Lawmakers in nine states are advocating for new regulations on how companies handle biometric information such as fingerprints and facial scans, which could lead to increased legal risks for businesses that collect such data. Democratic and Republican lawmakers have proposed bills highlighting the importance of the issue and the concern it raises for people on both sides of the political spectrum.

The legislation comes in response to growing litigation and settlements by companies such as Facebook and TikTok over biometric privacy. Illinois was the first state to enact a biometric privacy law in 2008, the only law that includes a private right of action. Privacy advocates argue that biometric information is unique and should be protected, as it is immutable and cannot be changed.

Despite opposition from tech company lobbyists, legislative committees have approved biometric privacy bills in several states. The proposed bills would generally require companies to obtain consent from individuals before collecting their biometric data, to inform them of the collection, and to have clear policies for protecting and destroying the data. Some states have proposed more limited mandates, while others have included biometric privacy in broader consumer privacy legislation.


In the past, states failed to pass biometric privacy legislation allowing individuals to sue companies. However, this year’s efforts may see success as people become more aware of the dangers of allowing tech companies to regulate themselves. High-profile settlements under the Illinois private right of action show the law’s effectiveness in protecting biometric data. Statehouses that pursue individuals’ ability to sue are trying to level the playing field between US consumers and big tech companies.

If the proposed bills are enacted, companies could face a range of state-specific biometric requirements in addition to new consumer privacy laws. Consumers are increasingly concerned about protecting their biometric data, but companies may face difficulties complying with the regulations. The Computer and Communications Industry Association recommends that attorneys general enforce state laws to avoid costly litigation.

The Illinois biometric privacy law has resulted in many class-action lawsuits and significant penalties, with companies in various industries and sizes facing lawsuits over collecting biometric data from employees and consumers alike. Even slight variations in laws in other states would require companies to reassess their compliance programs, and businesses should carefully consider the potential risks before collecting biometric data.

State lawmakers should balance the benefits of using biometric information with the risks when considering legislation, and companies should stay informed of the developments in this ever-evolving space. Biometric privacy is an important issue that deserves attention, and state lawmakers are taking steps to ensure that individuals’ biometric information is protected.

REFERENCES:

State Lawmakers Eye Biometric Privacy Protections, Lawsuits

 

Related Posts