Biometric technologies—such as fingerprint scanners, facial recognition systems, and retina scans—are now commonplace in modern business operations. From employee timekeeping systems to facility security and customer-facing applications, these tools offer efficiency and convenience for many businesses. But these same conveniences have sparked backlash in the form of privacy litigation. In Illinois especially, companies are facing a surge of class-action lawsuits under the state’s Biometric Information Privacy Act (“BIPA”), a pioneering law that imposes strict requirements on the use of biometric data and hefty penalties for companies failing to adhere to the law. This trend is not confined to Illinois: a growing patchwork of similar laws in other states means that using biometrics without proper safeguards can expose companies nationwide to significant statutory damages and legal risks.
On January 16, 2024, New Jersey Governor Phil Murphy signed into law Senate Bill No. 332, “An Act concerning online services, consumers, and personal data” (“SB 332”). New Jersey is the fourteenth state to pass a comprehensive consumer privacy bill, and the obligations and rights created by SB 332 follow the format used in a growing number of states that have passed comprehensive consumer privacy laws.
Scope and Exemptions
SB 332 imposes obligations on “controllers” – entities or individuals that determine the purpose and means of processing personal data – that ...
Blog Editors
Recent Updates
- Watch: DOJ’s New Self-Disclosure Rules: Decide Fast or Lose the Credit – Speaking of Litigation
- AI Medical Technology Meets IP Law in Patent Infringement Suit
- DOJ Civil Division Announces Accelerated Review of FCA Whistleblower Complaints Involving Federally Funded, State-Administered Benefits Programs
- Washington Amends CEMA: Plaintiffs Rush to File Actions Before June 11, 2026 Effective Date
- Five Cases Health Care and Life Sciences GCs Should Keep Watching in 2026