FB pixel

Report warns retailers to consider consumer privacy laws when deploying facial recognition tools

 

Many vendors of biometrics-based solutions have not anticipated legal and compliance challenges posed by their products, or expressly deny responsibility for those challenges, leading to increased legal action, according to the National Law Review. The article “Buyer Beware: Facial Recognition and the Current Legal Landscape” urges U.S. retailers to be prepared for consumer privacy laws to evolve as they consider implementing such technologies.

The article was authored by partners of law firm Morgan, Lewis & Bockius LLP, and compares the current context for biometrics with that of the earliest text messaging marketing programs. The programs were bought by retailers from mobile marketing vendors, “which led to a flurry of class action activity that challenged compliance and the sufficiency of consent under the Telephone Consumer Protection Act (TCPA),” according to the authors.

Illinois, Texas, and Washington are the only states with comprehensive biometric information laws, and no such federal law exists, however litigation involving biometrics has been filed against United Airlines, Intercontinental Hotels, Facebook, Hyatt, Bob Evans Restaurants, and dozens of other companies, all under Illinois’ Biometric Information Privacy Act (BIPA). Many other states have considered such regulation, according to the Review, and a coalition which lobbied against the Montana Biometric Information Privacy Act noted “a huge risk of costly class action[s].”

The article deals extensively with BIPA, but also notes the introduction of the Consumer Privacy Protection Act in November 2017 by Senator Patrick Leahy (D-VT) with six co-sponsors. The proposed legislation explicitly includes biometric data, and would empower the FTC, federal Attorney General, and state Attorneys General to bring enforcement actions. It is currently before several committees and subcommittees.

While the article recommends that retailers consider how they will obtain consent to use biometrics, how they will treat the data from collection through disposal, and how they will prevent data breach damage it also urges them when necessary to obtain written agreements with vendors covering indemnification provisions and insurance requirements.

Article Topics

 |   |   |   |   | 

Latest Biometrics News

 

New year will see mobile driver’s licenses come of age: Trinsic CEO

A recent webinar from Trinsic takes stock of the eID sector in 2024 and looks ahead to upcoming launches and…

 

Datasonic transforming into NexG with end-to-end digital ID plan, fundraise

Datasonic’s acquisition of Innov8tif Holdings is just one part of a transformation plan that also includes a major capital exercise…

 

DIF Lab launches to propel decentralized digital ID projects

The Decentralized Identity Foundation (DIF) is launching a new initiative to help build, test and scale decentralized digital ID solutions….

 

Lissi enters final stage of German EUDI wallet prototype competition

Digital ID wallet maker Lissi has qualified for the final phase of the German government competition to create a national…

 

Puerto Rico latest government in U.S. to launch its mDL for Apple Wallet

Contrary to certain recent public opinions about Puerto Rico, the island is among U.S. leaders in adopting mobile driver’s licenses…

 

Singapore expands passport-free biometric clearance

At Singapore’s bus halls of Woodlands and Tuas checkpoints, travellers will soon be able to enjoy passport-less clearance using face…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events