PUBLISHED ON: May 20, 2022
Across the United States, legislatures are passing new biometric privacy laws with potentially onerous fines, making businesses who collect biometric information, and the insurance companies that sell policies to those companies, understandably nervous.
Biometric Identifiable Information (BII) is generally defined as any physiological or biological characteristic that is used by or on behalf of a commercial establishment to identify an individual. Businesses use BII for various purposes including time cards, security, access to buildings or technology, or even for biometric marketing. BII may take the form of a retina scan, a fingerprint, a voiceprint, a scan of hand or face geometry, or any other identifying characteristic. BII is a more secure, reliable, and convenient form of identification—as opposed to passwords or account information—as you cannot forget or share your biometric identifiers. With the added convenience comes added risk, however, because your BII cannot be replaced or changed if stolen. The increased use of BII has predictably led to state regulation to protect consumers’ and employees’ biometric data.
Across the United States, legislatures are passing new biometric privacy laws with potentially onerous fines, making businesses who collect biometric information, and the insurance companies that sell policies to those companies, understandably nervous. These laws have varying impact depending on whether or not they create a private cause of action, how much the fines are per violation, and other provisions, such as the presence of a notice period and opportunity to cure.
To read the full article, please click here or download the PDF.
Cort T. Malone is a shareholder at Anderson Kill P.C. He is chair of the firm’s biometric liability group and a member of its insurance recovery group.
Jade W. Sobh is an attorney at the firm and a member of its biometric liability and insurance recovery groups.