- E-Discovery Lesson For Slack UsersPosted 2 days ago
- Radical Changes in Privacy Regulation on the HorizonPosted 2 days ago
- New Joint Employer Rule “Qualified Positive” For EmployersPosted 3 days ago
- Alphabet CLO Resigns After InvestigationPosted 3 days ago
- Oklahoma Hires Perkins Coie In Gaming Dispute With TribesPosted 4 days ago
- Big Law Firms “Pay-To-Play” In OregonPosted 4 days ago
Scattershot Regulation of Biometrics
Executive Summary of an article written by
Paul Keller, Norton Rose Fulbright
The rapid embrace of biometrics creates significant concerns relating to protecting the privacy of individuals. Biometric technologies are in use in many industries — automotive, travel, security, health care, insurance, banking and other financial services — and across multiple industries in the field of workforce management. Uniformity of regulation is lacking in most states, however.
Illinois passed the Biometric Information Privacy Act (BIPA) in 2008. It sets requirements for private entities relating to retention, collection, disclosure and destruction of biometric information. BIPA grants a right of action to individuals harmed by a violation of the law. Multiple class actions have been filed, and companies have taken care to avoid potential liability. Google denied access to its Google Art & Culture mobile application to Illinois residents, and the smart home technology company Nest disables the facial recognition capability in its smart doorbell.
In 2009, Texas codified its law requiring notice of collection and consent by individuals before biometric identifiers can be captured and used for commercial purposes. Contrary to BIPA, no written consent is required for the collection of biometric data. Only the attorney general may bring action. The penalty for each violation is capped at $25,000. Washington passed its biometric privacy statute in 2017. The definition of biometric identifiers is broader than those used in the Illinois and Texas statutes. It carves out an exception to providing notice and obtaining consent for security purposes, including preventing shoplifting, fraud, misappropriation or theft.Read the full article at: