We only have one unique face, two irises and ten fingerprints. We can’t change our biometrics like we can a credit card number. Yet many companies are collecting and using their employees’ and our biometric information for convenience without thinking about the potential consequences.
I recently went into a high-end retailer and the sales clerk opened the fitting room with her fingerprint—her biometric information. Needless to say, I was appalled. There are numerous companies marketing technology that collects biometric information from consumers and employees without understanding or educating customers about the consequences.
One means of addressing possible outcomes is the Illinois Biometric Information Privacy Act (BIPA), which, along with other state laws, regulates the collection and use of biometric information. Numerous employers have been caught in the cross-hairs after implementing biometric collection technology, such as time cards that are activated with a fingerprint to clock in and out, and then have been sued for violating BIPA. BIPA has specific requirements that are clear and not difficult with which to comply. But many global employers don’t know about BIPA and, therefore, are not complying with it.
The same is true for other biometric information, such as facial recognition or iris scanning. Before you fall for a sales pitch by a company offering the streamlined use of technology that collects and uses biometric information, be aware of laws that apply to biometric information, and the fact that they are rapidly changing. Further, consumers are becoming more educated about their biometric information and are more reticent to share it. When deciding whether to collect and use biometric information, determine whether the technology is really worth it. Before collecting and using biometric information from consumers or employees, assess the risk, determine what laws apply, comply with the laws and be transparent with those consumers and employees. Otherwise, you are likely to get tagged with a class action lawsuit.
Date: July 07, 2019
Source: Data Privacy + Security Insider