FB pixel

U.S. states follow BIPA with biometric data privacy proposals

Illinois courts still sorting out what counts
U.S. states follow BIPA with biometric data privacy proposals
 

Florida’s House of Representatives has passed a bill to establish a data privacy bill in the state with a right of private action, by a 103-8 vote, the Ormond Beach Observer reports.

If passed by the Senate and signed into law, HB 9 would require companies that have over $50 million in annual revenue or handle the data of 50,000 people to provide notice to consumers about their practices when collecting their personal data.

The bill does not specifically refer to biometrics, but the Associated Industries of Florida warned that it could bring in major compliance, operation, and litigation costs for companies in the state.

Similar legislation proposed in Maryland could further complicate the compliance landscape for biometrics use in the U.S., writes David Oberly, who recently joined Squire Patton Boggs, for Law360 (subscription required).

Kentucky’s HB 32 and Maryland’s HB 259, also known as the Maryland Biometric Identifiers Privacy Act, each specifically target biometrics, and Oberly notes that Maryland has made multiple attempts in previous sessions to pass legislation modeled on the country’s most impactful biometrics regulation, Illinois’ Biometric Information Privacy Act (BIPA).

Each proposal includes informed consent requirements, retention rules, restrictions against selling or sharing biometric data, and crucially, a right of private action.

The Maryland legislation was cross-filed with SB 335. The Kentucky proposal, however, was withdrawn on February 28, leaving its future in doubt.

A guide to biometrics regulations around the world produced by law firm Eversheds Sutherland shows the gradual creep of laws restricting and placing conditions on the use of the technology.

The ‘Global Biometrics Guide 2022’ covers BIPA (more on that below), as well as reviewing the regulatory conditions for biometrics in the UK and the EU, Asia and the Middle East.

BIPA limitations, exemptions weighed

The Illinois Supreme Court rejected an appeal from BIPA plaintiff Ring Container Technologies, which sought to limit the scope of the class action against it, writes the Cook County Record.

The statute of limitations for the BIPA suit, alleging informed consent-related violations by an employee time and attendance system, like so many other cases brought under the law, should be limited to two years based on workers compensation rules, rather than the five year limit that has been applied in other cases.

Ring Container appealed to the State Supreme Court to hear its case before the similar Tims v Black Horse Carriers statute of limitations question, on grounds that its case includes multiple potential statutes of limitations, as opposed to the sole limitation in question in the latter case. The court declined to hear the appeal, however, with no dissent and no explanation.

A lawsuit against Point-of-sale system vendor Signature Systems over alleged violations of Illinois biometric data privacy law will be heard in U.S. District Court, Bloomberg Law reports, after it was approved by the judge.

Judge Mary M. Rowland of the Northern District of Illinois denied a motion to dismiss the case, ruling that plaintiff Ronesha Smith satisfied the requirements to claim violations under the BIPA.

The defendant allegedly violated BIPA by failing to publish a data retention and destruction policy and also to obtain written consent before the plaintiff’s fingerprint biometrics were scanned by one of its PoS systems.

The federal Health Insurance Portability and Accountability Act of 1996 does not exempt hospitals and other healthcare providers from BIPA, an appeals panel has ruled, according to a separate Cook County Record report.

A pair of nearly-identical appeals from a handful of healthcare organizations were rejected by the First District Appellate Court, which found that BIPA’s language makes clear that only patient data already protected under HIPAA is excluded.

Labor agreement can trump BIPA, however, as an appeals panel granted a motion dismissing a class action brought by union members. Under the federal Labor Management Relations Act, collective bargaining agreements pre-empt BIPA, the Seventh Circuit panel found, according to the Cook County Record.

Meanwhile Macy’s has appealed a denial of its motion to dismiss its inclusion in a biometric data privacy case against Clearview AI. Law Street writes that the retailer argues the same logic could be applied to pull any of Clearview’s hundreds of other possible customers into the lawsuit as defendants. The company also argues that the consideration of BIPA cases with those filed under New York and California statutes could cause jurisdictional conflict.

Article Topics

 |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Biometrics outlook mostly sunny with periods of deepfakes

Biometrics forecasts are among the most-read stories of the week on Biometric Update. Goode Intelligence sees revenues for the biometrics…

 

FBI seeks vendors for its Somalia ABIS

The Federal Bureau of Investigation (FBI), through its Criminal Justice Information Services (CJIS) Division, has issued a Request for Information…

 

ID.me bolsters board, Identiv names SVP

ID.me has appointed Brian Robins and William “Bill” Welch as independent members to its Board of Directors. Robins, GitLab CFO and…

 

GSA has Section 508 concerns, Idemia touts accessibility advantage for Login.gov

In an announcement noting its inclusion in a $194.5 million blanket purchase agreement (BPA) from the U.S. General Services Administration…

 

Updated Innovatrics ABIS algorithm takes back rank 1 in latent accuracy evaluation

An updated biometric algorithm for latent fingerprint identification from Innovatrics has landed at the top of the U.S. government’s Evaluation…

 

Mexican state biometric population registry sees high acceptance

The Mexican state of Veracruz is seeing high levels of interest from its population in the biometric version of the…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events