CONTRIBUTOR

Shook, Hardy & Bacon L.L.P.

ARTICLE

United States: California Adds Biometric Restrictions To Data-Breach Law, Potentially Creating A De Facto Biometric Privacy Law

01 October 2019

by Alfred Saikali , Colman McCarthy , Kate Paine , Benjamin M. Patton and Lischen P. Reeves

Shook, Hardy & Bacon L.L.P.

To print this article, all you need is to be registered or login on Mondaq.com.

Subject to the governor’s signature, California’s breach-notification law will gain additional requirements related to biometric information due to the passage of AB 1130. The bill adds “unique biometric data” to the definition of personal information where that data is generated from measurements or analysis of body characteristics for authentication purposes. Going forward, notices for breaches involving biometric data must include instructions on how to notify third parties to no longer rely on the compromised data for authentication purposes.

TAKEAWAY

This change, in combination with the California Consumer Privacy Act’s (CCPA’s) private right of action, may create a de facto biometric privacy law in California that allows for a private right of action where there is unauthorized disclosure of biometric information (e.g., a merchant/employer sharing biometric information with a third-party provider) and a lack of policies and procedures governing biometric information.

Read more in the full September issue of the Privacy and Data Security Client Alert.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

AUTHOR(S)

Alfred Saikali

Shook, Hardy & Bacon L.L.P.

Colman McCarthy

Shook, Hardy & Bacon L.L.P.

Kate Paine

Shook, Hardy & Bacon L.L.P.

Benjamin M. Patton

Shook, Hardy & Bacon L.L.P.

Lischen P. Reeves

Shook, Hardy & Bacon L.L.P.

ARTICLE TAGS

United States Privacy Privacy Protection

POPULAR ARTICLES ON: Privacy from United States

RELATED CONTENT

FREE News Alerts

Sign Up for our free News Alerts - All the latest articles on your chosen topics condensed into a free bi-weekly email.

Article Tags

United States Privacy Privacy Protection

Related Articles

New Jersey Adopts A Comprehensive Data Privacy Law Mintz

Illinois BIPA Legislative Update Regarding Damages Seyfarth Shaw LLP

CISA Publishes Proposed Rule For Cyber Reporting Bass, Berry & Sims

Minutes On The Matter With Daniel Cotter: History Of The Biometric Information Privacy Act (Video) Dickinson Wright PLLC

New Federal Privacy Bill Gains Momentum Klein Moynihan Turco LLP

Mondaq Webinars

APR24

Mastering Mediation & Arbitration: Strategies for Navigating the Rising Tide of Privacy Class Action Lawsuits

APR25

Canadian Employment Law: Updates and Emerging Trends in Employment

McCarthy Tétrault LLP

Comparative Guides

Anti-Corruption & Bribery

Artificial Intelligence

Aviation Finance

Aviation Regulation

Banking Regulation

Mondaq Advice Centres

United States

Advertising and Marketing

United States

Telemarketing

United States

COVID-19

Global

Trademarks in SAARC Countries

United States

International Trade Law & Customs

Curated Content

Can, And Should, The U.S. Government Develop A CBDC System?
Braumiller Law Group, PLLC

Upcoming Events

APR24

Legal Perspective: Data Privacy Considerations Within Medical Information Operations

Speaking Engagement Boston United States

OCT23

ICSC+U.S. Law Conference 2024

Davis+Gilbert LLP

Conference Orlando United States

More filters

Mondaq Social Media

© Mondaq® Ltd 1994 - 2024. All Rights Reserved.

Please to Mondaq or for unlimited free access and a complimentary news alert

|

|

|

|