Over the past year, a host of new national, state and local laws have been introduced to regulate the collection and use of biometric information. Although these proposals vary in their requirements, certain elements appear to be inspired in part by the Illinois Biometric Information Privacy Act (BIPA), which has been the subject of significant litigation in recent years. Below we provide an overview of notable proposed legislation.
U.S. Federal Law
On March 14, 2019, Senators Brian Schatz (D-Hawaii) and Roy Blunt (R-Mo), introduced the Commercial Facial Recognition Privacy Act. The act focuses on providing notice and obtaining affirmative consent whenever facial recognition technology is used to collect or process facial recognition data for certain purposes.
- “Facial recognition data” is defined as “any unique attribute or feature of the face of an end user that is used by facial recognition technology to assign a unique, persistent identifier or for the unique personal identification of a specific individual.”
- “Facial recognition technology” is defined as technology that “analyzes facial features in still or video images” and is used “to assign a unique, persistent identifier” or “for the unique personal identification of a specific individual.”