Biometric Litigation
DE Under 3: FTC Enters the Biometric Privacy Protection Conversation
Digital Planning Podcast Episode: Understanding Biometrics and the Impact on Estate Planning
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
Podcast: BIPA Trends in 2022
Immigration Insights Podcast: International Entrepreneur Parole Program & Biometrics Requirement
JONES DAY PRESENTS® The Impact of Digital Health on Research and Clinical Trials
#BigIdeas2020: Facial Recognition Technology and Employer Compliance - Employment Law This Week® - Trending News
5 Key Takeaways | Biometrics: Identifying and Mitigating Legal Risks
On August 11, 2025, the Office of the Privacy Commissioner of Canada ("OPC") issued two sets of guidance for processing of individual's biometric data: one for federal institutions and one for private businesses. Below we...more
The Connecticut Governor signed SB 1295 into law on June 25, 2025, again amending the Connecticut Data Privacy Act (CTDPA). This round of amendments significantly expands the applicability of the law by lowering data...more
In July 2025, a 4chan user posted a simple Python script. Within hours, thousands of women’s driver’s licenses, selfies, and intimate conversations were spreading across the dark corners of the internet. The source? An app...more
On July 16, 2025, various legal reforms were published in the Federal Official Gazette, modifying the framework of identity, security, and administrative management in Mexico. These reforms seek to establish a unified digital...more
In recent comments, Commissioner Holyoak signaled that the Federal Trade Commission will prioritize enforcement of the Protecting Americans’ Data from Foreign Adversaries Act (PADFAA), a law that empowers the FTC to police...more
The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more
This monthly report outlines key developments in China’s data protection sector for July. The following events merit special attention: CAC Issues Third Edition of the Data Export Security Assessment Application Guide: On...more
In this Privacy, Cyber & AI Decoded alert, we cover Colorado’s Biometric Identifier Requirements, Delaware’s Data Protection Assessment Requirement, Minnesota’s new comprehensive privacy law going into effect, Tennessee’s...more
Vermont recently adopted the Vermont Age-Appropriate Design Code Act, which goes into effect on January 1, 2027. The law is enforceable by the Vermont Attorney General as an unfair or deceptive act or practice. The Attorney...more
Starting July 9, 2025, the U.S. Department of Justice will begin enforcing its new “Bulk Sensitive Data Rule,” a sweeping regulation aimed at restricting the transfer and storage of sensitive U.S. personal and...more
Montana recently amended its privacy law through Senate Bill 297, effective October 1, 2025, strengthening consumer protections and requiring businesses to revisit their privacy policies that apply to citizens of Montana....more
Following the Federal Trade Commission’s decision in December 2023 to ban Rite Aid from using AI facial recognition, it has become crystal clear that U.S. regulators expect a risk assessment when a retailer uses facial...more
Texas AG Ken Paxton announced a settlement in principle with Google LLC to resolve allegations of data privacy and security violations. The settlement will resolve lawsuits filed by Texas against Google for allegedly...more
Long maligned as innovation-shy, litigation practices are deploying emerging artificial intelligence technologies at a rapid rate. Technology’s ability to instantly synthesize and draw useful conclusions from large amounts of...more
Comprehensive state privacy laws often task a state regulator to promulgate accompanying regulations that clarify the law’s requirements and to enforce the law by providing further guidance through its enforcement actions....more
On February 10, 2025, a Washington state resident filed a lawsuit on behalf of herself and similarly situated individuals against Amazon under the Washington My Health My Data Act (MHMD). This is the first lawsuit brought...more
On January 17, the District of Columbia Circuit issued a pivotal opinion regarding the Fifth Amendment rights of a defendant-appellant compelled by the FBI to unlock his cellphone using his thumbprint. The D.C. Circuit’s...more
In December 2023, the Federal Trade Commission (FTC) proposed changes to the Children’s Online Privacy Protection Act (COPPA) Rule to address the increasing use and monetization of children’s data online. The COPPA Rule,...more
We are back for our sixth year of tracking proposed state privacy legislation and fifth year of providing weekly updates. As in past years, we will track proposed state privacy legislation through these weekly updates and our...more
As we enter the New Year, Wiley is looking ahead to the top privacy developments and trends to watch in 2025. On the state side, 2025 kicked off with several new privacy laws going into effect in January, and states continue...more
2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more
As the year comes to a close here are some of the highlights from the Workplace Privacy, Data Management & Security Report with our most popular topics and posts from 2024. Expanding State Privacy Laws- This year saw a...more
Earlier this month, after the conclusion of the public comment period, the Colorado Department of Law adopted amendments to the Colorado Privacy Act (CPA), which grants rights to Colorado consumers concerning their personal...more
The Colorado Department of Law adopted new regulations governing the collection and use of biometric identifiers and information about those under the age of 18 and put in place a new mechanism through which businesses can...more
The Department of Justice (DOJ) has proposed a significant restriction on cross-border transfers of sensitive personal data to designated “countries of concern.” The goal is to address national security risks posed by...more