Biometric Litigation
DE Under 3: FTC Enters the Biometric Privacy Protection Conversation
Digital Planning Podcast Episode: Understanding Biometrics and the Impact on Estate Planning
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
Podcast: BIPA Trends in 2022
Immigration Insights Podcast: International Entrepreneur Parole Program & Biometrics Requirement
JONES DAY PRESENTS® The Impact of Digital Health on Research and Clinical Trials
#BigIdeas2020: Facial Recognition Technology and Employer Compliance - Employment Law This Week® - Trending News
5 Key Takeaways | Biometrics: Identifying and Mitigating Legal Risks
On June 22, 2025, Texas enacted the Texas Responsible Artificial Intelligence Governance Act (“TRAIGA”), putting it at the forefront of state-level AI regulation in the United States. TRAIGA becomes effective January 1, 2026....more
On February 10, 2025, the first class action complaint was filed under Washington state’s My Health My Data Act (“MHMDA”), over a year after the law was passed. See Maxwell v. Amazon.com, Inc. et al., Case No. 2:25-cv-261...more
After Washington adopted the My Health My Data Act (MHMDA) almost two years ago, we and others predicted that the law would lead to a wave of private lawsuits against companies operating in or adjacent to the health space....more
On December 6, 2024, the Colorado Attorney General’s Office notified the public that it adopted the updated Colorado Privacy Act (CPA) Rules, as a follow-up to the amendments to the CPA made earlier in the year (collectively,...more
Legislators and regulators across the European Union (EU) and the United Kingdom (UK) are intensifying efforts to enhance the protection of minors online, responding to growing concerns about children's safety in the digital...more
On January 8, 2025, the Department of Justice (“DOJ”) published its Final Rule to implement President Biden’s Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States...more
The Colorado AG’s office adopted draft amendments to the Colorado Privacy Act rules last month. The adopted draft reflected input from the public to AG’s September 2024 version and addresses three key issues. First, on...more
2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more
On Friday, December 27, 2024, the Justice Department issued a final rule to address “urgent national security risks posed by access to U.S. sensitive personal and government-related data from countries of concern and covered...more
The Digital Personal Data Protection Act (DPDPA) is a landmark piece of legislation that has reshaped the regulatory environment for data privacy in India. With its stringent requirements, the DPDPA presents new challenges...more
The federal government is the biggest purchaser in America and that extends to the SaaS space. On September 24, 2024, the Office of Management and Budget (OMB) released Memorandum M-24-18, offering updated guidelines for the...more
Our Privacy, Cyber & Data Strategy Team highlights 11 common questions your company’s senior executives may have about the European Union’s Artificial Intelligence Act and how you can answer them....more
On May 31, 2024, Colorado enacted H.B. 24-1130, an amendment to the Colorado Privacy Act (CPA) regarding the use of biometric information (the “Biometric Amendment”). The Biometric Amendment, effective July 1, 2025, requires...more
With state privacy laws continuing to increase, will the federal American Privacy Rights Act be adopted? Over 18 states have now enacted comprehensive state privacy laws, three of which go into effect on July 1, 2024, in...more
On May 31, 2024, Governor Jared Polis signed into law Colorado House Bill 24-1130 (HB 1130), amending the Colorado Privacy Act (the CPA) to impose new requirements on controllers that process biometric data. The amendments go...more
Recent U.S. developments indicate a growing focus on regulating and investigating the data privacy practices of companies in the automotive sector. The Federal Trade Commission (FTC) recently highlighted in a blog post its...more
On May 21, 2024, the European Union finalized the adoption of the groundbreaking EU Artificial Intelligence Act, a comprehensive and sector-agnostic legislation that extends globally. This 420-page Act aims to regulate the...more
The European Parliament formally adopted the EU Artificial Intelligence Act (AI Act), a first-of-its-kind comprehensive regulation governing the use of artificial intelligence (AI), on March 13, 2024. While applicable to a...more
In late April, Colorado took a major step toward adding further complexity to the already fragmented U.S. biometrics legal landscape with the passage of HB 1130. The bill, which amends the Colorado Privacy Act (CPA), is...more
Pursuant to President Biden’s October 2023 executive order on AI, in March 2024 the Office of Management and Budget issued a memorandum directing the use of AI by federal agencies. Among other provisions, the memorandum...more
This post is part of a series of articles we are doing on 2023 data protection litigation trends. Since its enactment in 2008, Illinois’s Biometric Information Privacy Act (BIPA) has produced a wave of privacy-related...more
The Federal Trade Commission (FTC) recently published a post on their Business Guidance Blog discussing lessons learned from three enforcement actions against sellers of genetic testing products. These guidelines address...more
On January 5, 2024, the Federal Trade Commission (FTC) published an article discussing privacy issues related to the DNA information that many consumers provide to genetic testing companies. This post outlines key takeaways...more
On December 8, 2023, EU policymakers reached an agreement on the Artificial Intelligence Act (AI Act). As a standard-bearer for global digital and data governance, the EU has been setting regulatory benchmarks on emerging...more
Most employers operating in Illinois are (or should be) aware of Illinois' stringent Biometric Information Protection Act (BIPA). As we have written about previously, BIPA’s requirements are exacting, and BIPA plaintiffs do...more