Publications
-
05.09.2023Washington State Joins the Biometric Litigation FrayUpdates
On April 27, 2023, Washington Governor Jay Inslee signed into law House Bill 1155, also known as the My Health, My Data Act. Its stated purpose is to protect “consumer health data” collected by entities not already subject to the federal Health Insurance Portability and Accountability Act, but one less obvious consequence of the Act is that it may make Washington state a new hot spot for class-action litigation involving biometric privacy.
-
04.25.2023Biometric Privacy in Film, Television, Music, and GamingUpdatesCreators in film, television, music, and gaming are increasingly turning to artificial intelligence and machine learning models to deliver new content and experiences to audiences. While providing many benefits, some applications of AI/ML in these contexts could potentially trigger biometric privacy laws.
-
06.01.2022Supreme Court Reinstates Injunction Against Texas Social Media LawUpdatesIn a 5-4 decision, the U.S. Supreme Court vacated the U.S. Court of Appeals for the Fifth Circuit’s stay of a temporary injunction in NetChoice, LLC v. Paxton, a closely watched case involving a novel Texas law purporting to bar “social media platforms” from engaging in “viewpoint” discrimination.
-
03.01.2022Rip Van Wrinkle: The Grandfather of Biometric Laws AwakensUpdatesFor many years, the most significant law governing biometric-based products and services has been the Illinois Biometric Information Protection Act. This past month, however, another biometric data privacy law woke from a long, undisturbed slumber.
-
10.2021/11.2021Biometric Privacy LitigationArticlesSecurity is one of the key applications for biometric technology and is increasingly pervasive. For example, companies have begun using biometric technology to provide secure, touchless financial transactions, limit access to medications and controlled substances, screen airline passengers, screen attendees of large-scale gatherings, such as sporting events and concerts, secure buildings, prevent unauthorized entry, and detect known threats, and monitor face-mask usage.
-
07.23.2021Biometric Privacy Rules Come to NYCArticlesNew York City’s ordinance could be the beginning of a trend, or simple an outlier, but one that every business in the city should be aware of.
-
07.09.2021The City That Never Peeps? NY City’s Biometric Identifier Information Ordinance Goes Into Effect July 9, 2021UpdatesNew York City’s new biometrics ordinance went into effect July 9, 2021. The ordinance regulates the use of “biometric identifier information” in “commercial establishments” such as places of entertainment, retail stores, and food and drink establishments.
-
02.02.2021FTC Deal With Photo App May Signal More Biometric ScrutinyArticles
Law360
The Federal Trade Commission announced on Jan. 11 that it had reached a settlement with Everalbum Inc., the developer of a now-defunct photo storage app called Ever. -
01.29.2021Everalbum Settles FTC Claims Alleging Deceptive Use of Facial Recognition TechnologyUpdatesThe Federal Trade Commission announced on January 11, 2021, that it had reached a settlement with Everalbum, Inc., the developer of a now-defunct photo storage app called “Ever.” The settlement is the FTC’s first enforcement action focused on facial recognition technology, and likely signals a new era of increased regulatory scrutiny for companies involved in facial recognition.
-
01.27.2021Washington, New York, and Minnesota Introduce New Privacy Laws to Begin the New YearUpdatesIt’s a new year and it looks like 2021 is going to be another eventful one for privacy. In the past few weeks, we’ve seen several states introduce new privacy legislation, including Washington, New York, and Minnesota.
-
12.22.2020Time to Face the Country’s Strictest Facial Recognition LawUpdates
Companies that do business in Portland, Oregon may need to add one more item to their holiday to-do list: disable face recognition technologies in Portland.
-
04.24.2019European Parliament Approves Amendments to Draft “Terrorist Content” LegislationUpdatesThe European Parliament approved several amendments to the European Commission’s proposed Regulation on preventing the dissemination of terrorist content online on April 17, 2019.
-
01.02.2019Google Defeats Biometric Privacy Lawsuit on Article III Standing GroundsUpdatesGoogle won summary judgment in Rivera v. Google, a privacy class action alleging violations of the Illinois Biometric Information Privacy Act (BIPA). The case involved “face grouping,” a feature that enables Google Photos to automatically sort and group the photographs in a user’s private account, based on visual similarities between the images of faces in the photos. The court held that any alleged collection of “biometric information” or “biometric identifiers” stemming from this feature did not cause an injury-in-fact sufficient to confer Article III standing. This update summarizes the decision, which may be relevant to clients involved with biometric technology, as well as other clients facing litigation where a no-injury defense may be applicable.
-
10.19.2018European Commission Publishes Proposed Regulation Governing Online “Terrorist Content”UpdatesThe European Commission recently published its draft “Regulation on preventing the dissemination of terrorist content online.”
-
08.01.2016Commission Holds FTC Unfairness Claim Does Not Require “Probable” or Tangible Injury in LabMD Data Security CaseUpdates
The Federal Trade Commission unanimously (3-0) ruled on July 29, 2016 that LabMD’s data security practices were “unfair” under Section 5 of the FTC Act, reversing a decision of its Administrative Law Judge.
-
08.26.2015Third Circuit Affirms FTC Authority to Police Whether Companies Have Reasonable Data SecurityUpdatesSince at least 2005, the Federal Trade Commission has asserted that it may regulate lax data security practices as an “unfair” business practice under Section 5 of the FTC Act. The Wyndham hotel chain was the first to challenge this authority in court. In a highly anticipated opinion, the U.S. Court of Appeals for the Third Circuit resoundingly agreed with the FTC that a failure to implement reasonable data security measures may constitute an unfair business practice under Section 5.
-
04.09.2014Federal Court Holds That FTC May Regulate Company Data Security PracticesUpdatesIn a closely watched and first-of-its-kind case, the U.S. District Court for the District of New Jersey rejected, for purposes of a motion to dismiss, a defendant company’s argument that the Federal Trade Commission (FTC) lacks authority to regulate data security practices under Section 5 of the FTC Act.
Presentations
-
-
06.07.2023Demystifying Washington State’s My Health, My Data ActWebinarsThe recently enacted My Health, My Data Act (MHMD) will regulate the collection, use, sharing, analysis, and sale of health-related data of individuals in Washington state and beyond.
-
12.06.2021 – 12.10.20212021 AI Week: When the Machine Knows Who You Are: How the Law Is Responding to a Biometric RevolutionWebinarsFor all of its benefits, artificial intelligence (AI) poses a wide range of legal risks and ethical issues. To address this, we presented a series of CLE webinars and a podcast, that discussed key issues related to the many advantages and regulatory challenges associated with enterprise AI integration and deployment.
-
10.07.2020When the Machine Knows Who You Are: How the Law Is Responding to a Biometric RevolutionWebinarsThis webinar explores the legal landscape that governs biometric technologies and the latest biometric solutions to global challenges, such as COVID-19.