laws, censorship, and corporate control of data can clash with user privacy and international human rights principles. California’s data deletion bill, reviewed by Queenie Wong, illustrates how states and countries are trying to give users more control through regional privacy laws, while the Budapest Convention on Cybercrime continues to be a key model for international cooperation against cross-border cybercrime.
Judicial oversight remains essential in defining the boundaries of lawful surveillance. The Supreme Court’s review of online privacy protections, as reported by Andrew Chung, expands on previous rulings such as Riley v. California and Carpenter v. United States, which established that accessing personal data on cell phones or through location tracking requires a warrant. These rulings emphasize that constitutional protections must evolve with technological advances.
The module’s multimedia materials show how privacy risks are present in everyday technologies. The myskapps video highlights how mobile apps can silently record user activity through sensors like accelerometers, while the Forbes podcast discusses how web browsers such as Google Chrome collect user data for advertising, raising new concerns about transparency and consent.
Together, these readings and media sources highlight that privacy in the digital age is a shared responsibility among individuals, corporations, and governments. Effective protection depends on clear legal frameworks, educated digital citizenship, and international cooperation. As technology progresses, the challenge for lawmakers and users will be to ensure that the pursuit of security does not undermine the fundamental rights to privacy and freedom of expression.
Key Takeaways
The complexity of cybercrime legislation is inherent in both the global nature of computing and those complex systems from which it operates. Therefore, cybercrime laws, making international cooperation crucial.
There is a need for unified legislation; that is harmonization of laws, to facilitate law enforcement across borders while protecting human rights.
Council of Europe’s Budapest Convention sets standards for cybercrime legislation, but global adoption is inconsistent.
Search and seizure law challenges to traditional search and seizure laws face difficulties when applied to digital evidence, requiring legal refinement.
Key U.S. legal frameworks, e.g., the Fourth Amendment, ECPA, CFAA, and USA PATRIOT Act govern electronic surveillance and raise privacy concerns.
Balancing security and privacy describe the challenge between law enforcement needs with protecting individual privacy rights, especially regarding digital evidence.
Supreme court rulings like Riley v. California and Carpenter v. United States have set important precedents for digital evidence and privacy protections.
Human rights considerations are inextricably linked to cybercrime laws. Therefore, such laws must respect international human rights standards, including privacy, freedom of expression, and due process.
Evolving legal landscape describes the condition in which as technology advances, cybercrime legislation must continuously adapt while maintaining a balance between effective enforcement and human rights protection.
Key Terms/Concepts
Admissibility of evidence
Budapest Convention
Carpenter v. United States (2018)
Chain of custody
Computer Fraud and Abuse Act (CFAA)
Cross-border data transfer
Cybercrime legislation harmonization
Data privacy
Data Protection
Digital Evidence
Digital rights
Electronic Communications Privacy Act (ECPA)
Electronic surveillance
Fourth Amendment
GDPR (General Data Protection Regulation)
Human rights
Metadata
Online privacy
Reasonable expectation of privacy
Riley v. California (2014)
Search and seizure
Stored Communications Act (SCA)
Surveillance culture
USA PATRIOT Act
Warrant requirement
Wiretap Act
Modern Application
How Insurance Companies Track Your Data
In a recent investigation, the New York Post revealed that several popular smartphone apps, including Life360, GasBuddy, and MyRadar, are quietly collecting detailed vehicle motion data from users without clear knowledge. This data, which includes information such as miles driven, acceleration, hard braking, and collisions, is sent to a data collection company called Arity. Unaware to most users, Arity is owned by Allstate Insurance and shares the collected driving data with Allstate and other auto insurers. This information is then used to evaluate a driver’s behavior, which could affect insurance rates. Many users unknowingly agree to share this data by accepting vague Terms and Conditions without realizing their driving habits are being tracked. The practice of using driving data to determine insurability raises concerns about privacy and the potential for higher insurance premiums based on app usage. This investigation underscores the growing issue of data collection through everyday apps and the often-hidden impact it can have on consumers.
The practice of collecting personal data to build a “profile” is not limited to auto insurance companies. Health insurance companies have long been involved in gathering personal data as well. Jessica Davis (2020) states that, “Reports show health insurers routinely scour public and private sources for consumer generated health data. But 90 percent of patients are unaware of the practice, a MITRE-Harris survey finds” (TechTarget, September).
Here are other useful sources that explore the topic of data collection by insurance companies, particularly through connected vehicles and apps:
- Marketplace Reports on how automakers like GM collect data on drivers’ habits and sell it to data brokers like LexisNexis. This data can then be shared with insurance companies, which could affect drivers’ premiums without their knowledge. (Marketplace).
