Biometric data

Regulations governing biometric data collection, use, and processing have already been complex and strict with the Illinois’ Biometric Information Privacy Act (“BIPA”) as well as the biometrics laws in Washington and Texas. BIPA, which has a private right of action, has generated a flood of class action litigation. New York City has recently added to the mix by passing two new biometrics laws, the Tenant Data Privacy Act (“TDPA”) and an amendment to the New York City Administrative Code (“NYC Administrative Code”), both of which set forth requirements when it comes to processing of biometric data that expand consumers’ rights and impose obligations on processing biometric data.


Continue Reading New Laws on Biometric, RFD and Other “Sensitive” Data Collection and Use

Digital Facial RecognitionLast week, the Federal Trade Commission (“FTC”) announced a proposed settlement with a developer of a photo storage app that allegedly deceived consumers in violation of the prohibition on unfair or deceptive acts and practices found in §5(a) of the Federal Trade Commission Act.  As part of the proposed settlement, the developer, Everalbum, Inc. (“Everalbum”), agreed to certain injunctive relief.

Background

Everalbum offered an app called “Ever” that allowed users to upload photos and videos from their mobile devices, computers, or social media accounts to be stored and organized using a cloud-based storage service. The FTC alleged that in February 2017, Everalbum launched a new feature in the Ever app, called “Friends,” that used facial recognition technology to group users’ photos by the faces of the people who appear in them and allowed users to “tag” people by name. Everalbum allegedly enabled facial recognition by default for all users when it launched the Friends feature.

Allegedly Deceptive Practices
Continue Reading FTC Settles Allegations of Deceptive Practices by Photo Storage App Provider

What even might actually manage to have more geeks than Comic-Con?

PrivacyCon!

Ok, probably not, but on July 21, 2020 the FTC hosted their fifth annual PrivacyCon event, and for the first time it was entirely online. This event is designed to provide researched information on various important privacy topics. The FTC curates the event content based on submitted materials and moderates each session. This year’s topics were (1) health apps, (2) artificial intelligence, (3) Internet of Things devices, (4) privacy and security of specific technologies such as digital cameras and virtual assistants, (5) international privacy, and (6) miscellaneous privacy and security issues.
Continue Reading Key Takeaways from the FTC’s PrivacyCon

Digital Facial RecognitionLast week (9th July), the ICO announced that it would join forces with the Office of the Australian Information Commissioner (OAIC) to investigate the use of personal information, including biometric data, by Clearview AI, Inc. (Clearview). Limited information is available so far, but given the focus of the investigation, this is an important step in determining data protection rights and obligations, where information is ‘scraped’ from ‘publicly available’ sources, for the purposes of tackling crime.
Continue Reading ICO and Australian Information Commissioner Team-up to Investigate Clearview AI, Inc. Facial Recognition Tool and Data Scraping