Thursday, February 3, 2022
Facial recognition, voiceprint, and other biometric-related technology are booming, and they continue to infiltrate different facets of everyday life. The technology brings countless potential benefits, as well as significant data privacy and cybersecurity risks.
Whether it is facial recognition technology being used with COVID-19 screening tools and in law enforcement, continued use of fingerprint-based time management systems, or the use of various biometric identifiers such as voiceprint for physical security and access management, applications in the public and private sectors involving biometric identifiers and information continue to grow so do concerns about the privacy and security of that information and civil liberties. Over the past few years, significant compliance and litigation risks have emerged that factor heavily into the deployment of biometric technologies, particularly facial recognition.
Research suggeststhat the biometrics market is expected to grow to approximately $44 billion in 2026 (from about $20 billion in 2020). This is easy to imagine, considering how ubiquitous biometric applications have become in everyday life. Biometrics are used for identity verification in a myriad of circumstances, such as unlocking smartphones, accessing theme parks, operating cash registers, clocking in and out for work, and travelling by plane. Concerns about security and identity theft, coupled with weak practices around passwords,have led some to ask whether biometrics will eventually replace passwordsfor identity verification. While that remains to be seen, there is little doubt the use of biometrics will continue to expand.
A significant piece of that market, facial recognition technology, has become increasingly popular in employment and consumer areas (e.g.,employee access, passport check-in systems, and payments on smartphones), as well as with law enforcement. For approximately 20 years, law enforcement has used facial recognition technology to aid criminal investigation, but with mixed results,according to a New York Times report. Additionally, the COVID-19 pandemic has helped to drive broader use of this technology. The need to screen persons entering a facility for symptoms of the virus, including their temperature, led to increased use of thermal cameras, kiosks, and similar devices embedded with facial recognition capabilities. When federal and state unemployment benefit programs experienced massive fraud as they tried to distribute hundreds of billions in COVID-19 relief, many turned to facial recognition and similar technologies for help. By late-summer 2021, more than half the states in the United States have contracted with ID.me to provide ID-verification services, according to aCNN report.
Many have objected to the use of this technology in its current form, however. They raise concerns over a lurch toward a more Orwellian society and related to due process, noting some of the technologys shortcomings in accuracy and consistency.Others have observedthat the ability to compromise the technology can become a new path to committing fraud against individuals.
Additionally, the use of voice recognition technology has seen massive growth in the past year. A newreportfrom Global Market Insights, Inc. estimates the global market valuation for voice recognition technology will reach approximately $7 billion by 2026. It said this is in main part due to the surge of AI and machine learning across a wide array of devices, including smartphones, healthcare apps, banking apps, and connected cars, among many others. While the ease and efficacy of voice recognition technology is clear, the privacy and security obligations associated with this technology, as with facial recognition, cannot be overlooked.
With the increasingly broad and expanding use of facial recognition and other biometrics has come more regulation and the related compliance and litigation risks.
Perhaps one of the most well-known laws regulating biometric information is theIllinois Biometric Information Privacy Act(BIPA). Enacted in 2008, the BIPA was one of the first state laws to address a businesss collection of biometric data. The BIPA protects biometric identifiers (a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry) and biometric information (any information, regardless of how it is captured, converted, stored, or shared, based on an individuals biometric identifier used to identify an individual). The law established a comprehensive set of rules for companies collecting biometric identifiers and information from state residents, including the following key features:
Informed consent in connection with collection
Disclosure limitation
Reasonable safeguard and retention guidelines
Prohibition on profiting from biometric data
A private right of action for individuals harmed by violations of the BIPA
The BIPA largely went unnoticed until 2015, when a series of five similar class action lawsuits were brought against businesses. The lawsuits alleged unlawful collection and use of the biometric data of Illinois residents. Since the BIPA was enacted, more than750 putative class actions lawsuits have been filed. The onslaught is primarily due to the BIPAs private right of action provision. That provision provides statutory damages up to $1,000 for each negligent violation, and up to $5,000 for each intentional or reckless violation. Adding fuel to the fire, the Illinois Supreme Court ruled that an individual is aggrieved under the BIPA and has standing to sue for technical violations, such as a failure to provide the laws required notice.Rosenbach v. Six Flags Entertainment Corp.,No. 123186 (Ill. Jan. 25, 2019). While most of these cases involved collection of fingerprints for time management systems, several involved facial recognition, includingone that reportedly settled for $650 million. In 2021, a new wave of BIPA litigation arose with the increased use of voice recognition technology by businesses. While general voice data is not covered by the BIPA, voiceprints have a personal identifying quality, thus potentially making them subject to the BIPA. For example, a large fast-food chain is facing BIPA litigation over alleged use of AI voice recognition technology at their drive-throughs. Claims in both state and federal courts allege failures to implement BIPA-compliant data retention policies, informed consent requirements, and prohibitions on profiting and disclosure.
Many have arguedthat the BIPA went too far, opening the floodgates to litigation for plaintiffs who, in many cases, suffered little to no harm. Indeed,efforts have been madeto moderate the BIPAs impact. However, massive data breaches and surges in identity theft and fraud have supported calls for stronger measures to protect sensitive personal information, including with regard to the use of facial recognition. At the same time, mismatches and allegations of bias in the application of facial recognition have led to calls for changes.
In the last year, there has been an uptick in hackers trying to trick facial recognition technology in many settings, such as fraudulently claiming unemployment benefits from state workforce agencies. The majority of states are using facial recognition technology to verify persons eligible for government benefits to prevent fraud. The firm ID.me. Inc., which provides the facial recognition technology to help verify individual eligibility for unemployment benefits, has seen over 80,000 attempts to fool government identification facial recognition systems between June 2020 and January 2021. Hackers of facial recognition systems usea myriad of techniques includingdeepfakes(AI-generated images), special masks, or even holding up images or videos of the individual the hacker is looking to impersonate.
Fraud is not the only concern with facial recognition technology. Despite its appeal for employers and organizations, there are concerns over the technologys accuracy, as well as significant legal implications to consider. Importantly, there are growing concerns regarding accuracy and biases of the technology. Areportby the National Institute of Standards and Technology said a study of 189 facial recognition algorithms considered the majority of the industry found that most of the algorithms exhibit bias, falsely identifying Asian and Black faces 10-to-beyond-100 times more than White faces. Moreover, false positives are significantly more common for women than men and higher for the elderly and children than middle-aged adults.
A result has beenincreasing regulationof the use of biometrics, including facial recognition. Examples include:
Facial Recognition Bans.Several U.S. localities have banned the use of facial recognition for law enforcement, other government agencies, or private and commercial use.
Portland.In September 2020, theCity of Portland, Oregon, became the first city in the United States to ban the use of facial recognition technologies in the private sector. Proponents of the measure cited a lack of standards for the technology and wide ranges in accuracy and error rates that differ by race and gender, among other criticisms.
The term facial recognition technologies is broadly defined to include automated or semi-automated processes using face recognition that assist in identifying, verifying, detecting, or characterizing facial features of an individual or capturing information about an individual based on an individuals face. The ordinance carves out limited exceptions, including the use of facial recognition technologies to comply with law, to verify users of personal and employer-provided devices, and for social medial application. Failure to comply can be painful. Like the BIPA, theprovides persons injured by a material violation a cause of action for damages or $1,000 per day for each day of violation, whichever is greater.
Baltimore.TheCity of Baltimore, for example,has bannedthe use of facial recognition technologies by city residents, businesses, and most of the citys government (excluding the police department) until December 2022.Council Bill 21-0001prohibits persons from obtaining, retaining, accessing, or using certain face surveillance technology or any information obtained from certain face surveillance technology. Any person who violates the ordinance is guilty of a misdemeanor and, on conviction, is subject to a fine of not more than $1,000, imprisonment for not more than 12 months, or both fine and imprisonment.
Biometrics, Generally.Beyond the BIPA, state and local governments have enacted laws to regulate the collection, use, and disclosure of biometric information. Here are a few examples:
Texas, Washington, and New York.BothTexasandWashingtonhave enacted comprehensive biometric laws similar to the BIPA, but without the same kind of private-right-of-action provision. New York, on the other hand, isconsideringa BIPA-like privacy bill that mirrors the BIPA enforcement scheme.
The California Consumer Privacy Act (CCPA).Modeled to some degree after the EUs General Data Protection Regulation (GDPR), the CCPA seeks to provide individuals who are residents of California (consumers) greater control over their personal information. Cal. Civ. Code 1798.100et seq.Personal information is defined broadly and is broken into several categories, one being biometric information. In addition to new rights relating to their personal information (such as the right to opt out of the sale of their personal information), consumers have a private right of action relating to data breaches. If a CCPA-covered business experiences a data breach involving personal information, such as biometric information, the CCPA authorized a private cause of action against the business if a failure to implement reasonable security safeguards caused the breach. For this purpose, the CCPA points to personal information as defined in subparagraph (A) of paragraph (1) of subdivision (d) of Section 1798.81.5. That section defined biometric information as Unique biometric data generated from measurements or technical analysis of human body characteristics, such as a fingerprint, retina, or iris image, used to authenticate a specific individual. Unique biometric data does not include a physical or digital photograph, unless used or stored for facial recognition purposes. Cal. Civ. Code 1798.150. If successful, a plaintiff can seek to recover statutory damages in an amount not less than $100 and not greater than $750 per consumer per incident or actual damages, whichever is greater, and injunctive or declaratory relief and any other relief the court deems proper. This means that, like under the BIPA, plaintiffs generally do not have to show actual harm to recover.