- Abraham Watkins provides insight into how car manufacturers, including Ford and GM, collect and share driving behavior data with insurance companies. This data often includes details like speed, hard braking, and mileage, which insurers use to determine premiums (AWNA Law).
- Insurify highlights how driver data is collected through connected cars and apps, often without explicit consent. Automakers and third-party brokers sell this data to insurance companies, who then adjust premiums based on driving behavior (Insurify).
These sources give an overview of how vehicle and app data are used in the insurance industry, raising important concerns about privacy, the effect on insurance rates, and even more crucially, human rights.
Read, Review, Watch and Listen
- Read Brian X. Chen’s The Battle for Digital Privacy Is Reshaping the Internet (New York Times, Sep. 16, 2021)
- This article examines how increasing public concern over data collection and targeted advertising has prompted new privacy laws, stronger protections for consumers, and changes in design across major technology companies. Chen discusses how firms like Apple and Google are addressing users’ demands for transparency and control over their personal information.
- Read Clubhouse in China: Is the data safe? (Jack Cable, Matt DeButts, Renee DiResta, Riana Pfefferkorn, Alex Stamos, David Thiel, Stanford Internet Observatory, Feb. 2021)
- This report examines the security and privacy risks of Clubhouse, an audio-based social media app, especially regarding how it handles user data that passes through Chinese infrastructure. It highlights concerns about censorship, government surveillance, and the risk of personal conversations being exposed to authorities.
- Read Liam Day’s Teacher Spying Is Instilling Surveillance Culture Into Students (Reason, Feb. 15, 2022)
- Day explains how remote learning software and school-issued devices enable educators and administrators to monitor student behavior and online activity. The article contends that this practice normalizes surveillance from a young age and diminishes expectations of privacy in educational settings.
- Read J.D. Tuccillie’s Facebook is a Snitch (January, 2022)
- Tuccille explores how social media platforms work with law enforcement by sharing user data, posts, and private messages. He contends that these partnerships raise serious questions about user consent, due process, and the limits of corporate and government surveillance.
- Read Jennifer Lynch’s In 2021, the Police Took a Page Out of the NSA’s Playbook: 2021 in Review (Electronic Frontier Foundation, December 2021)
- Lynch discusses how U.S. police departments are increasingly using advanced surveillance tools like facial recognition, cell-site simulators, and predictive policing software. The article criticizes the lack of transparency and oversight in law enforcement’s use of these technologies.
- Read Emily Birnbaum and Daniel Lippman’s How one of America’s largest employers leans on federal law enforcement (Politico, December 2021)
- This investigative piece shows how Amazon works with federal agencies like the FBI and Department of Homeland Security to track threats and handle risks, sometimes going beyond typical corporate security needs.
- Review, Supreme Court to scrutinize U.S. protections for social media (Andrew Chung, Oct. 2022).
- Chung reports on the U.S. Supreme Court’s decision to review the scope of Section 230 and other online liability protections, focusing on how courts interpret digital platforms’ responsibilities for user content and data moderation.
- Review, Queenie Wong’s, California lawmakers pass bill to make it easier to delete online personal data (Los Angeles Times as reported by Yahoo! News, September 2023).
- This report explains California’s new law that expands the right to request deletion of personal data from online databases. The bill adds to previous laws like the California Consumer Privacy Act (CCPA), strengthening user control over their information.
- Watch Privacy: Here is how you find iOS apps that monitor accelerometer events, such as Facebook (myskapps, Oct., 2021) – also embedded below
- This short video tutorial explains how users can identify iOS applications that secretly access motion sensors like the accelerometer to track user behavior. It reveals how seemingly harmless app permissions can lead to invasive data collection.
- Listen to Why You Shouldn’t Use Google Chrome After New Privacy Disclosure (Forbes, March 2021)
- This podcast explores how recent policy changes in Google Chrome enable increased tracking of browsing habits for advertising. Experts discuss the balance between convenience and privacy, comparing Chrome’s methods with those of more privacy-oriented browsers.
| Resource | Summary of Key Themes | Aligned Learning Objectives |
| The Battle for Digital Privacy Is Reshaping the Internet (Brian X. Chen, New York Times, 2021) | Examines how major tech companies adapt to user demands for stronger privacy protections and reduced tracking, while also exploring the shifting legal and economic incentives behind online privacy reform. | 1, 2, 9, 14 |
| Clubhouse in China: Is the Data Safe? (Stanford Internet Observatory, 2021) | Analyzes vulnerabilities in international data flows and how Chinese law affects global user privacy; highlights the risk of cross-border surveillance. | 6, 7, 11, 13 |
| Teacher Spying Is Instilling Surveillance Culture Into Students (Liam Day, Reason, 2022) | Discusses normalization of surveillance in educational settings through monitoring software, raising long-term implications for privacy expectations. | 5, 8, 9, 13 |
| Facebook Is a Snitch (J.D. Tuccille, Reason, 2022) | Explores how social media platforms share user information with law enforcement and governments; questions the limits of consent and due process. | 2, 4, 9, 10 |
| In 2021, the Police Took a Page Out of the NSA’s Playbook: 2021 in Review (Jennifer Lynch, EFF, 2021) | Reviews the increasing use of advanced surveillance technologies by police and the lack of regulatory oversight. | 3, 8, 9, 13 |
| How One of America’s Largest Employers Leans on Federal Law Enforcement (Emily Birnbaum and Daniel Lippman, Politico, 2021) | Examines Amazon’s collaboration with federal agencies, highlighting its role in corporate surveillance and partnerships with public law enforcement. | 5, 9, 10, 14 |
| Supreme Court to Scrutinize U.S. Protections for Social Media (Andrew Chung, 2022) | Covers upcoming Supreme Court review of social media liability and the intersection of privacy, free speech, and government regulation. | 4, 9, 10, 14 |
| California Lawmakers Pass Bill to Make It Easier to Delete Online Personal Data (Queenie Wong, Los Angeles Times/Yahoo! News, 2023) | Describes state-level privacy reform that grants users more control over personal data and aligns with global privacy principles. | 6, 7, 9, 13 |
| Privacy: Here Is How You Find iOS Apps That Monitor Accelerometer Events (myskapps, 2021) | Demonstrates how mobile apps can access sensors like accelerometers to collect user data without consent. | 11, 12, 13 |
| Why You Shouldn’t Use Google Chrome After New Privacy Disclosure (Forbes, 2021) | Explains how browser tracking and data collection affect users’ online privacy and how browser choice influences exposure to surveillance. | 2, 11, 12, 13 |
Activity – Your Data, Their Profit: Tracking and Insurability in the Digital Age
STOP!!!
Students should review the course syllabus to determine the assignment of this activity.
This is a copy of the module’s activity that students find within Blackboard. For that reason, refer to the Activities page to submit your work for review.
Purpose
This activity aims to help students critically examine how personal data collected through everyday apps and connected devices can be used by insurance companies to influence rates and evaluate risk. By exploring this modern example of digital surveillance, students will apply legal and ethical concepts from the module to assess issues of privacy, consent, and human rights in the context of corporate data collection and behavioral profiling.
Instructions
- Review the Module 8, Modern Application
- Read, Car insurance companies secretly collecting driver data with the help of phone apps: report (New York Post, Ariel Zilber, June 2024).
- Read, High Car Insurance? Your Car Maker May Be Selling Your Driving Data (INSURIFY, Cassie Sheets and Tanveen Vohra, March 2024).
- Read, Patients Vastly Unaware of Insurers’ Access to Online Health Data (xtelligent Healthcare Security, Jessica Davis, September 2020). (https://www.techtarget.com/healthtechsecurity/news/366595578/Patients-Vastly-Unaware-of-Insurers-Access-to-Online-Health-Data).
- Listen to, GM was collecting and sharing drivers’ data, often without their knowledge (Marketplace, Kimberly Adams and Sofia Terenzio, April 2024).
Answer the following questions:
- Based on what you’ve learned, do you think users genuinely “consent” to data collection when using apps or connected devices?
- Should insurance companies be allowed to access behavioral data collected through smartphones and vehicles? Why or why not?
- How does this issue connect to your understanding of human rights and the right to privacy in the digital age?
Key Terms/Concepts
- Digital Surveillance – The monitoring and gathering of individuals’ digital data by private companies or government agencies through apps, devices, or online platforms.
- Informed Consent – The principle that individuals should completely understand and voluntarily agree to how their personal information is collected, used, and shared.
- Data profiling is the process of analyzing personal data to create detailed consumer profiles, often used by insurers, advertisers, or employers to predict behavior or evaluate risk.
- Electronic Communications Privacy Act (ECPA) – A federal law that regulates the interception and disclosure of electronic communications, protecting user data shared via apps and devices.
- Human Right to Privacy – The essential right that shields individuals from invasive data collection or surveillance, highlighting autonomy and dignity in the digital era.
