FREE CONSULTATION • CALL US 24 / 7 212-994-7777

Privacy Law

How is a Person's Right to Privacy Protected?

The right to privacy can be defined as an individual's right to be free from public intrusion as well as the right to be left alone. Although it is never explicitly mentioned within the text, the right to privacy is a concept that is deeply ingrained in several amendments to the U.S. Constitution. It was developed through a number of important Supreme Court cases.

Today, however, the majority of privacy protections stem from various federal and state privacy statutes. Also, if a particular statute does not mention a private right of action, an individual may be able to sue for invasion of privacy based on one of four distinct causes of action grounded in tort law.

In addition, as technology advances, so does the need for privacy protections. Many countries have attempted to satisfy this need by creating legislation that spans the entire globe. Accordingly, some individualized privacy rights also come from international laws or policies.

Finally, unlike the rest of the world, the U.S. has yet to enact a federal privacy law. As a result, many states have had to fill this gap by not only enacting state statutes that offer privacy protections for individuals, but were also forced to implement many overlapping laws as well (e.g., data protections, cybersecurity regulations, etc.).

Thus, if you believe your privacy rights have been violated, there are a number of different privacy laws that may apply to your case. To learn more about your legal rights under those laws, you should contact a local lawyer who has experience in handling privacy matters.

When Can a Person's Privacy Rights be Violated?

In general, the right to privacy was borne out of a need to protect citizens from government overreach.

For example, the Fourth Amendment to the U.S. Constitution provides protection against unreasonable searches of a person's property, body, personal belongings, or other areas that they would reasonably expect to keep private from law enforcement officials. This is why the police almost always need a valid warrant to legally perform a search of a person's home.

A person is deemed to have the most privacy rights when they are at home or while they are situated on their own property. These rights begin to dwindle as a person moves from their home into more public spaces or situations that require lesser protections.

Depending on the law that applies to a case, a person may experience a violation of privacy when a government actor interferes with their constitutional rights, or when a private individual commits an act that constitutes an invasion of privacy.

Some examples of privacy violations include the following:

A federal agency may infringe on an individual's right to privacy when they disclose certain personal records from a government database without obtaining consent first;

When law enforcement conducts an unlawful seizure or search (e.g., warrantless search or seizure where no exceptions apply);

Websites that collect data on minors who are thirteen years old or younger are in violation of a specific privacy law known as the Children's Online Privacy Protection Act (“COPPA”); and

An individual may be sued for invading a person's right to privacy when they intrude upon a person's private affairs in a manner that would be highly offensive to a reasonable person (e.g., attempting to spy through a closed curtain, climbing a tree to take photos of a person sleeping in their bedroom, installing cameras in a private restroom, etc.).

In addition, some states like California make it a crime for a person to illegally invade a person's right to privacy. For instance, a person may be charged with criminal invasion of privacy in California if they secretly record or take photos of a person changing clothes in a secluded room (e.g., a dressing or fitting room).

It should be noted, however, that there is no private right of action for the victim in the above scenario. In other words, only a prosecutor can file charges under this statute.

A defendant who is in violation of privacy charges like this one may receive a harsher punishment, such as having to pay up to $2,000 in fines (as opposed to only $1,000 for a first-time offense), and receiving a jail sentence of up to one full year (as opposed to the standard imprisonment of 6 months in jail).

What Laws Protect a Person's Right to Privacy?

Aside from various constitutional amendments, there are numerous federal and state statutes that aim to protect a person's right to privacy. For instance, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), is a federal law that governs how and when health care providers or insurance companies can share and store an individual's medical information.

This protection is especially crucial now that electronic items such as Fitbit and Apple's Health app exist and allow users to share their information with providers.

In addition, some of the most important state laws concern the four legal actions listed under the primary tort of invasion of privacy. Although the requirements may differ depending on the state, they generally allow a private individual to sue another when:

  • A person intrudes on their private affairs (i.e., intrusion upon seclusion);
  • Someone publicly discloses private facts about them to a third party (i.e., public disclosure of private facts);
  • A person publishes sensitive information about them that places them in a “false” or misleading light; and
  • Another person uses their identity (e.g., name or likeness) for personal gain.

More recently, the state of California passed a law known as the California Privacy Rights Act (“CPRA”), which strengthened and expanded a state law that was enacted the year prior, the California Consumer Privacy Act (“CCPA”). These two laws combined are arguably the strongest privacy regulations in the country and may have long lasting effects that shape the future of privacy legislation in the U.S.

Shared Privacy Law Information

Privacy, and the protection of individual privacy, is a right that has long been tied into our Fourth Amendment rights: those which protect us against unreasonable search and seizure. However, with the advent of modern communications technology, this right to privacy has become increasingly difficult to define and defend. Cell phones, the internet, e-mail—all of these new mediums have made it difficult to distinguish between “public” and “private” space, and the establishment of the Electronic Communications Privacy Act has only just begun to define those boundaries. It is from this confusion that shared privacy has been created.

What is “shared privacy?”

“Shared privacy” is a term that is used to describe private information that is not exclusive information. For example, the private e-mails between a husband and his lover that are sent on a family computer, or a private IM log that is saved on a public library terminal. Here, the boundaries of privacy are blurred. While the information itself is “private” information—information that would normally be protected under the Privacy Act—the fact that it is present in a shared location (public computer, family cell phone, etc.) makes it private information that belongs to more than one person. The privacy is “shared.”

Shared Privacy and “Fault” Divorces

One of the points where shared privacy becomes problematic is when the people who share it are in conflict with one another. In the case of divorce, the boundaries of shared privacy are often stretched to their limits.

At this time, there is no law in place to decide the boundaries between shared and un-shared privacy in a marriage. And in a “fault” divorce, where one party is trying to gain an upper hand, it is difficult to determine which text messages, voicemails, e-mails, and other types of electronic evidence can actually be used in court.

