Some Facebook users have filed suit in a California state court claiming that Facebook violates state privacy laws. Since at least 2005, California has been on the cutting edge for protecting consumer data online. From an Internet law standpoint, state laws create a mass of confusion that really should be trumped by federal law. Why should a website owner based in New York, for example, be required to keep up to date on online privacy laws in 49 other states? That’s about as ridiculous as making the site owner collect state and local taxes wherever a purchaser happens to be located and remit it to the taxing authority.
Although ripe for federal preemption because of interstate commerce issues, be careful what you wish for. The power to legislate is the power to control those legislated. If you’re doing business in an Internet-friendly state like Texas, you may not be too happy with what Congress passes as an omnibus Internet privacy law…plus the regulations to go with it. Expect at a minimum a requirement that data collection occur only after afbusinessative opt-in to the collection process by site visitors, users, and clients. In other words, informed consent.
As for the particular Facebook suit, regardless of the outcome, expect user privacy protections to increase so that Facebook can continue to do business in other countries that are even more protective of privacy rights than the United States.