A trade group for the adult entertainment industry will appear at the Supreme Court on Wednesday in its challenge to a Texas law that requires pornography sites to verify the age of their users before providing access – for example, by requiring a government-issued identification. The law applies to any website whose content is one-third or more “harmful to minors” – a definition that the challengers say would include most sexually suggestive content, from nude modeling to romance novels and R-rated movies.
I am curious if anyone with some legal knowledge can weigh in. My messy google search only pointed to one federal law, the FTC act, that would allow the FTC to intervene if a website breaks its own privacy policy. Otherwise US privacy laws are industry specific. (E.g. there is a set of laws for healthcare related data, HIPAA. There are other ones for some financial institutions.) So on a federal level they would have the FTC to worry about, maybe.
What complicates this is that multiple states have their own data privacy laws, and I don’t know what a company based in one state with data from users in other states has to do.
Bingo. You need a contract that says your membership/username is included in the privacy policy. Barring that they’re free to release membership rolls as they please they just can’t release protected information.
It’s why multiple emails, VPN and phony personas are so prevalent these days.