Internet Service Providers [Minn. Stat. § 325M.01] Minnesota imposes confidentiality requirements on Internet service providers (“ISPs”) with respect to their subscribers. An ISP is required to maintain the confidentiality of its customers’ personally identifiable information. According to this Minnesota law, “personally identifiable information” means information that identifies: 1) a consumer by physical or electronic address or telephone number; 2) a consumer as having a requested or obtained specific materials or services from an ISP; 3) Internet or online sites visited by a consumer; or 4) any of the contents of a consumer’s data storage devices. A consumer who prevails in an action for a violation of this statute is entitled to $500 or actual damages, whichever amount is greater. [Minn. Stat. § 325M.07]. One of the problems under many data privacy laws is the ability to quantify and prove damages. Proposed amendments to this statute were introduced to the Minnesota Senate in May 2017. These amendments would broaden the definition of “personally identifiable information,” require express approval of the disclosure of such information, and mandate that telecommunications providers comply with Internet privacy requirements. The full text of the current version of the statute appears below. 325M.01 DEFINITIONS. Subdivision 1. Scope. The terms used in this chapter have the meanings given them in this section. Subd. 2. Consumer. “Consumer” means a person who agrees to pay a fee to an Internet service provider for access to the Internet for personal, family, or household purposes, and who does not resell access. Subd. 3. Internet service provider. “Internet service provider” means a business or person who provides consumers authenticated access to, or presence on, the Internet by means of
86
Made with FlippingBook - Online Brochure Maker