Internet Privacy Law: A Comparison between the United States and the European Union
Computers & Security, Vol. 23, No. 5, pp. 400-412, July 2004
Posted: 26 Apr 2011
Date Written: April 26, 2011
The increasing use of personal information in Internet-based applications has created privacy concerns worldwide. This has led to awareness among policy makers in several countries of the desirability of harmonizing privacy laws. The greatest challenge to privacy legislation from an international perspective arises because, while the Internet is virtually borderless, legislative approaches differ from country to country.
This paper presents a functional comparison between current privacy law in the European Union (EU) and in the United States (U.S.), as such laws relate to regulation of websites and online service providers. In addition, similarities and differences between the 2002 EU Directive 2002/58/EC, Directive on Privacy and Electronic Communications, which has been adopted by the EU but not yet implemented, and the proposed U.S. Online Privacy Protection Act, are illuminated. Employing a qualitative approach, we use the Fair Information Practices to organize discussion of comparisons and contrasts between U.S. and EU privacy laws. Our investigation of this topic leads us to conclude that the right to privacy is more strictly protected in the EU than in the U.S. The Online Privacy Protection Act, recently introduced as a bill in Congress, has the potential to significantly affect commercial practices in the U.S. and move the U.S. towards current EU privacy protection laws. This analysis benefits managers as well as security professionals since the results can be used as guidelines in ensuring that an organization's website practices are consistent with requirements imposed by countries with which they exchange information. It also provides information that can guide organizations as they prepare for potential privacy legislation.
Suggested Citation: Suggested Citation