On July 9, the New York City biometric data protection law entered into force with anticipated impacts on local businesses and restaurants, many of which still address COVID-19 health and safety protocols. The law requires certain businesses to post formal notices if they collect biometric data, and it expressly prohibits them from using such data for transactional purposes. The law also creates a private right of action enabling aggrieved parties to collect statutory damages — ranging from $500 to $5,000 — per violation. Interestingly, the New York general assembly considers a state-wide biometric privacy law (Assembly Bill 27), which contains more onerous requirements than the local New York City biometric law and has a private right of action for noncompliance. Thompson Hine Partner Steven Stransky, CIPP/G, CIPP/US, takes a look at the ins and outs of the new biometric law.
Full Story
Josephine Law, FIP, CIPP/US, CIPM
Senior IT Risk Analyst, Information Security and Assurance | Fordham University A Certified Information Privacy Professional/United States (CIPP/US) and Privacy Manager (CIPM) privacy professional who is a versatile and creative writer, fusing a background in communications and academics with expertise in business writing to deliver quality, customized material spanning technical, marketing, policy, and social media content. Creative, resourceful, and flexible, able to adapt to changing priorities and maintain a positive attitude, strong work ethic, and humor.