Categories
Legislative Developments & Trends

Congressional Hearing Update: “Privacy in the Age of Biometrics”

Rachel Evans* |

On June 29, 2022, the Subcommittee on Investigations and Oversight for the House Committee on Science, Space, and Technology heard testimony from multiple experts about the expansion of biometric technology and the future of American privacy law. This hearing signals Congress’ intention to consider new legislation aimed at protecting privacy interests while simultaneously encouraging the expansion of biometric technologies.

Chairman Bill Foster (D-IL) opened the hearing with concerns that the broad impact of the U.S. Supreme Court’s Dobbs v. Jackson Women’s Health Organization decision would significantly weaken privacy protections, explaining that “[t]he timing of our discussion … is notable[.] [T]his makes protecting Americans biometric data more important than ever.” Congress’ focus will now “be on how technological solutions can secure our privacy while allowing us to enjoy the benefits of biometric tools.”

Categories
Biometric Privacy Legal Landscape Legislative Developments & Trends

California Legislature Introduces Expansive Biometric Privacy Law

Amanda M. Noonan |

On February 17, 2022, the California Legislature introduced a biometric privacy law (SB 1189) similar to the Illinois Biometric Information Privacy Act (“BIPA”). SB 1189 would dramatically increase biometric privacy protection for California consumers, expand regulation among private business, and add to the flurry of biometric privacy class action litigation that has taken hold of U.S. courts.

Categories
Biometric Privacy Compliance Tips Case Law Developments Legislative Developments & Trends

Current BIPA Trends: Class Actions Targeting the Use of Voice Data

David J. Oberly |

2021 has brought with it a sizeable expansion in the types of technology and companies that are now being targeted with bet-the-company Illinois Biometric Information Privacy Act (“BIPA”) class action lawsuits. The first major expansion involved the targeting of virtual try-on technology, a feature made even more popular during the COVID-19 pandemic, which, according to plaintiffs, utilizes facial recognition technology. More recently, a high volume of BIPA class action suits have been filed targeting the use of voice-powered technologies.

BIPA & Voice Data

BIPA regulates the collection, use, and storage of “biometric identifiers,” which includes—among other things—“voiceprints.” However, the term “voiceprint” is not defined in Illinois’ biometric privacy statute. “Voiceprint” is generally defined as a distinctive pattern of curved lines and whorls made by a machine that measures human vocal sounds for the purpose of identifying an individual speaker. It is this hallmark of identifying (or verifying the identity of) an individual that makes voice data a “voiceprint” under BIPA. In this respect, courts have noted that voice biometrics, also known as voiceprinting, is the use of biological characteristics—one’s voice—to verify an individual’s identity.

Thus, a critical distinction exists between general voice data, which is not covered by BIPA, and voiceprint, which fall under the scope of Illinois’ biometric privacy statute—with the important dividing line being the identifying quality of the biometric information. In a 2017 case, an Illinois federal court recognized this distinction, noting the difference between the mere capture of voice data and an actual “voiceprint.” In doing so, the court noted that if an entity simply captures a person’s voice without generating a voiceprint for the specific purpose of identifying ,or verifying the identity of, an individual, then there is no violation of BIPA.