This audio is auto-generated. Please let us know if you have feedback.

The past few years catapulted retail into a digital transformation.

When shoppers were stuck indoors due to COVID-19 restrictions, retailers started investing more in digital strategies to grow sales and entice new buyers. While this meant expanding order pickup technology or creating a more user-friendly e-commerce site, it also meant a push toward augmented and virtual reality.

From trying on glasses and makeup using smartphones to creating more tech-enabled fitness equipment, brands continue to invest in the space.

This also means brands are finding new and varied ways of collecting and using consumer data  a fact shoppers are increasingly aware of.

Consumers want more transparency from companies about how personal data is used, according to Cisco’s consumer privacy survey of 2,600 adults across 12 countries, including the United States. The study found that privacy laws are mostly viewed favorably by consumers. That may be because respondents indicated they are very concerned about how personal information is used in artificial intelligence settings. 

When asked what they think is the most important action a company can take regarding data transparency, 39% of respondents said providing “clear information on how my data is being used” is the top priority, per Cisco. Of the 43% of those surveyed who said they are not able to protect their data effectively, 79% said this was because they can’t figure out how companies are actually using it.

U.S. state governments aren’t waiting for companies to make that information clearer either. 

In 2022 so far, two new state laws have already been signed regarding data privacy, according to the International Association of Privacy Professionals’ 2022 U.S. State Privacy Legislation Tracker, which was last updated on October 7. Three other state laws were signed between 2020 and 2021. Nine other state bills are active and nearly 50 are in inactive statuses across the country.

This indicates that state-level momentum for privacy bills is at an all-time high in the country, according to the IAPP. And tighter scrutiny comes just as companies like Walmart, Peloton and Snap are diving deeper into tech that has the potential to collect biometric identifiers.

It isn’t just new legislation that could impact how companies gather consumer information, as some existing laws are already changing the way brands use technology. One decade-old state law has put retailers in a unique spot, and has already taken multiple of them to court.

Welcome to Illinois

In 2008, a biometric privacy law was passed in Illinois that has recently thrown a wrench in brands’ plans.

The Biometric Information Privacy Act commonly known as BIPA  defines biometric data or identifiers as “a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry.” These characteristics are unique and specific to individuals, whereas more broad characteristics (such as having brown-colored eyes) can apply to many individuals.

The law was enacted nearly 15 years ago because “public welfare, security, and safety will be served by regulating the collection, use, safeguarding, handling, storage, retention, and destruction of biometric identifiers and information.” It also specified that while private information like social security numbers can be changed, biometric identifiers are tied to a person’s biology.

BIPA requires that private entities collecting biometric identifiers must inform people of its collection, the length of time such information is stored and receive a written release from a person to do so. It also states that entities cannot sell, trade or otherwise profit from the collected biometric information. 

The U.S. Department of Homeland Security defines biometric data more broadly as “unique physical characteristics, such as fingerprints, that can be used for automated recognition.”

BIPA outlines what it does not consider to be a biometric identifier as well, which includes information from written signatures to demographic data to donated organs.


Source link


Comments are closed.