FB pixel

Report warns retailers to consider consumer privacy laws when deploying facial recognition tools

 

Many vendors of biometrics-based solutions have not anticipated legal and compliance challenges posed by their products, or expressly deny responsibility for those challenges, leading to increased legal action, according to the National Law Review. The article “Buyer Beware: Facial Recognition and the Current Legal Landscape” urges U.S. retailers to be prepared for consumer privacy laws to evolve as they consider implementing such technologies.

The article was authored by partners of law firm Morgan, Lewis & Bockius LLP, and compares the current context for biometrics with that of the earliest text messaging marketing programs. The programs were bought by retailers from mobile marketing vendors, “which led to a flurry of class action activity that challenged compliance and the sufficiency of consent under the Telephone Consumer Protection Act (TCPA),” according to the authors.

Illinois, Texas, and Washington are the only states with comprehensive biometric information laws, and no such federal law exists, however litigation involving biometrics has been filed against United Airlines, Intercontinental Hotels, Facebook, Hyatt, Bob Evans Restaurants, and dozens of other companies, all under Illinois’ Biometric Information Privacy Act (BIPA). Many other states have considered such regulation, according to the Review, and a coalition which lobbied against the Montana Biometric Information Privacy Act noted “a huge risk of costly class action[s].”

The article deals extensively with BIPA, but also notes the introduction of the Consumer Privacy Protection Act in November 2017 by Senator Patrick Leahy (D-VT) with six co-sponsors. The proposed legislation explicitly includes biometric data, and would empower the FTC, federal Attorney General, and state Attorneys General to bring enforcement actions. It is currently before several committees and subcommittees.

While the article recommends that retailers consider how they will obtain consent to use biometrics, how they will treat the data from collection through disposal, and how they will prevent data breach damage it also urges them when necessary to obtain written agreements with vendors covering indemnification provisions and insurance requirements.

Article Topics

 |   |   |   |   | 

Latest Biometrics News

 

Alexa, sue Amazon: tech giant faces class action over voice recordings

Users of Amazon’s Alexa are clear to pursue a class action over allegedly illegal recordings of private conversations. In Seattle,…

 

Epic Games provides Yoti facial age estimation to Bluesky for UK users

Social media platform Bluesky has selected Epic Games’ software, including biometrics-based age estimation from Yoti, to ensure its compliance with…

 

RealSense targets robotics, 3D facial recognition security with $50M in hand

RealSense has cut the cord tying it to Intel Corp, where the 3D camera company was born, with $50 million…

 

Will Congress reaffirm US cyber threat sharing framework before it’s too late?

As the September 30 expiration date for the Cybersecurity Information Sharing Act of 2015 (CISA 2015) rapidly approaches, Congress faces…

 

World pauses German operations for Orb update amid regulatory faceoff

World is facing a potential cease-and-desist order in the Philippines, and has put its iris scanning stations on hold in…

 

QR-based digital ID drives transformation in Khyber Pakhtunkhwa

The Khyber Pakhtunkhwa province of Pakistan is taking broader moves toward digital transformation with the launch of the Khyber Pass…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Biometric Market Analysis

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events