According to our good friends at Wikipedia,
There's no general federal law that requires websites to have privacy policies, but some federal laws deal with specific narrow privacy issues. For example,
- The Children's Online Privacy Protection Act (COPPA) deals with websites that target children or knowingly collect information about them.
- The Health Insurance Portability and Accountability Act (HIPAA) deals with health-related privacy issues.
States have their own laws for dealing with privacy. California is considered the most influential state when it comes to privacy, and under the California Online Privacy Protection Act of 2003
(Learn more about browsewrap in this recent blog post.)
A recent case from the Eight Circuit shows how that works.
Matthew Carlsen was a subscriber to both the print and online versions of GameStop’s Game Informer Magazine. The terms of service for the online version included a statement that “Game Informer does not share personal information with anyone.”
Carlsen claimed that GameStop had shared his information with Facebook. Specifically,
He alleged that GameStop shared this information through the Game Informer website, which includes features that allow Game Informer users to log in to the website using their Facebook accounts and to use Facebook’s “Like,” “Share,” and “Comment” functions through the Game Informer site.
Carlsen's lawsuit sought damages for breach of contract, among other causes of action, and he sought class action certification so that he could proceed on behalf of other consumers in the same position.
The district court granted GameStop's motion to dismiss, and Carlsen appealed.
your name, home address and zip code, telephone number, e-mail address and (for those purchasing products online) credit card or checking account information including billing and shipping addresses and zip codes.