New York City.The Big Apple amendedTitle 22 of its Administrative Codeto create BIPA-like requirements for the retail, restaurant, and entertainment businesses concerning collection of biometric information from customers. Under the law, customers have a private right of action to remedy violations, subject to a 30-day notice and cure period, with damages ranging from $500 to $5,000 per violation, along with attorneys fees.
In addition, New York City passed theTenant Privacy Act, which, among other things, requires owners of smart access buildings (i.e.,those that use key fobs, mobile apps, biometric identifiers, or other digital technologies to grant access to their buildings) to provide privacy policies to their tenants prior to collecting certain types of data from them. It also strictly limits (a) the categories and scope of data that the building owner collects from tenants, (b) how it uses that data (including a prohibition on data sales), and (c) how long it retains the data. The law creates a private right of action for tenants whose data is unlawfully sold. Those tenants may seek compensatory damages or statutory damages ranging from $200 to $1,000 per tenant and attorneys fees.
Other states.Additionally, states are increasingly amending their breach notification laws to add biometric information to the categories of personal information that require notification, including 2020 amendments in California, Vermont, and Washington, D.C. Moreover, there are a myriad of data destruction, reasonable safeguards, and vendor requirements to consider, depending on the state, when collecting biometric data.
Organizations that collect, use, and store biometric data increasingly face compliance obligations as the law attempts to keep pace with technology, cybersecurity crimes, and public awareness of data privacy and security. It is critical that they maintain a robust privacy and data protection program to ensure compliance and minimize business and litigation risks.
Jackson Lewis P.C. 2022National Law Review, Volume XII, Number 34
Read the original post:
Cybersecurity Risks of Biometric Related Technology Use - The National Law Review
- Report: Apple acquires French startup behind AI and computer vision technology - 9to5Mac - April 22nd, 2024 [April 22nd, 2024]
- CACI Awarded $1.3 Billion Task Order to Provide Communications and Information Technology Expertise to U.S. ... - Business Wire - April 22nd, 2024 [April 22nd, 2024]
- What is semi-automated offside technology and how does it work? - The Athletic - April 22nd, 2024 [April 22nd, 2024]
- Can technology save us from an ecological apocalypse? - interview - CyberNews.com - April 22nd, 2024 [April 22nd, 2024]
- Does LaLiga have goalline technology? What about other major leagues? - AS USA - April 22nd, 2024 [April 22nd, 2024]
- Driver Assistance Technologies: NHTSA Should Take Action to Enhance Consumer Understanding of Capabilities and ... - Government Accountability Office - March 31st, 2024 [March 31st, 2024]
- OpenAI reveals Voice Engine, but won't yet publicly release the risky AI voice-cloning technology - The Associated Press - March 31st, 2024 [March 31st, 2024]
- Nexalin Technology Full Year 2023 Earnings: US$0.63 loss per share (vs US$0.30 loss in FY 2022) - Yahoo Finance - March 31st, 2024 [March 31st, 2024]
- 'Battle for your brain': What the rise of brain-computer interface technology means for you - WBUR News - March 31st, 2024 [March 31st, 2024]
- Firsthand Technology Value Fund (NASDAQ:SVVC) Research Coverage Started at StockNews.com - Defense World - March 31st, 2024 [March 31st, 2024]
- Suzhou Anjie Technology Full Year 2023 Earnings: Misses Expectations - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Inside the shadowy global battle to tame the world's most dangerous technology - POLITICO Europe - March 31st, 2024 [March 31st, 2024]
- The Technological Pivot Of History: Power In The Age Of Exponential Innovation Analysis - Eurasia Review - March 31st, 2024 [March 31st, 2024]
- 'Women Behind the Wheel' explores the intersection of gender, culture and cars - NPR - March 31st, 2024 [March 31st, 2024]
