Minnesota Statutes 325M.04 – When Disclosure of Personal Information Permitted; Authorization
Subdivision 1.Conditions of disclosure.
An Internet service provider may disclose personally identifiable information concerning a consumer to:
Terms Used In Minnesota Statutes 325M.04
- Consumer: means a person who agrees to pay a fee to an Internet service provider for access to the Internet for personal, family, or household purposes, and who does not resell access. See Minnesota Statutes 325M.01
- Contract: A legal written agreement that becomes binding when signed.
- Internet service provider: means a business or person who provides consumers authenticated access to, or presence on, the Internet by means of a switched or dedicated telecommunications channel upon which the provider provides transit routing of Internet Protocol (IP) packets for and on behalf of the consumer. See Minnesota Statutes 325M.01
- Ordinary course of business: means debt-collection activities, order fulfillment, request processing, or the transfer of ownership. See Minnesota Statutes 325M.01
- Person: may extend and be applied to bodies politic and corporate, and to partnerships and other unincorporated associations. See Minnesota Statutes 645.44
- Personally identifiable information: means information that identifies:
(1) a consumer by physical or electronic address or telephone number;
(2) a consumer as having requested or obtained specific materials or services from an Internet service provider;
(3) Internet or online sites visited by a consumer; or
(4) any of the contents of a consumer's data-storage devices. See Minnesota Statutes 325M.01
- state: extends to and includes the District of Columbia and the several territories. See Minnesota Statutes 645.44
(1) any person if the disclosure is incident to the ordinary course of business of the Internet service provider;
(2) another Internet service provider for purposes of reporting or preventing violations of the published acceptable use policy or customer service agreement of the Internet service provider; except that the recipient may further disclose the personally identifiable information only as provided by this chapter;
(3) any person with the authorization of the consumer; or
(4) as provided by section 626A.27.
Subd. 2.Authorization.
The Internet service provider may obtain the consumer’s authorization of the disclosure of personally identifiable information in writing or by electronic means. The request for authorization must reasonably describe the types of persons to whom personally identifiable information may be disclosed and the anticipated uses of the information. In order for an authorization to be effective, a contract between an Internet service provider and the consumer must state either that the authorization will be obtained by an affirmative act of the consumer or that failure of the consumer to object after the request has been made constitutes authorization of disclosure. The provision in the contract must be conspicuous. Authorization may be obtained in a manner consistent with self-regulating guidelines issued by representatives of the Internet service provider or online industries, or in any other manner reasonably designed to comply with this subdivision.