FB pixel

Maryland and Mississippi lawmakers consider biometric data protection bills

Maryland and Mississippi lawmakers consider biometric data protection bills
 

Maryland’s state legislature has introduced a biometric data privacy act, in one of several moves at the state level towards increasing data privacy regulation.

HB 33, titled ‘Commercial Law – Consumer Protection – Biometric Data Privacy’ and spotted by DataGuidance, has passed its first reading, would require private entities that hold biometric data to develop and publish policies, establish a retention schedule and data destruction guidelines within certain timeframes. There are exceptions to the policy requirements for businesses only using biometrics from employees or for internal operations.

Photographs and audio recordings do not, in and of themselves, count as biometric data.

Consent must be collected, whether in written or digital form, and restrictions would be applied to disclosing or selling biometric data. Data storage and transmission would have to meet a set of security requirements.

Providing a service can also not be made conditional on supplying biometric data, unless the service cannot be delivered without it.

A private right of action is included, and the rules would also be enforceable through the Maryland Consumer Protection Act.

Public sector entities are not covered under the act.

Mississippi introduces biometrics act

Mississippi State Legislature has introduced the Biometric Identifiers Privacy Act to regulate the collection and use of biometrics by private sector entities.

HB 467 would require private organizations to develop and publish policies for the biometric data they hold, including a retention schedule and data destruction policy.

The ‘Biometric Identifiers Privacy Act’ would also require written consent from biometric data subjects. Employee biometrics can be collected, but with restrictions, such as on the retention of data that could be used to track them.

Individuals or their legal representatives can also demand information about what biometrics of theirs are held, the source of the data, what it has been used for, whether it was disclosed to any third parties, and if so who those third parties are.

Rather than placing a right of action under the act with either individuals or the State Attorney General, both will be able to sue under the proposed law.

Who should be involved in enforcement actions has been one of the points of division in proposed state laws on biometric data privacy, with some following Illinois in allowing private action. Some state bills, meanwhile, like Colorado’s, focus on restricting facial recognition.

If passed, the law will come into effect halfway through 2023.

Nebraska legislators, meanwhile, are considering the Personal Privacy Protection Act, which would restrict the collection of personal information by public agencies.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Passkey adoption by Australian govt, banks drives wider passwordless authentication

It’s high noon for passwords. Across the Authentication Corral, an inscrutable stranger saunters up and puts their hand on the…

 

‘New era in travel’: airports, airlines continue to be sweet spot for biometrics

A fascinating experiment in biometrics would be to find a privacy conscious person who would generally avoid facial recognition, put…

 

Limitations of FRT apparent in search for United Healthcare CEO’s killer

The murder of United Healthcare CEO Brian Thompson in Midtown Manhattan involved the use of facial recognition technology (FRT) to…

 

OpenID, BIO-key, RSA, SecureAuth showcase at Gartner IAM Summit

The 2024 Gartner Identity & Access Management Summit, running from December 9-11 in Grapevine, Texas, is playing host to names…

 

Aboriginal digital ID offers Indigenous Australians pathway to essential services

There are more than 200,000 Aboriginal and Torres Strait Islanders in Australia who lack a birth certificate. Without this vital…

 

Australia piloting myGov app and Trust Exchange for sharing medical data

The Australian government has launched a pilot of its myGov public services app and Services Australia’s Trust Exchange (TEx) proof-of-concept…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events