Category: Legislative Developments & Trends

NYC Introduces Bills to Limit Facial Recognition in Private Sector

Post author By Blank Rome LLP
Post date April 14, 2023

New York City Council (“Council”) members are expected to formally introduce two Local Laws on April 27, 2023, during the next Council meeting, seeking to regulate private-sector use of facial recognition (or similar surveillance technology) for identification or verification purposes.

The first bill would amend New York City’s administrative code to prohibit businesses and venues from using “biometric identifier information” (e.g., face scans) to identify or verify customers without first obtaining their written consent. These businesses and venues must also develop and make publicly available a retention-and-destruction policy, and must further comply with certain data protection, privacy, and security obligations. The proposal also includes a private right of action for civil damages up to $500 per negligent violation and up to $5,000 per intentional or reckless violation, as well as attorneys’ fees.

The second bill would ban owners of “multiple dwelling” properties (e.g., residential buildings) from installing, activating, or using “biometric recognition technology” to identify tenants or their guests. The legislation, if enacted, would be one of the first laws to place city-wide restrictions on the use of biometric recognition technology in the private sector.

Based on the introduction of these dual bills, companies in NYC that currently collect biometric data, or are considering doing so, are encouraged to contact experienced counsel to provide protective compliance measures—lest they become the target of civil litigation.

Tags facial recognition, New York, New York City, private sector

Legislative Developments & Trends

Congressional Hearing Update: “Privacy in the Age of Biometrics”

Post author By Blank Rome LLP
Post date July 26, 2022

Rachel Evans* |

On June 29, 2022, the Subcommittee on Investigations and Oversight for the House Committee on Science, Space, and Technology heard testimony from multiple experts about the expansion of biometric technology and the future of American privacy law. This hearing signals Congress’ intention to consider new legislation aimed at protecting privacy interests while simultaneously encouraging the expansion of biometric technologies.

Chairman Bill Foster (D-IL) opened the hearing with concerns that the broad impact of the U.S. Supreme Court’s Dobbs v. Jackson Women’s Health Organization decision would significantly weaken privacy protections, explaining that “[t]he timing of our discussion … is notable[.] [T]his makes protecting Americans biometric data more important than ever.” Congress’ focus will now “be on how technological solutions can secure our privacy while allowing us to enjoy the benefits of biometric tools.”

Tags federal agencies, machine learning

Biometric Privacy Legal Landscape Legislative Developments & Trends

California Legislature Introduces Expansive Biometric Privacy Law

Post author By Blank Rome LLP
Post date March 23, 2022

Amanda M. Noonan |

On February 17, 2022, the California Legislature introduced a biometric privacy law (SB 1189) similar to the Illinois Biometric Information Privacy Act (“BIPA”). SB 1189 would dramatically increase biometric privacy protection for California consumers, expand regulation among private business, and add to the flurry of biometric privacy class action litigation that has taken hold of U.S. courts.

Tags California, California Consumer Privacy Act, California Privacy Rights Act, CCPA, CPRA

Biometric Privacy Compliance Tips Case Law Developments Legislative Developments & Trends

Current BIPA Trends: Class Actions Targeting the Use of Voice Data

Post author By Blank Rome LLP
Post date November 4, 2021
No Comments on Current BIPA Trends: Class Actions Targeting the Use of Voice Data

David J. Oberly |

2021 has brought with it a sizeable expansion in the types of technology and companies that are now being targeted with bet-the-company Illinois Biometric Information Privacy Act (“BIPA”) class action lawsuits. The first major expansion involved the targeting of virtual try-on technology, a feature made even more popular during the COVID-19 pandemic, which, according to plaintiffs, utilizes facial recognition technology. More recently, a high volume of BIPA class action suits have been filed targeting the use of voice-powered technologies.

BIPA & Voice Data

BIPA regulates the collection, use, and storage of “biometric identifiers,” which includes—among other things—“voiceprints.” However, the term “voiceprint” is not defined in Illinois’ biometric privacy statute. “Voiceprint” is generally defined as a distinctive pattern of curved lines and whorls made by a machine that measures human vocal sounds for the purpose of identifying an individual speaker. It is this hallmark of identifying (or verifying the identity of) an individual that makes voice data a “voiceprint” under BIPA. In this respect, courts have noted that voice biometrics, also known as voiceprinting, is the use of biological characteristics—one’s voice—to verify an individual’s identity.

Thus, a critical distinction exists between general voice data, which is not covered by BIPA, and voiceprint, which fall under the scope of Illinois’ biometric privacy statute—with the important dividing line being the identifying quality of the biometric information. In a 2017 case, an Illinois federal court recognized this distinction, noting the difference between the mere capture of voice data and an actual “voiceprint.” In doing so, the court noted that if an entity simply captures a person’s voice without generating a voiceprint for the specific purpose of identifying ,or verifying the identity of, an individual, then there is no violation of BIPA.

Tags voice, voice data, voice-powered technologies, voiceprint, voiceprints