Also review other Module 8 key terms/concepts and integrate those into each response to this assignment’s questions.
Refer to the course learning management system (LMS); that is Blackboard (BB), for the correct due date. In addition, submit your work via BB for grading.
Discussion Questions
- How does the global nature of the internet and the operation of cybercriminals across borders complicate the legal landscape of cybercrime, and what does this imply for international legal cooperation and harmonization?
- Discuss the importance of the Budapest Convention in standardizing cybercrime laws. What difficulties do inconsistent global adoption and enforcement of these standards create for international efforts to fight cybercrime?
- Considering how traditional search and seizure laws adapt to the digital world, what are the main legal and ethical issues that come with electronic surveillance and data collection? How do federal laws like the ECPA and CFAA handle these challenges?
- Analyze the impact of key U.S. Supreme Court cases like Riley v. California (2014) and Carpenter v. United States (2018) on the legal standards for accessing and using digital evidence. How do these rulings balance the need for security with protecting individual privacy rights?
Supplemental Readings
- F.T.C. Study Finds ‘Vast Surveillance’ of Social Media Users (DNYUZ, September 19, 2024) [last accessed, October 6 2024]
- Omnipresent AI cameras will ensure good behavior, says Larry Ellison “We’re going to have supervision,” says billionaire Oracle co-founder Ellison (Benj Edwards, Sep. 16 2024) [last accessed, October 6 2024]
- Kevin Bessle reports, Google settles lawsuit alleging violation of Illinois’ biometric laws (The Center Square Oct 4, 2022).
- Harvard Law Review, Unwarranted Warrants? An Empirical Analysis of Judicial Review in Search and Seizure (June, 2025).
- Mozilla Foundation – Privacy Not Included Buyer’s Guide, How to Protect Your Privacy From ChatGPT and Other AI Chatbots (By Jen Caltrider and Zoë MacDonald | July 18, 2024).
- LawFare – Cyberlaw Podcast
Read, Review, Watch and Listen to all listed materials by the due date listed within the course LMS site.
Click HERE to report any needed updates, e.g., broken links.
Evidence that may be presented before the trier of fact (i.e., the judge or jury) for them to consider in deciding the case.
Officially known as the Convention on Cybercrime, is the first international treaty seeking to address Internet and computer crime by harmonizing national laws, improving investigative techniques, and increasing cooperation among nations. Adopted by the Council of Europe in 2001, the convention came into effect on July 1, 2004. It is open to ratification by any country, and as of my last update, more than 60 countries have ratified the convention, with many others having signed or expressed interest in it.
A seminal Supreme Court case that addressed the intersection of digital privacy and law enforcement, significantly impacting how legal standards apply to digital data. The case revolved around Timothy Carpenter, who was convicted of robbery in part due to cell phone location data obtained by law enforcement without a warrant. The government acquired months' worth of Carpenter's historical cell site location information (CSLI) from his cell phone provider under the Stored Communications Act, which only requires "reasonable grounds" rather than the probable cause needed for a warrant.
A process that tracks the movement of evidence through its collection, safeguarding, and analysis lifecycle by documenting each person who handled the evidence, the date/time it was collected or transferred, and the purpose for the transfer (National Institute of Standards and Technology [NIST], 2021).
A United States federal statute that was enacted in 1986 as an amendment to existing computer fraud law, which had been part of the Comprehensive Crime Control Act of 1984. The CFAA was initially designed to reduce hacking and unauthorized access to computers and computer networks. Over the years, it has been amended several times to address the evolving landscape of cybercrime and to include a wider range of computer-related offenses.
The movement of digital data across countries, raising privacy and jurisdiction concerns discussed in topics like "China: Is the Data Safe?"
The process of aligning laws across countries to effectively combat cybercrime, discussed in the module overview.
The principle of safeguarding personal information from unauthorized access or misuse, closely connected to online privacy and corporate surveillance.
Legal and technical measures to keep personal data secure and used appropriately.
Data stored or transmitted electronically that can be used in court, essential to discussions on its admissibility and authenticity.
Human rights applicable in the online world, including privacy, free expression, and due process.
A United States federal law enacted to extend government restrictions on wire taps from telephone calls to include transmissions of electronic data by computer. It was designed to address the growing use of electronic communications and the need for legislation that would protect users from unauthorized surveillance and access to private communications.
Under the Foreign Intelligence Surveillance Act (FISA) "electronic surveillance" is defined to include "the acquisition by an electronic, mechanical, or other surveillance device of the contents of any wire communication to or from a person in the United States, without the consent of any party thereto, if such acquisition occurs within the United States . . . ." 50 U.S.C. § 1801(f)(2) [U.S. Department of Justice. 2021].
