US computer & comms group has problems with state’s biometric privacy bills

A U.S. electronics industry association is pushing hard against state legislation that would allow consumers to sue a business for how it handles their biometric data.

State of Maryland legislators are debating five bills (four cross-filed and one separate) addressing the thorny problem of what to do with biometric and other private data collected by private organization as part of doing business.

Cross-filed legislation is similar or mirrored bills written in a government’s upper and lower houses.

In this case, Senate bill 169 and House bill 33 address biometric rights and obligations in commercial law. Cross-filed Senate bill 698 and House bill 807 address the topic in consumer protection law.

House bill 254, not cross-filed, would regulate the interaction between social media and unauthorized children, particularly how “large social media platforms” should delete the data gathered or volunteered by those children.

Members of the Computer & Communications Industry Association has issued a statement saying any legislation needs to be narrowly written to protect “high-risk practices,” although without spelling out what that means.

They also want legislators to adopt privacy standards in order to will a cohesive mat of state laws across the country. Differences among jurisdictions make business operations less efficient and complicate compliance.

But worries about rights to action are a major concern for businesses in the United States. Giving consumers the right to sue companies for alleged wrongs is something most companies want to avoid.

For them, the example to avoid is the flow of lawsuits resulting from the state of Illinois’ Biometric Information Privacy Act.

If there must be a court remedy for mishandling biometric data, pro-business segments want to give it to state attorneys general, the highest elected law enforcement officer in a state-level government.

It would cut down on frivolous lawsuits, according to the association, as well as make it easier to influence how and when laws are enforced.

The association was already on the record opposing the Maryland legislation for being poorly crafted and needlessly difficult to comply with.

Privacy advocacy group the Electronic Privacy Information Center has sided with an individual right to action as an effective way to hold scofflaws to account. It is also a principle that the Illinois Supreme Court has endorsed in considering BIPA cases.

Article Topics

biometric data  |  biometrics  |  BIPA  |  Computer & Communications Industry Association  |  data protection  |  lawsuits  |  legislation