News and Analysis of Artificial Intelligence Technology Legal Issues

Distributed Artificial Intelligence Systems, Edge Computing, and the Extraterritoriality Doctrine: Testing the Reach of State Privacy Laws

In Patel v. Facebook, a three-judge panel of the U.S. Court of Appeals for the 9th Circuit affirmed a decision by the U.S. District Court for the Northern District of California granting class certification to users of Facebook who alleged that Facebook’s collecting and storing of their face scans using facial recognition technology violated Illinois’s Biometric Information Privacy Act (“BIPA”). In doing so, the panel, based in San Francisco, relied on BIPA’s legislative history to conclude that, “it is reasonable to infer that the [Illinois] General Assembly contemplated BIPA’s application to individuals who are located in Illinois, even if some…

Image of web cam pointed at interviewee

Does Illinois’ Artificial Intelligence Video Interview Bill Fully Address Biometric Data Privacy Concerns?

Developers of artificial intelligence-based video interviewing systems promote their technology as one that helps human resource professionals on-board new talent faster, less expensively, and with greater insight compared to traditional human-only interviewing techniques. They also contend that their systems can avoid some of the potential implicit biases that may appear before, during, and after interviews, thus reducing risks to companies while leveling the playing field for qualified job applicants. But because those AI system have the potential to collect, store, and use data reflecting a job candidate’s face and voice, lawmakers in Illinois passed the Artificial Intelligence Video Interview Act…

Woman's face with landmarks used in facial recognition

Congress, States Introduce New Laws for Facial Recognition, Face Data – Part 2

In Part I, new proposed federal and state laws governing the collection, storage, and use of face (biometric) data in connection with facial recognition technology were described.  If enacted, those new laws would join Illinois’ Biometric Information Privacy Act (BIPA), California’s Consumer Data Privacy Act (CCPA), and Texas’ “biometric identifier” regulations in the governance of face-related data.  It is reasonable for businesses to assume that other state laws and regulations will follow, and with them a shifting legal landscape creating uncertainty and potential legal risks.  A thoughtful and proactive approach to managing the risks associated with the use of facial…

Woman's face with landmarks used in facial recognition

Congress, States Introduce New Laws for Facial Recognition, Face Data – Part I

Companies developing artificial intelligence-based products and services have been on the lookout for laws and regulations aimed at their technology.  In the case of facial recognition, new federal and state laws seem closer than ever.  Examples include Washington State’s recent data privacy and facial recognition bill (SB 5376; recent action on March 6, 2019) and the federal Commercial Facial Recognition Privacy Act of 2019 (S. 847, introduced March 14, 2019).  If enacted, these new laws would join others like Illinois’ Biometric Information Privacy Act (BIPA) and California’s Consumer Privacy Act (CCPA) in governing facial recognition systems and the collection, storage,…

A judge's gavel with "State Legislators" on handle

Legislators, Stockholders, Civil Right Groups, and a CEO Seek Limits on AI Face Recognition Technology

Following the tragic killings of journalists and staff inside the Capital Gazette offices in Annapolis, Maryland, in late June, local police acknowledged that the alleged shooter’s identity was determined using a facial recognition technology widely deployed by Maryland law enforcement personnel.  According to DataWorks Plus, the company contracted to support the Maryland Image Repository System (MIRS) used by Anne Arundel County Police in its investigation, its technology uses face templates derived from facial landmark points extracted from image face data to digitally compare faces to a large database of known faces.  More recent technology, relying on artificial intelligence models, have…

In Your Face Artificial Intelligence: Regulating the Collection and Use of Face Data (Part II)

The technologies behind “face data” collection, detection, recognition, and affect (emotion) analysis were previously summarized. Use cases for face data, and reported concerns about the proliferation of face data collection efforts and instances of face data misuse were also briefly discussed. In this follow-on post, a proposed “face data” definition is explored from a governance perspective, with the purpose of providing more certainty as to when heightened requirements ought to be imposed on those involved in face data collection, storage, and use.  This proposal is motivated in part by the increased risk of identity theft and other instances of misuse…