Currently, only a handful of domestic laws directly regulate the collection and use of biometric data—such as fingerprints, voice prints, retina scans and facial scans. But that may soon change. Several state legislatures have bills pending which, if passed, would place robust requirements and limitations over private entities’ biometric practices. And many of these bills would go into effect immediately, giving covered entities little time to come in compliance before being subject to potentially significant liability.
One of those states awaiting biometric privacy legislation is Pennsylvania, which has introduced the proposed Consumer Data Privacy Act (CDPA) (H.B. 1049)—a broad consumer privacy law that encompasses the use of biometric data, much like the California Consumer Privacy Act of 2018 (CCPA). If enacted, the CDPA would directly implicate a wide swath of businesses that collect and use Pennsylvania residents’ biometric data; it would also create significant class action liability as soon as the bill is enacted.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]