- Shanghai Weihong Electronic Technology Full Year 2023 Earnings: Revenues Beat Expectations, EPS Lags - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- A Look At The Fair Value Of Powertech Technology Inc. (TWSE:6239) - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Weaver Network Technology Full Year 2023 Earnings: EPS Beats Expectations, Revenues Lag - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- New York City will introduce controversial AI gun detection technology amid subway crime crisis - SiliconANGLE News - March 31st, 2024 [March 31st, 2024]
- Earnings Not Telling The Story For Beijing CTJ Information Technology Co., Ltd. (SZSE:301153) - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Vontron Technology Full Year 2023 Earnings: EPS: CN0.35 (vs CN0.34 in FY 2022) - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Huawei Revenue Rises as Technology Giant Commits to Growth - Technology Magazine - March 31st, 2024 [March 31st, 2024]
- Shenzhen Fortune Trend technology Full Year 2023 Earnings: Beats Expectations - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- USPACE Technology Group Limited (HKG:1725) May Have Run Too Fast Too Soon With Recent 28% Price Plummet - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- NYC to test gun-detecting technology in subway system - SILive.com - March 31st, 2024 [March 31st, 2024]
- Cancer Treatment: 3D Printing and Scanning Technology - Surviving Mesothelioma - March 31st, 2024 [March 31st, 2024]
- Does Contel Technology (HKG:1912) Have A Healthy Balance Sheet? - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Oppo Find X7 series now supports 5G-Advanced technology with up to 10 Gbps downlink speed - The Indian Express - March 31st, 2024 [March 31st, 2024]
- DCPS receives nearly $20k in grants for technology program advancements - The Owensboro Times - March 31st, 2024 [March 31st, 2024]
- Hangzhou Electronic Soul Network Technology Full Year 2023 Earnings: Misses Expectations - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- International Business Digital Technology Full Year 2023 Earnings: CN0.07 loss per share (vs CN0.019 loss in FY ... - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Analysts Are More Bearish On Guangzhou Tinci Materials Technology Co., Ltd. (SZSE:002709) Than They Used To Be - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Daheng New Epoch Technology Full Year 2023 Earnings: EPS: CN0.11 (vs CN0.16 in FY 2022) - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Tesla offers U.S. customers a month's trial of its driver-assist technology - Reuters - March 31st, 2024 [March 31st, 2024]
- Slam Dunk Technology: How AI Is Revolutionizing The Game Of Basketball - Forbes - March 31st, 2024 [March 31st, 2024]
- China Environmental Technology and Bioenergy Holdings Full Year 2023 Earnings: CN0.03 loss per share (vs CN ... - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Vuma and Huawei team up to launch industry first 50G PON ... - Light Reading - July 15th, 2023 [July 15th, 2023]
- See What Kim Kardashian and Kylie Jenner Look Like With Aging ... - E! NEWS - July 15th, 2023 [July 15th, 2023]
- AFRL conducts swarm technology demonstration > ONE AFRL ... - afrl.af.mil - May 20th, 2023 [May 20th, 2023]
- Shell to use new AI technology in deep sea oil exploration - Reuters - May 20th, 2023 [May 20th, 2023]
- Former Google CEO says AI at 'center' of technology competition between US and China - Fox News - May 20th, 2023 [May 20th, 2023]
- Agriculture and technology combine to drive the industrys growth - Times of India - May 20th, 2023 [May 20th, 2023]
- Technology and the Skills Shortage - Financial Times - May 20th, 2023 [May 20th, 2023]
- New License Agreement Announced for Next-Generation Base ... - BioPharm International - May 20th, 2023 [May 20th, 2023]
- Orion Governance Licenses Technology from GE to Deliver Next Generation Data Governance Solution - Yahoo Finance - May 20th, 2023 [May 20th, 2023]
- World needs to be 'vigilant' as AI technology improves and ... - KTVZ - May 20th, 2023 [May 20th, 2023]
- After Losing Son, Ridgefield Mother Pushes For Technology to Prevent Hot Car Deaths - NBC Connecticut - May 20th, 2023 [May 20th, 2023]
- After last year's fan violence in Queretaro, has Fan ID technology ensured safety for Liga MX fans? - ESPN - ESPN - May 20th, 2023 [May 20th, 2023]
- Bleach: The Soul Reapers' Gigai Technology, Explained - CBR - Comic Book Resources - May 20th, 2023 [May 20th, 2023]
- Cogito Tech - Catalyzing Transformation in Global Healthcare ... - Business Standard - May 20th, 2023 [May 20th, 2023]
