Massachusetts law about internet and online privacy

A compilation of laws, regulations, cases, and web sources on internet and online privacy law.

If you are unable to find the information you are looking for, or if you have a specific question, please contact our law librarians for assistance.

Table of Contents

Massachusetts laws

MGL c.4, § 7 Definition of public record
MGL c. 66A Fair Information Practices Act
MGL c.214, § 1B Right to privacy
MGL c.214, § 3B Violations of chapter 66A; statute of limitations
MGL c.272, § 99 Interception of wire and oral communications

Massachusetts regulations

201 CMR 17 Standards for the protection of personal information of residents of the Commonwealth

801 CMR 3 Privacy and confidentiality

Federal laws

5 USC § 552a Privacy Act
15 USC §§ 6501-6506 Children's Online Privacy Protection Act
15 USC § 6801 Gramm-Leach-Bliley Act [Privacy Rule]
18 USC § 1030 Computer Fraud and Abuse Act
18 USC §§ 2510-2521 Wiretap Act
18 USC §§ 2701-2711 Electronic Communications Privacy Act

Federal regulations

16 CFR 312 Children's online privacy protection rule

16 CFR 313 Privacy of consumer financial information

Selected case law

Cell phone searches

See Mass. law about cell phone searches

Other topics

Ajemian v. Yahoo!, 478 Mass. 169 (2017)
The Stored Communications Act (SCA) does not prohibit Yahoo from disclosing the e-mails in a decedent’s account to the personal representatives of his estate. 

Commonwealth v. Carrasquillo, 489 Mass. 107 (2022)
A defendant did not have a constitutionally protected expectation of privacy in social media content that he shared after accepting a friend request from an undercover police officer.

Commonwealth v. Gelfgatt, 468 Mass. 512 (2014)
Criminal defendant can be compelled to disclose the encryption key to computer files.

In re Doubleclick, Inc., 154 F.Supp.2d 497 (2001)
In class action suit brought by Internet users, court decided, among other rulings, that Electronic Communications Privacy Act's protections did not extend to corporation's "cookies."

Liberty Media Holdings, LLC v. Swarm Sharing Hash File, 821 F. Supp. 2d 444 (2011) 
Internet subscribers do not have a reasonable expectation of privacy in their subscriber information as they have already shared that information with their internet service provider (ISP).

United States v. Councilman, 418 F.3d 67 (1st Cir., 2005)
The Wiretap Act, 18 USC 2511, applies to electronic communications held in storage.

United States v. Morel, 922 F.3d 1 (1st Cir., 2019)
Defendant did not have a reasonable expectation of privacy in his IP address or images he uploaded to an online image hosting website.


Data Privacy and Security Division, Mass. Attorney General.
The Data Privacy and Security Division protects consumers and their families from threats to the privacy and security of their data in the digital economy.

Electronic Privacy Information Center (EPIC)
1718 Connecticut Ave., NW, Suite 200
Washington, DC 20009
(202) 483-1140

A public interest research center in Washington DC. Its website includes resources and guides to federal legislation. Publishes the EPIC Alert, a newsletter concerning civil rights in the information age.

Federal Trade Commission's Privacy Initiative
600 Pennsylvania Avenue, NW
Washington, DC 20580
(202) 326-2222

The website offers copies of the FTC's Online Privacy Reports to Congress and information regarding identity theft.

Web sources

AG Healey joins nationwide settlement with Google over location tracking practices, Office of the Attorney General, November 14, 2022.
A coalition of 40 attorneys general in reached a $391.5 million settlement with Google for misleading consumers about its location tracking practices. The settlement also requires Google to be more transparent with consumers about its tracking practices.

Complying with COPPA: frequently asked questions: A guide for businesses, parents and small entities. Federal Trade Commission, July 2020 (Children’s Online Privacy Protection Act).

OnGuard online
Practical information to avoid Internet fraud, secure your computer, and protect your personal information

Online privacy consumer guides, Privacy Rights Clearinghouse.
Helpful guides on safe internet practices. Topics include smartphone privacy, online harassment, and computer security.

Privacy issues, Electronic Privacy Information Center. Provides information on nearly 100 privacy topics, including:

  • Face recognition
  • Facebook
  • Protester privacy
  • Purchase tracking
  • Right to be forgotten
  • Search engine privacy
  • Social media monitoring

Print sources

Computer law: a guide to cyberlaw and data privacy, Matthew Bender, chapters 63, 64, 66.

Global internet law in a nutshell, West Academic, 2021, chapter 7.

Internet law and practice, Thomson/West, loose-leaf, chapter 19.

Principles of the law, data privacy, ALI, 2020.


Last updated: November 16, 2022

Help Us Improve with your feedback