Biometric technologies—such as fingerprint scanners, facial recognition systems, and retina scans—are now commonplace in modern business operations. From employee timekeeping systems to facility security and customer-facing applications, these tools offer efficiency and convenience for many businesses. But these same conveniences have sparked backlash in the form of privacy litigation. In Illinois especially, companies are facing a surge of class-action lawsuits under the state’s Biometric Information Privacy Act (“BIPA”), a pioneering law that imposes strict requirements on the use of biometric data and hefty penalties for companies failing to adhere to the law. This trend is not confined to Illinois: a growing patchwork of similar laws in other states means that using biometrics without proper safeguards can expose companies nationwide to significant statutory damages and legal risks.
On January 16, 2024, New Jersey Governor Phil Murphy signed into law Senate Bill No. 332, “An Act concerning online services, consumers, and personal data” (“SB 332”). New Jersey is the fourteenth state to pass a comprehensive consumer privacy bill, and the obligations and rights created by SB 332 follow the format used in a growing number of states that have passed comprehensive consumer privacy laws.
Scope and Exemptions
SB 332 imposes obligations on “controllers” – entities or individuals that determine the purpose and means of processing personal data – that ...
Blog Editors
Recent Updates
- Term Begins with Easy Unanimity, a Condition Soon to Be Forgotten - SCOTUS Today
- Service and Justice: Veterans in Law – Speaking of Litigation Video Podcast
- Sixth Circuit Says It Again: Outside Counsel’s Internal Investigations Are Privileged and Protected from Disclosure
- Eleventh Circuit Allows Qui Tam Relators to Avoid Complaint Dismissal by Using Information Obtained in Discovery
- EDPA Strengthens Its Approach to White-Collar Enforcement