Back More
Salem Press

Table of Contents

Privacy Rights in the Digital Age

Model legislation on privacy

by J. Lyn Entrikin

Various proposed state statutes designed to protect the right to privacy by providing a statutory remedy in the form of money damages, criminal penalties, or both.

In most states, the civil right of privacy has evolved as a matter of common law developed by the state courts on a case-by-case basis. In a few states, legislatures have enacted statutes providing individuals with a civil claim against others for violating the right to privacy. The earliest of these states was New York, which enacted a statute in 1903 recognizing a civil claim for invasion of privacy. The New York statute also specifies that a violation of the statute is a criminal misdemeanor. The statute was enacted in direct response to widespread public criticism of a 1902 decision of the New York Court of Appeals that refused to recognize a right of privacy under the state's common law (Roberson v. Rochester Folding Box, 643 N.E. 442 (NY, 1902)).

Since the early twentieth century, the development of the right of privacy under state common law has been slow and uneven. In states that protect privacy rights by statute, the laws vary significantly with regard to the scope and nature of the right. New York's statute, for example, limits the right of privacy to situations in which a person's name or photograph is used without that person's consent for someone else's benefit. Other state statutes are much broader. Some extend civil remedies for violations of the right of privacy even after the death of the person whose rights are violated. Other states, like California, have enacted privacy statutes that limit certain claims for invasion of privacy while still allowing state courts to develop and expand the right of privacy by common law. The result is a patchwork of statutes and common law that provide substantially different privacy rights from state to state.

Generally, proposals for model legislation on privacy rights seek to make state laws more uniform and standardized. A state legislature may decide to enact model legislation as proposed, it may tailor the model statute by amending it to better suit the policy goals of the legislature, or it can make the law easier to interpret and enforce. Even if a state legislature decides to amend the model legislation in some ways, the result is more likely to be similar to the statutes of other states that have enacted the same model statute. In this way, model legislation is designed to make the laws of various states more uniform and predictable.

The National Conference of Commissioners on Uniform State Laws, more commonly known as the Uniform Law Commission, is a nonprofit organization established in 1892 to develop well-drafted, well-considered model statutes to help clarify critical issues of state law. Its members include lawyers, judges, legislators, legislative staff, and law professors who represent all fifty states, the District of Columbia, and the U.S. territories. The commissioners conduct research and draft model laws to address particular issues of state law for which uniformity is considered desirable and practical. For example, the commission is currently working on drafting uniform laws to protect student online privacy, social media privacy, and employee online privacy.

Another leading organization of legal scholars and judges is the American Law Institute (ALI), formed in 1923 to address the complexity of common law among the states and the absence of agreement from state to state on basic common law principles. The institute was formed in recognition of the fact that the complexity of U.S. law is due primarily to the widely varied ways that state courts address issues of state common law. ALI publishes printed sets known as Restatements that propose specific developments in state common law addressing important legal subjects.

Because the ALI is so highly respected, many state courts consult the Restatements when considering matters of novel state law that state legislatures have not yet resolved. If a state appellate court decides to follow a Restatement provision, it becomes part of the state's common law that other courts in that state will follow when deciding issues involving privacy rights. ALI is currently engaged in a major project drafting Principles of the Law of Data Privacy. The project's goal is to provide a legal framework to govern data privacy and to clarify the legal obligations and best practices for organizations that deal with personal information and data.

One area of recent state legislative activity involves student rights to data privacy. Various nonprofit organizations have proposed model state legislation to address these matters. For example, in 2014, the Electronic Privacy Information Center (EPIC), an independent nonprofit research organization, called for a Student Privacy Bill of Rights for the purpose of ensuring that students have more control over how educational institutions and businesses use their personal information. Similarly, the American Legislative Exchange Council (ALEC) and the Foundation for Excellence in Education have proposed a model Student Data Accessibility, Transparency, and Accountability Act to regulate the collection, use, and distribution of personally identifiable student data. These and other legislative proposals include measures for holding organizations accountable to students for the collection and use of their personal information.

In response to various advocacy efforts, the 2014 California legislature enacted the Student Online Personal Information Protection Act, which takes effect on January 1, 2016. The California statute protects the privacy of elementary and secondary students by prohibiting operators of Internet websites, online services, or mobile or online applications from knowingly using personally identifiable information for the purpose of targeting advertising to students or to their parents. The statute also prohibits these operators from selling or sharing student information for prohibited purposes. Operators of online services must protect student information from unauthorized use or disclosure. In addition, upon request by a school or school district, a business is required to delete student information that is within the school's control. On the other hand, the act permits operators to disclose student information for limited purposes, including other provisions of federal or state law that require the disclosure of personally identifiable student information.

Other state legislatures have followed California's lead by introducing and enacting similar statutes, modified to be consistent with their own policy goals. According to a report by the Data Quality Campaign, a nonprofit national organization, fifteen states passed a total of twenty-eight new student data privacy laws in 2015 alone. Given the dramatic innovations in educational technology, these model state laws are designed to strengthen student rights to allow students to control the use of their private information.

The president of the United States has proposed legislation in Congress to regulate the collection, storage, management, and use of personal data. The stated purpose of the Consumer Privacy Bill of Rights Act of 2015 is to “ensure that individuals continue to enjoy meaningful privacy protections while affording ample flexibility for technologies and business models to evolve.” If enacted, the proposed bill would generally preempt any state or local statutes that impose requirements on persons and entities covered by the act regarding the processing of personal data. However, the bill would not preempt state laws designed to protect the privacy of minors or elementary and secondary school students.

Further Reading

1 

The American Law Institute. Creation. https://www.ali.org/about-ali/creation/.

2 

Data Quality Campaign. Student Data Privacy Legislation: What Happened in 2015, and What Is Next? 2015. http://dataqualitycampaign.org/wp-content/uploads/2015/09/DQC-Student-Data-Laws-2015-Sept23.pdf.

3 

Foundation for Excellence in Education. Building a Trusted Environment: A Snapshot of State Laws on Student Data Use, Privacy and Security. May 2015.

4 

Foundation for Excellence in Education. Student Data Accessibility, Transparency, and Accountability Act: Model Legislation. http://static.excelined.org/wp-content/uploads/Student-Data-Privacy-Accessibility-and-Transparency-Act-Model-Legislation-03.2015.pdf.

5 

Uniform Law Commission. “About the ULC.” http://www.uniformlaws.org/Narrative.aspx?title=About%20the%20ULC.

6 

The White House. Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Economy. February 2012. https://www.whitehouse.gov/sites/default/files/privacy-final.pdf

See also: Educational setting, privacy in an; The Right to Privacy

Citation Types

MLA 9th
Entrikin, J. Lyn. "Model Legislation On Privacy." Privacy Rights in the Digital Age, edited by Christopher T. Anglim & JD, Salem Press, 2016. Salem Online, online.salempress.com/articleDetails.do?articleName=PRDA_0145.
APA 7th
Entrikin, J. L. (2016). Model legislation on privacy. In C. Anglim & JD (Ed.), Privacy Rights in the Digital Age. Salem Press. online.salempress.com.
CMOS 17th
Entrikin, J. Lyn. "Model Legislation On Privacy." Edited by Christopher T. Anglim & JD. Privacy Rights in the Digital Age. Hackensack: Salem Press, 2016. Accessed May 30, 2026. online.salempress.com.