Security Experts:

Connect with us

Hi, what are you looking for?



Federal Judge Upholds Maine’s Strict Internet Privacy Law

A federal judge on Tuesday rejected a challenge by internet service providers and upheld Maine’s “opt-in” web privacy law, one of the strictest in the nation.

A federal judge on Tuesday rejected a challenge by internet service providers and upheld Maine’s “opt-in” web privacy law, one of the strictest in the nation.

Judge Lance Walker said four industry associations that sued failed to demonstrate that the law violates the First Amendment. He also rejected the contention that the law conflicts with existing federal law.

“While there will be more litigation, this initial ruling is a huge victory for Maine consumers and for our state’s efforts to take appropriate measures to protect their privacy,” Maine Attorney General Aaron Frey said in a statement.

The law prohibits internet service providers from using, disclosing, selling or granting access to a customer’s personal information unless a customer gives the provider permission to do so. It also requires providers to take reasonable measures to protect customers’ personal information.

Maine Gov. Janet Mills called it a “common-sense law” when she signed the bill last year.

“Maine people can access the internet with the knowledge and comfort that their personal information cannot be bought or sold … without their express approval,” she had said.

The law, which went into effect on July 1, was sponsored by Sen. Shenna Bellows, D-Manchester, who sought to reinstate rules implemented by President Barack Obama’s administration. Those rules were later repealed by a Republican-led Congress under Republican President Donald Trump.

California has a similar law, but requires consumers to “opt out” to prevent personal information from being sold.

The plaintiffs said when they sued that “protecting consumer privacy is a vital national goal,” but that Maine’s attempt to protect privacy had “serious substantive flaws.”

Walker disagreed and used some colorful language in his ruling, noting that one of the arguments was “an attempt to create a conflict where none exists.” He also called the First Amendment claim, which suggested the law should be reviewed with strict scrutiny since involved potential speaker- and content-based limitations, a “shoot-the-moon argument.”

“Like Harold with a purple crayon, plaintiffs have drawn themselves a steep mountain to climb by filing for judgment on the pleadings,” he wrote about the First Amendment claim, referring to the 1955 children’s book.

Related: Unique Illinois Privacy Law Leads to $550M Facebook Deal

Related: With No Unifying U.S. Federal Privacy Law, States Are Implementing Their Own

Related: State vs. Federal Privacy Laws: The Battle for Consumer Data Protection

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.


Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.