How do I know what qualifies as “shared” information in my marriage?

As a general rule, shared privacy items are those which both partners have access to on a normal basis. The information in shared e-mail accounts, shared cell phones, and family computers would all, for example, be likely to qualify as “shared privacy” sources. But even normally-private information might be admissible if a spouse shared his password—even once—with his or her partner.

Think of it this way: if it is necessary to “break in” to an account or device in order to obtain information, then that information will almost always be suppressed (it will be unusable in court).

If you have information that you want to keep private from your spouse, make sure that it is password-protected and keep your password to yourself. And remember which territory is exclusively yours. If you are driving a vehicle owned by your spouse, for example, it is mostly legal for them to bug or track it. While most cases aren't that extreme, it is wise to be aware of your personal boundaries—especially if you sense an impending divorce.

What Are Some Legal Consequences for Violation of Privacy?

The legal consequences for privacy violations can vary widely from case to case. For example, under Section 3 of the federal Privacy Act of 1974, the penalty for violation of privacy in a criminal matter may lead to fines of up to $5,000 for willfully and knowingly gaining access or requesting a record concerning a certain individual based on false pretenses.

In contrast, the penalty for violation of privacy in a civil matter under the Act may result in an actual damages award, attorney fees and other litigation costs, an order to amend or correct the plaintiff's records, and an order to grant the plaintiff's request to access their personal records.

Again, legal penalties for violation or invasion of privacy are largely based on the type of legal action that was filed as well as the applicable laws. Some other potential consequences may include compensating a plaintiff for losses incurred by a violation, having to amend various security policies or settings (especially in a public place of employment, such as a public school), and/or complying with an injunction issued by the court.

Lastly, some legal consequences may overlap with penalties that stem from other areas of law. This is especially true in cases that involve privacy and constitutional rights. For example, under the Fourth Amendment, a defendant in a criminal case may be able to get certain evidence against them dismissed if it was obtained illegally through an unlawful search or seizure.

To learn more about the legal consequences for violations or invasions of privacy, an individual should consult a local privacy attorney as soon as possible.

What Protections Does the Privacy Act Offer?

The purpose of the Privacy Act is to ensure that an individual's private records are not used by the federal government to collect information for which it has no legal use for.  In other words, a federal agency such as the F.B.I. is not privileged to know every aspect of an individual citizen's life, but rather only is entitled to information that the F.B.I. needs to carry out its proper and legal function.

What Kind of Records Are Protected under this Act?

A record, as defined under this act means any information collected by a government agency that can include education, medical history, financial transactions, previous employment or criminal acts, or any information that contains identifying numbers, symbols, or any other item that can be used identify the individual.

When Can a Government Agency Use an Individual`s Record under this Act?

Generally, the information in an individual's private records cannot be disclosed to a federal agency unless the individual has given written consent to enable the agency to see that information.  There are some exceptions to this rule: 

  • Essential to the function of an agency: For example, the Social Security Administration's knowledge of every citizen's social security number
  • For law enforcement purposes: An agency generally does not need to ask the individual to use this information, though they may need some form of legal process like a warrant to obtain that information (depending on what kind of information it is)
  • Protect the health and safety of an individual: May use that information without prior consent from the individual

What Is the Financial Privacy Act (FPA)?

The FPA is the centerpiece of federal statutory efforts to protect individual privacy. The FPA protects customer records maintained by certain financial institutions from improper disclosure to officials or agencies of the federal government without notifying the customer. There is a "waiting period,” during which the customer may challenge and prevent disclosure through legal action.

Does the FPA Protect my Records from Disclosure to State and Local Authorities?

The FPA covers only disclosure to the federal government, not disclosure to state or local government or to private parties. In addition, FPA coverage is limited to specified financial institutions and specified customers.

Note that the FPA requires the government to give covered financial institutions a certificate of compliance with the statute before they release customer records. If the institution relies on this certificate in good faith in disclosing the records, the statute will ordinarily preclude civil liability for that disclosure.

What Are the Coverage Limitations of the FPA?

The coverage of the Financial Privacy Act is limited in 3 ways:

  1. It applies only to requests or orders for information by certain federal "government authorities."
  2. The statute covers only certain specified classes of financial institutions.
  3. Only individuals and small partnerships are defined as customers whose records are protected by the Financial Privacy Act.

Are Financial Institutions Liable for Wrongful Disclosure of My Records?

Any agency or department of the United States, and any financial institution obtaining or disclosing financial records or information in violation of the statute is liable to the customer to whom the records relate for civil penalties. The customer, however, must bring the action in an appropriate United States district court within three years from the date on which the violation occurs, or the date of discovery of that violation, whichever is later.

Do I Need an Attorney if I Believe my Privacy Rights Have Been Violated?

Although many privacy rights are already rooted in the U.S. constitution and decades of case law, privacy is still a growing area of law due to technological innovation. As technology continues to advance, the need for stronger individual privacy protections is more than apparent and the only way to keep up is to constantly amend existing regulations.

Thus, for now and until the U.S. implements a better legal framework, it may be in your best interest to consult a local government lawyer for further advice if you believe your privacy rights have been violated. A lawyer who has experience in handling privacy matters will be able to review the facts of your case and can determine whether you have a viable claim. If so, your lawyer will also be able to assist you in preparing an argument and filing the necessary legal documents.

Additionally, your lawyer can explain what rights you have under the most current privacy regulations, can discuss alternative options for legal recourse, and can assess your chances of collecting damages based on any harms you suffered. Your lawyer can also provide representation in court and can help make sure that you receive the fairest outcome based on the circumstances.

Call our office today at 212-994-7777 or complete the convenient online contact form to set up a consultation.