Download Locations:
Summary:
Internet privacy issues generally encompass two types of concerns. One is the collection of personally identifiable information (PII) by website operators from visitors to government and commercial websites, or by software that is surreptitiously installed on a user's computer ("spyware") and transmits the information to someone else. The other is the monitoring of electronic mail and Web usage by the government or law enforcement officials, employers, or Internet Service Providers. The September 11, 2001 terrorist attacks intensified debate over the issue of law enforcement monitoring, with some advocating increased tools for law enforcement officials to track down terrorists, and others cautioning that fundamental tenets of democracy, such as privacy, not be endangered in that pursuit. Congress passed the 2001 USA PATRIOT Act (P.L. 107-56) that, inter alia, makes it easier for law enforcement to monitor Internet activities. That act was later amended by the Homeland Security Act (P.L. 107-296), loosening restrictions as to when, and to whom, Internet Service Providers may voluntarily release the content of communications if they believe there is a danger of death or injury. Congress and privacy advocates are monitoring how the act is implemented. The report of the 9/11 Commission called for a full and informed debate on the act. Legislation is pending regarding whether to add, or remove, "sunset" provisions under which certain sections of the act will expire on December 31, 2005. The debate over website information policies concerns whether industry self regulation or legislation is the best approach to protecting consumer privacy. Congress has considered legislation that would require commercial website operators to follow certain fair information practices, but none has passed. Legislation has passed, however, regarding information practices for federal government websites e.g, the E-Government Act (P.L. 107-347). Meanwhile, controversy is rising about how to protect computer users from spyware without creating unintended consequences. Spyware is not well defined, but generally includes software emplaced on a computer without the user's knowledge that takes control of the computer away from the user, such as by redirecting the computer to unintended websites, causing advertisements to appear, or collecting information and transmitting it to another person. Four spyware bills are pending; two have been reported or ordered reported from committee (H.R. 2929 and H.R. 4661). This report provides an overview of Internet privacy, tracks Internet privacy legislation pending before the 108th Congress, and describes the laws that were enacted in the 107th Congress. For information on wireless privacy issues, see CRS Report RL31636. Identity theft is not an Internet privacy issue per se, but is often debated in the context of whether the Internet makes identity theft more prevalent. For example, a practice called "phishing" may contribute to identity theft. Thus, identity theft and phishing are briefly discussed in this report. More specific information on identity theft is available in CRS Report RL31919 and CRS Report RL32121. This report will be updated.
