What is privacy? How is consumer privacy protected by U.S. law? What recent legal developments protect the privacy of consumers in their dealings with financial institutions online?
THE CLASSIC DESCRIPTION OF PERSONAL PRIVACY appeared in the 1890 Harvard Law Review article of former Supreme Court Justice Louis Brandeis entitled "The Right to Privacy." More than a century later, Brandeis appears clairvoyant based on this quote: "Recent inventions and business methods call attention to the next step, which must be taken for the protection of the person and for securing to the individual what Judge Cooley calls 'the right to be let alone.' Numerous mechanical devices threaten to make good the prediction that 'what is whispered in the closet shall be proclaimed from the housetops.'"
In his article, Brandeis asked whether then-existing U.S. law protected the privacy of the individual, and he answered that it did. He likened the right of personal privacy to the right not to be assaulted or not to be defamed. However, he noted that the right to privacy is limited by certain factors, most notably that (1) privacy rights do not prohibit publication of matters in the public interest and (2) the right to privacy ceases when a person publicizes his or her own facts or gives consent for them to be published. There are other important limitations to the right to privacy, but these are among the most relevant for purposes of privacy in e-commerce.
Illustrating the first point, that privacy does not protect matters of public interest, is the Monica Lewinsky--Bill Clinton dalliance. No matter how private the two considered the details of their relationship, privacy principles did not protect them from publication of the facts. The public's right of comment on matters of public interest--a cherished right in American law--overcomes the right of individual privacy when the facts are of general interest. As Brandeis said, "The law must protect persons with whose affairs the community has no legitimate concern."
Illustrating the second point--that the right to privacy ceases when a person publicizes his or her own facts--are singer Celine Dion's well-publicized unsuccessful attempts at pregnancy and actress Catherine Zeta-Jones' successful effort. While medical facts are among the most sensitive of all facts to some people, announcements to publicists and the media by individuals deprive them of the right to keep the same facts private later.
Legal standard and remedies for invasion of privacy
How does the law protect personal privacy? A tort called invasion of privacy allows individuals to bring lawsuits in court to compensate them for invasions of privacy. An invasion of privacy can lead to a judgment for damages without money damages. Judges and juries can award amounts for mental or emotional distress and, in some cases, have made substantial awards for what amounts to hurt feelings.
Caroline Kennedy's 1997 book, The Right to Privacy, describes a $2 million judgment against a hotel where a camera was hidden behind a two-way mirror in the honeymoon suite. A couple sued the hotel but had no evidence that they were filmed or that anyone had ever seen a film made of them in the suite. Nevertheless, the couple won because the court found that the invasion of privacy caused by the hidden camera would have been highly offensive to a reasonable person. The legal standard for determining when an invasion of privacy has occurred is whether a reasonable person would find the invasion highly offensive.
One problem with the current legal standard is its unpredictability and lack of uniformity across communities. Case-by-case decision making makes it difficult to formulate e-business policies that limit exposure to privacy claims while simultaneously capitalizing on profit opportunities in the marketplace for consumer data. What is highly offensive in Topeka might not offend in Los Angeles. …