US FTC posts 6-point biometrics policy to protect consumers
United States federal regulators have put businesses on notice about the sins of commission and omission that mostly likely spark an investigation into their biometrics use.
The Federal Trade Commission, the nation’s top consumer protection body, has published six practices that businesses should know could bring sanctions. Other points could be added, according to the commission.
Five are reminders of what those wanting to handle biometric data are required to do. One is a warning about what not to do.
That warning is about “surreptitious and unexpected” collection or use of common biometric data – fingerprint, face, iris – but also pertains to biometric systems used to figure out ages, gender, race and personality traits.
Among the five reminders are two involving foreseeable problems.
Before collecting biometric data, businesses must assess foreseeable harms to consumer that the gathering could cause. And they have to work to reduce or eliminate known foreseeable risks.
Another two address the people who would handle or be exposed to consumers’ biometric data.
Commissioners want businesses to be sure third parties, employees and contractors can work reliably with the private data. In the case of employees, executives have a responsibility to see that they can work with data in a trustworthy fashion.
And last, businesses are required to monitor how all parts of a biometrics system are performing, making sure they are meeting initial demands.