The Fourth Amendment to the United States Constitution is a crucial component of the Bill of Rights, ratified in 1791. It serves to protect the privacy and security of individuals by placing restrictions on governmental intrusion into their personal lives. Specifically, the Fourth Amendment states:
" The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
EU law that sets strict rules for data use and gives individuals strong privacy rights.
Rights inherent to all human beings, regardless of race, sex, nationality, ethnicity, language, religion, or any other status. Human rights include the right to life and liberty, freedom from slavery and torture, freedom of opinion and expression, the right to work and education, and many more. Everyone is entitled to these rights, without discrimination (United Nations, 2021).
Background information generated by digital communications (e.g., location, time, sender), which is important in privacy and surveillance debates.
According to Thomas Reuters | Legal (2021), there is no single law regulating online privacy. Instead, a patchwork of federal and state laws apply. Some key federal laws affecting online privacy include:
The Federal Trade Commission Act (FTC) [1914] – regulates unfair or deceptive commercial practices. The FTC is the primary federal regulator in the privacy area and brings enforcement actions against companies. This includes failing to comply with posted privacy policies and failing to adequately protect personal information.
Electronic Communications Privacy Act (ECPA) [1986] - protects certain wire, oral, and electronic communications from unauthorized interception, access, use, and disclosure.
Computer Fraud & Abuse Act (CFAA) [1986] – makes unlawful certain computer-related activities involving the unauthorized access of a computer to obtain certain information, defraud or obtain anything of value, transmit harmful items, or traffic in computer passwords. The law has been in amended six times.
Children’s Online Privacy Protection Act (COPPA) [1998] – requires certain website and online service providers to obtain verifiable parental consent before collecting, using, or disclosing personal information from minors under the age of 13. It also requires websites to post an online privacy policy, collect only the personal information necessary, and create and maintain reasonable security measures.
Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM Act) [2003] – governs sending unsolicited commercial email and prohibits misleading header information and deceptive subject lines. It also requires senders to disclose certain information, include a valid opt-out mechanism, and it creates civil and criminal penalties for violations.
Financial Services Modernization Act (GLBA) [1999] – regulates the collection, use, and disclosure of personal information collected or held by financial institutions and requires customer notices and a written information security program.
Fair and Accurate Credit Transactions Act (FACTA) [2003] – requires financial institutions and creditors to maintain written identity theft prevention programs.
Many states have also adopted laws affecting online privacy, for example, consumer protection statutes, laws that protect certain categories of PI, information security laws, and data breach notification laws.
In addition to complying with these laws and implementing robust information security programs, there are steps organizations can take to help mitigate cybersecurity threats.
The legal standard courts apply to determine if a search infringes on the Fourth Amendment, essential in cases like Carpenter and Riley.
A landmark United States Supreme Court case that significantly impacted digital privacy rights and law enforcement practices in the digital age. The case arose from two incidents where police officers searched cell phones without a warrant during arrests. David Riley was stopped for a traffic violation, which led to his arrest on weapons charges. During the arrest, officers searched Riley's smartphone without a warrant, finding evidence of gang involvement and linking him to a shooting. This evidence was used to convict Riley. In a related case, Brima Wurie was arrested after police observed him participating in a drug sale. Officers seized his flip phone, accessed its call log without a warrant, and used the information to locate his house, where they found and seized drugs and a gun.
Search and seizure, in criminal law, is used to describe a law enforcement agent’s examination of a person’s home, vehicle, or business to find evidence that a crime has been committed. A search involves law enforcement officers going through part or all of individual's property and looking for specific items that are related to a crime that they have reason to believe has been committed. A seizure happens if the officers take possession of items during the search (Legal Information Institute, 2021).
Part of the Electronic Communications Privacy Act (ECPA) of 1986, a United States federal law designed to protect the privacy of individuals' electronic communications stored by service providers. The SCA specifically addresses the voluntary and compelled disclosure of stored wire and electronic communications and transactional records held by third-party internet service providers (ISPs).
A societal environment where monitoring becomes commonplace in schools, workplaces, and online life, as discussed in readings like "Teacher Spying Is Instilling Surveillance Culture Into Students."
Federal law that increased surveillance powers following the September 11 attacks, directly linked to debates about electronic monitoring and privacy.
The legal obligation for police to get judicial approval before conducting searches, reinforced by Supreme Court rulings on digital privacy.
A core part of federal surveillance law, often discussed along with the Electronic Communications Privacy Act (ECP).
