Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Federal Judge Upholds Maine’s Strict Internet Privacy Law

A federal judge on Tuesday rejected a challenge by internet service providers and upheld Maine’s “opt-in” web privacy law, one of the strictest in the nation.

A federal judge on Tuesday rejected a challenge by internet service providers and upheld Maine’s “opt-in” web privacy law, one of the strictest in the nation.

Judge Lance Walker said four industry associations that sued failed to demonstrate that the law violates the First Amendment. He also rejected the contention that the law conflicts with existing federal law.

“While there will be more litigation, this initial ruling is a huge victory for Maine consumers and for our state’s efforts to take appropriate measures to protect their privacy,” Maine Attorney General Aaron Frey said in a statement.

The law prohibits internet service providers from using, disclosing, selling or granting access to a customer’s personal information unless a customer gives the provider permission to do so. It also requires providers to take reasonable measures to protect customers’ personal information.

Maine Gov. Janet Mills called it a “common-sense law” when she signed the bill last year.

“Maine people can access the internet with the knowledge and comfort that their personal information cannot be bought or sold … without their express approval,” she had said.

The law, which went into effect on July 1, was sponsored by Sen. Shenna Bellows, D-Manchester, who sought to reinstate rules implemented by President Barack Obama’s administration. Those rules were later repealed by a Republican-led Congress under Republican President Donald Trump.

California has a similar law, but requires consumers to “opt out” to prevent personal information from being sold.

Advertisement. Scroll to continue reading.

The plaintiffs said when they sued that “protecting consumer privacy is a vital national goal,” but that Maine’s attempt to protect privacy had “serious substantive flaws.”

Walker disagreed and used some colorful language in his ruling, noting that one of the arguments was “an attempt to create a conflict where none exists.” He also called the First Amendment claim, which suggested the law should be reviewed with strict scrutiny since involved potential speaker- and content-based limitations, a “shoot-the-moon argument.”

“Like Harold with a purple crayon, plaintiffs have drawn themselves a steep mountain to climb by filing for judgment on the pleadings,” he wrote about the First Amendment claim, referring to the 1955 children’s book.

Related: Unique Illinois Privacy Law Leads to $550M Facebook Deal

Related: With No Unifying U.S. Federal Privacy Law, States Are Implementing Their Own

Related: State vs. Federal Privacy Laws: The Battle for Consumer Data Protection

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.