This page, Massachusetts law about internet and online privacy, is part of
This page, Massachusetts law about internet and online privacy, is offered by

Massachusetts law about internet and online privacy

A compilation of laws, regulations, cases, and web sources on internet and online privacy law.

Table of Contents

Massachusetts laws

MGL c.4 § 7 Definition of public record
MGL c. 66A Fair Information Practices Act
MGL c.214 § 1B Right to privacy
MGL c.214 § 3B Violations of chapter 66A; statute of limitations
MGL c.272 § 99 Interception of wire and oral communications

Massachusetts regulations

201 CMR 17 Standards for the protection of personal information of residents of the Commonwealth

801 CMR 3 Privacy and confidentiality

Federal laws

5 USC § 552a Privacy Act
15 USC §§ 6501-6506 Children's Online Privacy Protection Act
15 USC § 6801 Gramm-Leach-Bliley Act [Privacy Rule]
18 USC § 1030 Computer Fraud and Abuse Act
18 USC §§ 2510-2521 Wiretap Act
18 USC §§ 2701-2711 Electronic Communications Privacy Act

Federal regulations

16 CFR 312 Children's online privacy protection rule

16 CFR 313 Privacy of consumer financial information

Selected case law

Cell phone searches

See Mass. law about cell phone searches

Other topics

Ajemian v. Yahoo!, 478 Mass. 169 (2017)
The Stored Communications Act (SCA) does not prohibit Yahoo from disclosing the e-mails in a decedent’s account to the personal representatives of his estate. 

Commonwealth v. Gelfgatt, 468 Mass. 512 (2014). 
Criminal defendant can be compelled to disclose the encryption key to computer files.

In re Doubleclick, Inc., 154 F.Supp.2d 497 (2001). 
In class action suit brought by Internet users, court decided, among other rulings, that Electronic Communications Privacy Act's protections did not extend to corporation's "cookies."

Liberty Media Holdings, LLC v. Swarm Sharing Hash File, 821 F. Supp. 2d 444 (2011) 
Internet subscribers do not have a reasonable expectation of privacy in their subscriber information, including name, address, phone number, and email address, as they have already conveyed such information to their internet service providers (ISP).

United States v. Councilman, 418 F.3d 67 (1st Cir., 2005). 
The Wiretap Act, 18 USC 2511, applies to electronic communications held in storage.


Data Privacy and Security Division, Mass. Attorney General
The Data Privacy and Security Division protects consumers and their families from the rise of threats to the privacy and security of their data in the digital economy.

Electronic Privacy Information Center (EPIC)
1718 Connecticut Ave., NW, Suite 200
Washington, DC 20009
(202) 483-1140

A public interest research center in Washington DC. Its website includes resources and guides to federal legislation. Publishes the EPIC Alert, a newsletter concerning civil rights in the information age.

Federal Trade Commission's Privacy Initiative
600 Pennsylvania Avenue, NW
Washington, DC 20580
(202) 326-2222

The website offers copies of the FTC's Online Privacy Reports to Congress and information regarding identity theft.

Web sources

Complying with COPPA: frequently asked questions: A guide for businesses, parents and small entities. Federal Trade Commission, July 2020 (Children’s Online Privacy Protection Act).
Includes general information, parents' rights, schools, and more

OnGuard online
Practical information to help you be on guard against Internet fraud, secure your computer, and protect your personal information

Online privacy consumer guides, Privacy Rights Clearinghouse: Includes:

  • Smartphone Privacy
  • Online Harassment & Cyberstalking
  • Online Privacy: Using the Internet Safely
  • Online Shopping Tips
  • Social Networking Privacy: How to be Safe, Secure and Social
  • Securing Your Computer to Maintain Your Privacy
  • Mobile Health and Fitness Apps: What Are the Privacy Risks?
  • Online Harassment & Cyberstalking
  • Anti-Spam Resources

Privacy issues, Electronic privacy information center. Provides information on nearly 100 privacy topics, including:

  • Diplomatic communications
  • Donor privacy
  • Face recognition
  • Facebook
  • Protester privacy
  • Purchase tracking
  • Right to be forgotten
  • Search engine privacy
  • Social media monitoring

Print sources

Computer law: a guide to cyberlaw and data privacy, Matthew Bender, chapters 63, 64, 66.

Internet law and practice, Thomson/West, loose-leaf, chapter 19.

Principles of the law, data privacy, ALI, 2020



Within Massachusetts only

Within Massachusetts only


Reference librarians online Chat with a law librarian 
Reference librarians via email


Administrative office (no law library at this location)
2 Center Plaza
9th Floor
Boston, MA 02108
Last updated: June 30, 2021