Technology has provided a competitive edge in commerce and allowed businesses to seek new customers. But New York City’s biometrics privacy ordinance imposes limits on the use of biometric data collected from customers. This ordinance has important business and commercial law aspects for businesses in the city.
The ordinance took effect on July 9. It was enacted to give New Yorkers and visitors better protection on how businesses collect and use their data collection. It is also intended to discourage business from using technology that critics claim is discriminatory and ineffective.
Businesses that collect facial recognition, fingerprints and other biometric information must place conspicuous notices and signs at their doors containing information on how the data will be collected. Businesses may not sell, share, or profit from the biometric information they obtain.
Many types of businesses fall within the ordinance. These include retailers, stores, restaurants, and theaters.
Stiff fines may be imposed for violations. But the fines may be dropped if violations are quickly corrected.
The ordinance does not cover employees when they are providing fingerprints for clocking in and out of work. It also exempts government agencies and the police.
Portland, Oregon approved a similar ordinance in 2020. But New York’s ordinance is not as strict as other biometric laws in the country.
For example, Illinois’ Biometric Privacy Act gives state residents the right to sue for use of their biometric data without consent. This year, Facebook settled a class-action lawsuit filed by state residents in 2015 for $650 million. The lawsuit claimed that the social networking company used facial recognition to tag users in photographs without their permission.
There may be legal challenges on what constitutes a biometric which can change the scope of the coverage of the ordinance. Lawyers can assist businesses with understanding and complying with the ordinance and protecting their rights when investigated and charged for violations.