Biometrics are Subject to Privacy Protection

October 24, 2022

Privacy is one of those topics that causes senior leadership to glaze over and lose focus. And yet, the stakes for not treating personal data correctly could not be higher. In case the definition of what comprises personal information isn’t dizzying enough, enter biometrics. Your fingerprints, iris, palm prints and facial characteristics are all biometrics and a part of your personal data.

Illinois’s Biometric Information Privacy Act has led to some harsh lessons on the importance of the proper collection and handling of fingerprints and other biometric data. When a jury awarded $228 million from railroad giant BNSF Railway Co. to truck drivers whose fingerprints were scanned without proper consent, it highlighted how important it is for organizations to align how they are capturing biometric capture with their privacy compliance programs.

Processes like security access control system intended to restrict access to secure facilities or using facial recognition to unlock an app on a smartphone are no different than collecting someone’s social security number when it comes to the need to obtain consent, provide notice and properly secure and store biometric information. It starts with an organization’s training and raising awareness on the importance of data privacy and the potentially devastating consequences of privacy violations.

Like many categories of compliance, it is important to have a clear understanding of the risks that are nuanced to the organization in order to mitigate those risks, In data privacy, its about what personal data is being collected, from whom, why it is being collected, what rights to these individuals have and what steps the organization is taking to secure it.

Once that information has been gathered and examined in detail, it can then be assimilated into the privacy compliance program. Like most categories of compliance, communication and training is central to the goal of the program taking root and influencing organizational behavior. Many compliance programs give short shrift to training and communications on privacy compliance. In order for a compliance program to be effective, it’s key messages need to be communicated clearly, through a variety of communication channels and frequently in order for those messages to have any positive impact on behaviors.

Read Also

Chasing Bernie’s Billions: Inside the Most Successful Asset Recovery Effort in History

On December 11th, 2008 Bernie Madoff was arrested by the FBI in his Manhattan home and criminally charged with a multi-million-dollar securities fraud scheme. So began the most comprehensive and successful financial investigation and asset search in history. The Securities Investor Protection Corporation (“SIPC”) Trustee and Baker Hostetler have continued their tireless search for […]

Cross Border Investigations and Ethical Culture

In organizations with a strong ethical culture, cross border investigations tend to go easier than in dysfunctional organizations. Whether your organization is amongst the World’s most ethical or riddled with dysfunction, cross-border investigations are challenging either way. Global organizations are a microcosm of the countries and cultures in which they operate, and understanding customs, language, […]

Money Laundering is a Crime … but for some, it is also an Occupation

Most money laundering charges have to do with the criminals routinely transacting their criminal proceeds which in its simplest form is: Anyone who “knowingly” uses or attempts to use the proceeds of “specified unlawful activity” in a “financial transaction” with intent to “promote the carrying on of specified unlawful activity” or “to conceal or disguise […]

Biometrics are Subject to Privacy Protection

Read Also

Chasing Bernie’s Billions: Inside the Most Successful Asset Recovery Effort in History

Cross Border Investigations and Ethical Culture

Money Laundering is a Crime … but for some, it is also an Occupation

Leave a comment Cancel reply

Contact