FB pixel

Privacy group says data protections by US states differ greatly

Privacy group says data protections by US states differ greatly
 

Looking at the rising number of biometric privacy bills being floated by U.S. states, some civil liberties advocates are concerned that too many lack substantive consumer data protections.

As it happens, two of those states, Illinois and Maine, are working on biometrics legislation. One is (so far, at least) a stake-in-the-ground bill but the other does not spare the printer paper in suggesting restrictions on the use of consumer identifiers.

In Illinois, birthplace of the landmark Biometric Information Privacy Act, some lawmakers have proposed the Digital Voice and Likeness Protection Act, which would be applied retroactively.

While it has only recently been introduced, the Voice and Likeness Act focuses on how to properly transact a deepfake agreement.

The legislation would make it illegal to create and use a deepfake for something that the subject would normally have done. And anyone wanting to use synthetic identifiers would have to be clear in disclosing all proposed uses of them. Last, the subject would have to be adequately represented in the transaction.

That’s just about all the act has to say at this point and, as such, likely would not be rated highly by EPIC, the Electronic Privacy Information Center. The advocacy group has issued a report critical of state privacy law efficacy.

Nonprofit public interest group the U.S. PIRG joined EPIC with the report. Privacy legislation is categorized differently in the industry, which likely explains why Illinois is not one of 14 states analyzed for the report.

Enacted laws in nine states received poor or failing grades in the report. Iowa’s effort was rated four out of 100. The top-ranked law was in California, and it scored a not-so-respectable 69.

Strong legislation, the groups say, must require data-minimization obligations. It has to regulate all uses of biometrics data and create strong civil rights safeguards. Strong regulatory and enforcement powers must be enacted. And consumers must be able to take violators to court.

Without a thorough analysis of Maine’s Voice and Likeness legislation, it is difficult to say how closely it hews with the report’s guidelines. But that’s only because the act is dense with rules, definitions and remedies.

It covers several categories of consumer privacy with a focus on protection of all biometric identifiers. It also addresses protections for children under the age of 18.

The core of the document would be familiar to anyone who has read Illinois’ BIPA. Consent is required. Retaliation against someone covered by the law who refuses to give consent is prohibited, and the like.

But the details for privacy are unusually deep. Companies would have to have privacy policies, design evaluations, retention schedules and algorithm risk assessments.

For example, companies would be required to “mitigate privacy risks, including substantial privacy risks, related to the products and services of the covered entity or the service provider, including in the design, development and implementation of those products and services, taking into account the role of the covered entity or service provider and the information available to it”.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Women in Identity prepares ID Code of Conduct phase 3, on costs of ID exclusion

Identity and ID documents aren’t the same thing – but, in administrative terms, they might as well be. Without identification,…

 

Somalia officially launches printing process of new national ID card

The government of Somalia says the printing of its new generation national ID cards is now officially underway. The country’s…

 

Facial recognition for borders and travel: 2025 trends and insights

By Vito Fabbrizio Managing Director, Biometrics Business Unit, HID The world of biometrics is constantly evolving, and 2024 was a transformative…

 

Azerbaijan president approves 2025-2027 digital ID, govt strategy

President Ilham Aliyev of Azerbaijan has issued a decree activating the “Digital Development Concept of the Republic of Azerbaijan,” a…

 

Mobile driver’s licenses coming to the UK this year

The UK government is planning to issue digital driver’s licenses this year with legal backing to be accepted as proof…

 

Guyana national digital ID project gets $4.8M in 2025 budget

The government of Guyana has allocated $1 billion (US$4.8M) for national e-ID cards, as part of a budget presented last…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events