Differences between planned US biometric privacy laws still few but big

U.S. lawmakers again are working on legislation that would create the nation’s first biometric privacy rules. And the gap between those floating competing ideas this year is smaller than in previous efforts.

Much of what is being discussed are points most in the biometrics privacy debate already agree on: privacy by design, data minimization, collection and use transparency and individual ownership and control.

A substantive role for the Federal Trade Commission is also suggested in new campaigns. The FTC is already hip deep in the matter.

But the two most important differences – over allowing people to sue if their data is misused and preventing states from writing their own biometric privacy laws – are still there.

Those two issues have been traps since 2019, when Senator Maria Cantwell (D-Wash.) and Senator Roger Wicker (R-Miss.) hoisted opposing flags.

The only reason biometric privacy got serious attention that year was the partisan anger about Cambridge Analytica’s political misuse of 50 million Facebook profiles.

Two-and-half years later, Cantwell remains adamant about signing a law that immediately gives consumers the right of action – their day in court – and allows state lawmakers to create laws that they feel suit their voters. She reportedly has been circulating a draft measure.

Wicker, meanwhile, has his own curb-feeler in which he backs off his earlier demands that individuals have no right to directly sue entities for breaking the legislation. Then as now, he wants people to ask their state’s attorney to sue for them. (Here’s a summary of his proposed law.)

He also has relaxed his opposition to states’ rights to create their own legal framework for biometric data privacy.

But Wicker has not given up entirely on the two points.

No lawsuits could be brought for four years after Wicker’s bill becomes law. And exemptions would be granted for certain conditions, leaving the proposed federal law the legal standard everywhere else.

For instance, it would not pre-empt Illinois’ Biometric Information Privacy Act or the Genetic Information Privacy Act in California.

The federal privacy law would also yield to state regulations that “solely address facial recognition or facial recognition technologies, electronic surveillance, wiretapping, or telephone monitoring.”

The same would be true for state laws regarding the biometric privacy of employees and students and their information.

Wicker’s proposal benefits somewhat from the fact that it is bipartisan. It is backed by Frank Pallone (D-Mass.) and Cathy McMorris Rodgers (R-Wash.)

The law firm Goodwin Procter has a good history of where Wicker’s proposal sits in recent legislative history.

Article Topics

biometric data  |  biometric identifiers  |  biometrics  |  data privacy  |  data protection  |  legislation  |  privacy  |  United States