What are some of the laws regarding internet and data security?

Written by a NortonLifeLock employee


Numerous laws in the U.S. cover Internet, data security, and privacy in the United States, with the 1974 Privacy Act arguably being the foundation for it all. The Privacy Act passed to establish control over the collection, maintenance, use, and dissemination of personal information by agencies in the executive branch of the U.S. government.

Safety for every device.

Security is no longer a one-machine affair. You need a security suite that helps protect all your devices – your Windows PC, Mac, Android smartphone or your iPad.

Try for 30 days before you buy with Norton Security Deluxe – helps protect up to 5 of your devices for one low price.

The invention of the Internet changed the definition of privacy, and made it necessary to enact new laws concerning electronic communications and security.

Let’s review some of the laws currently in place to provide a more solid idea of your rights as a consumer or businessperson:

Electronic Communications Privacy Act (ECPA)

The Electronic Communications Privacy Act was passed in 1986, and while technology has changed significantly since then, the act has remained the same. The law allows the U.S. government to access digital communications such as email, social media messages, information on public cloud databases, and more with a subpoena. No warrant is required if the items in question are 180 days old or older. Companies supply the government with information; for example in the latter half of 2012, Google reported that the government made 18,000 requests for information.

The ECPA also dictates when the government is allowed access to GPS tracking via cellphones.

Computer Fraud And Abuse Act (CFAA)

The Computer Fraud And Abuse Act makes it a crime to access and subsequently share protected information. The act was passed in the late 1980s and revised about a decade later. Reformers say the act is far too restrictive.

Cyber Intelligence Sharing And Protection Act (CISPA)

Legislation regarding this act was originally introduced in 2011. It passed in the House of Representatives but not the Senate in 2013, and was reintroduced in 2015. The act is an amendment to the National Security Act of 1947, which does not cover cyber crime.

A basic definition of this act is that it concerns how to share information on potential cyber threats with the federal government. The act has received substantial opposition, with opponents such as the Electronic Frontier Foundation concerned about “inadequate privacy protections” considering broad cyberthreat definitions. It will very likely continue to be a point of debate in Congress for some time.

Children’s Online Privacy Protection Act (COPPA)

The Children’s Online Privacy Protection Act was amended in 2012, with changes officially implemented in 2013. It requires websites that collect information on children under the age of 13 to comply with the Federal Trade Commission (FTC). The act originally passed in 2000 and was the “first U.S. privacy law written for the Internet.” The FTC determines whether a website is geared towards children by reviewing its language, content, advertising, graphics and features, and intended audience.

The law also affects general interest sites looking to collect information from children, whether the site’s operators mean to do so or not. For example, if a site operator invites browsers to submit their names and email addresses and collects other personal information via cookies, the operator might have information on visitors under the age of 13.

Wrapping Up

These and other data/Internet security laws are frequently hot topics among those who call for “Internet freedom.” There are also laws regarding the sharing of information on an international scale, such as the Trans Pacific-Partnership Agreement (TPP). This agreement involves nine countries along the Pacific Rim, including Peru, Chile, and the U.S. The U.S. Trade Office touts agreement benefits, particularly those relating to trade agreements, however opponents are concerned about its effects on digital copyrights both in the U.S. and abroad.

Familiarization with data security laws is a good idea whether you’re an individual consumer looking to go shopping online, a business collecting personal customer information, or someone who otherwise has anything else to do with the Internet.

To learn more about privacy and how it affects us, be sure to check out our new documentary “The Most Dangerous Town On The Internet- Episode 2: Where Cybercrime Goes To Hide” now!

Isn't it time to upgrade your security?

Upgrading to new devices and software can often mean downgrading your privacy and security. It’s time to take your security seriously. Download the full version of Norton Security Deluxe free for 30 days, and test-drive it on up to 5 of your devices – PCs, Macs, smartphones or tablets.

Create an account today and be up and running in minutes.

Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2023 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.