FOR GEORGIA TECH PROFESSIONAL EDUCATION PROGRAM INFORMATION SECURITY LAW
By: Rob Hassett
www.internetlegal.com
770-393-0990
October 21, 2003
| LAW | DESCRIPTION | EFFECTIVE DATE |
| 4th Amendment to US Constitution | Prohibits unreasonable search and seizure | 1791 |
| 5th Amendment to US Constitution | Cannot be compelled to testify against oneself regarding criminal activities | 1791 |
| Bill of Rights Generally | According to Griswold v. Connecticut – right to privacy provided in bill of rights and voided statutes that made the sale or use of contraceptives illegal | 1791
Griswald v.Connecticut (1965) |
| 14th Amendment to US Constitution | All individuals born in the U.S. are citizens of state where they reside and no state shall make or enforce laws which abridge privileges or immunities and no state shall deprive any person of life, liberty or property without due process nor deny equal protection of the law |
1868 (In Roe v. Wade, the U.S. Supreme Court held that state laws that made abortion a crime were unconstitutional 410 U.S. 959, 35 Lawyers Ed. 2nd 694 (1973)) (Court held that state could exercise some regulation after the first trimester and much more after the second trimester) |
|
General state based laws regarding privacy and publicity rights |
Based on article that appeared in the Harvard Law Review and one of the first cases was a Georgia case; wrongful intrusion, wrongful disclosure of embarrassing private facts; wrongful appropriation and false light |
Article 1890; Ga. Case 1905 |
| Federal wire tap statutes 18 USC §2510 and 47 USC §605, FCC Rule 47 CFER 164.501 | Restricts listening to telephone conversations |
1934 |
| O.C.G.A. §31-12-2 | Government agencies are prohibited from identifying people with sexually transmitted diseases |
1964 |
| United States Privacy Act5 USC §552.a | Prohibits federal agency from disclosing personal data except for publicly announced purposes and requires agencies to keep an account of all disclosures |
1966 |
| Mail Privacy Statute, 39 U.S.C. §3623 | Prohibits opening of mail without search warrant or consent |
1971 |
| Family Education Rights & Privacy Act, 20 U.S.C. §1232 | Restricts disclosures of educational records |
1974 |
| The Right to Financial Privacy Act, 12 U.S.C. §3401-3403 | Restricts disclosure to government of financial records of banks and similar financial institutions |
1978 |
| O.C.G.A. §33-21-23 | HMO’s may not disclose any information pertaining to diagnosis without express consent of patient with some exceptions |
1979 |
| Identity Theft and Deterrence Act, 18 U.S.C. §1028 | Prohibits identity theft |
1982 |
| Computer Fraud and Abuse Act, 18 U.S.C. §1030 | Prohibits unauthorized access together with either obtaining financial information, causing damage, obtaining something of value or affecting medical records |
1984 |
| Cable Communications Privacy Act, 47 U.S.C. §551 | Requires notice and consent before cable service provider may collect data of viewing habits |
1984 |
| O.C.G.A. §33-39-1, et. seq. | Insurance companies are required to keep personal health information confidential with exceptions |
1984 |
| Electronic Communications Privacy Act, 18 U.S.C. §2701 | Restrictions on accessing another person’s electronic mail |
1986 |
| O.C.G.A. §24-9-47 | Information about AIDS is confidential |
1987 |
| Video Privacy Protection Act, 18 U.S.C. §2710 | Prohibits video tape sale and rental companies from disclosing data |
1988 |
| Employee Polygraph Protection Act, 29 U.S.C. §2001 | Imposes restrictions on employer use of polygraph testing employees |
1988 |
| Driver’s Privacy Protection Act, 18 U.S.C. §2721-2725 | Restricts states from disclosing state drivers’ license and motor vehicle records (held constitutional by U.S. Supreme Court) |
1994 |
| O.C.G.A. §33-54-3 | Information derived from genetic testing is confidential |
7/1/1995 |
| The Telecommunications Act , 47 U.S.C. §222 | Imposes privacy protection on information held by telecommunications companies |
1996 |
| The Children’s’ Online Privacy Protection Act, 15 U.S.C. §6501 | Restricts collection of data from children under 13 over Internet |
2000 |
| O.C.G.A. §31-33-2, et seq. | Requires healthcare providers to provide copies of medical records to patients when requested |
7/1/2001 |
| Gramm-Leach-Bliley Act | Restricts disclosure of personally identifiable information by financial institutions (broadly defined) |
Privacy rules effective 7/1/2001; security rules FTC effective 5/23/2003; security rules for FDIC, Federal Reserve System, Etc. effective 7/1/2001 |
| Georgia – Title 10, Chapter 15 | Requires shredding, erasure, making unreadable or other reasonable action regarding medical information, customer accounts or identification numbers, account balances and the like |
7/1/03 |
| Health Insurance Portability & Accountability Act |
Privacy rules effective 4/14/2003; security rules effective 4/20/2005 |