- Barriers to Use of Technology in Diabetes Management - Patient Care Online - May 20th, 2023 [May 20th, 2023]
- Blue technology startups presented at the inaugural Gulf Blue ... - The University of Southern Mississippi - May 20th, 2023 [May 20th, 2023]
- CureVac files expanded patent lawsuit against Pfizer/BioNTech over ... - Reuters - May 20th, 2023 [May 20th, 2023]
- Harrison Ford defends use of de-ageing technology in new Indiana Jones film: I know that that is my face - Yahoo News - May 20th, 2023 [May 20th, 2023]
- Sanwo-Olu: Nigeria needs technology to compete with likes of China - Guardian Nigeria - May 20th, 2023 [May 20th, 2023]
- Prejudice in technology, and the necessity of time: Books in brief - Nature.com - May 20th, 2023 [May 20th, 2023]
- New technology uses ordinary sunlight to disinfect drinking water ... - Stanford University News - May 20th, 2023 [May 20th, 2023]
- Incredible AI technology shows what UK cities will look like in 2050 - LADbible - May 20th, 2023 [May 20th, 2023]
- Your Firm and Your Tools - Top Technology Initiatives - CPAPracticeAdvisor.com - May 20th, 2023 [May 20th, 2023]
- Tom Hanks: I could appear in movies after death with AI technology - BBC - May 20th, 2023 [May 20th, 2023]
- Transform your career with Chief Technology Officer online course - Economic Times - May 20th, 2023 [May 20th, 2023]
- e-Learning Jamaica Technology in Education Conference Slated for ... - Government of Jamaica, Jamaica Information Service - May 20th, 2023 [May 20th, 2023]
- Andrew Maynard | What's a Luddite? From Industrial Revolution to ... - TribDem.com - May 20th, 2023 [May 20th, 2023]
- At Yale, Kaloyan Kolev used technology to create and to make ... - Yale News - May 20th, 2023 [May 20th, 2023]
- This technology could alter the entire planet. These groups want every nation to have a say. - MIT Technology Review - April 17th, 2023 [April 17th, 2023]
- The secret lives of snakes and how Georgia College uses technology to study them - 13WMAZ.com - April 8th, 2023 [April 8th, 2023]
- Technology Innovation Institute to host 2nd 'Additive Manufacturing the Future' seminar in Abu Dhabi - Devdiscourse - April 8th, 2023 [April 8th, 2023]
- Can Array Technologies Inc (ARRY) Stock Rise to the Top of Technology Sector Thursday? - InvestorsObserver - March 31st, 2023 [March 31st, 2023]
- Here's Why We Think Pfeiffer Vacuum Technology (ETR:PFV) Might Deserve Your Attention Today - Simply Wall St - February 18th, 2023 [February 18th, 2023]
- Will WM Technology Inc (MAPS) Stay at the Top of the Technology Sector? - InvestorsObserver - February 18th, 2023 [February 18th, 2023]
- Ways in which technology can enhance the abilities of law enforcement agents to assist the community - Times of India - February 7th, 2023 [February 7th, 2023]
- Meet The Titans: Google And OpenView (Microsoft) Faceoff On Chat Technology Innovation - Forbes - February 5th, 2023 [February 5th, 2023]
- MACOM Technology Solutions Holdings, Inc.'s (NASDAQ:MTSI) Stock Has Been Sliding But Fundamentals Look Strong: Is The Market Wrong? - Simply Wall St - February 5th, 2023 [February 5th, 2023]
- WVU Dept. of Ophthalmology acquires state-of-the-art technology for simulation lab - WV News - February 5th, 2023 [February 5th, 2023]
- Executive Vice President of Technology & Operations Alok Sethi Just Sold A Bunch Of Shares In Franklin Resources, Inc. (NYSE:BEN) - Simply Wall St - February 5th, 2023 [February 5th, 2023]
- Is Now The Time To Put Amkor Technology (NASDAQ:AMKR) On Your Watchlist? - Simply Wall St - January 27th, 2023 [January 27th, 2023]
- There Are Reasons To Feel Uneasy About New Oriental Education & Technology Group's (NYSE:EDU) Returns On Capital - Simply Wall St - January 27th, 2023 [January 27th, 2023]
- Technology has set us on a path toward one of two dystopian scenariosbut its not too late to save democracy - Fortune - January 17th, 2023 [January 17th, 2023]
- IonQ Acquires Entangled Networks And Locks In Quantum Networking Technology Critical To Its Future Success - Forbes - January 10th, 2023 [January 10th, 2023]
- Industrialization 3.0 - How Technology, Wall Street, And The Government Can Help The US Win In A World Of Re-Industrialization - Forbes - January 10th, 2023 [January 10th, 2023]
- Connect with aspirational India through technology and work in interest of world: Anurag Thakur to NRIs - Economic Times - January 8th, 2023 [January 8th, 2023]