Skip to content


Controlling Chaos

The Emerging Law of Privacy and Speech in Cyberspace

By Eric J. Sinrod and Barak D. Jolish

The explosion of Internet usage has provided users with avenues to make purchases, invest, and explore issues as deeply personal as sexuality, politics and cultural beliefs. This explosion has been accompanied by concerns over user privacy and access to objectionable content. The concerns over privacy relate to the collection of personal information from users, often through surreptitious technological means, and the risk of eventual dissemination of this information to businesses, governmental authorities, and even those with criminal, fraudulent intent. Those concerned about easy access to objectionable content wish to protect children from exposure to pornography and violence.

Attempts to address these privacy and decency concerns through regulation are met with arguments from those who would urge more freedom from the Internet; many argue that freedom is an essential element of the usefulness and relevance of the medium. Particularly, attempts to regulate forms of expression on the Internet have been challenged on the grounds of censorship and free speech.

Though the approach of the government has generally been to let the industry regulate itself, privacy concerns have prompted the FTC, the Commerce Department, and several states to investigate and enact rules to address privacy procedures on the Internet. The industry response has been to coordinate alliances to facilitate self-regulation, though privacy advocates are skeptical of the efficacy of self-regulation. Technological solutions, such as software which would allow users to control the amount of personal information web sites can gather, have been proposed and are in the initial stages of development, but none are in the production stage as of yet. Efforts to improve privacy protection on US based sites may be spurred by an Internet privacy directive adopted for the European Union, which could potentially put US web site operators at risk for liability to European users for not maintaining privacy procedures deemed adequate under the EU standards.

Attempts to control minors’ access to “indecent” material on the Internet have most notably taken the form of two congressional attempts to pass broad based Internet decency legislation. The first attempt, CDA (Communications Decency Act), was struck down by the Supreme Court as impermissible under the First Amendment. The second attempt, dubbed CDA II, has also been challenged and subjected to a preliminary injunction which has stopped its enforcement until resolution of the case. Several states have attempted their own versions of the decency acts, which have for the most part met with the same fate as the congressional attempts. Technological devices, such as filters, have also been employed to block access by minors, particularly in public schools and libraries. In at least one instance, the use of filters in a public library was successfully challenged as an unconstitutional abridgment of freedom of expression, particularly since the filters screen out a broad range of materials which would not usually be considered obscene.

Internet service providers and legislative bodies have also attempted to address the problem of spam, unsolicited mass emails which may flood computer systems, resulting in problems ranging from annoyance to serious system malfunction. Laws have been aimed at imposing civil liability on spammers, and software filters have been developed which attempt to filter out spam. Unfortunately, neither civil sanctions nor technology have been able to eliminate the spam problem entirely.

Internet Service Providers may also find themselves subject to liability for defamatory materials posted to their sites. Liability is imposed on a sliding scale, depending on whether the provider is deemed a publisher, distributor or common carrier of the information.

Posted in Articles.

June 6, 1999 Cite: 1999 Stan. Tech. L. Rev. 1