Biometric technologies—such as fingerprint scanners, facial recognition systems, and retina scans—are now commonplace in modern business operations. From employee timekeeping systems to facility security and customer-facing applications, these tools offer efficiency and convenience for many businesses. But these same conveniences have sparked backlash in the form of privacy litigation. In Illinois especially, companies are facing a surge of class-action lawsuits under the state’s Biometric Information Privacy Act (“BIPA”), a pioneering law that imposes strict requirements on the use of biometric data and hefty penalties for companies failing to adhere to the law. This trend is not confined to Illinois: a growing patchwork of similar laws in other states means that using biometrics without proper safeguards can expose companies nationwide to significant statutory damages and legal risks.
On January 16, 2024, New Jersey Governor Phil Murphy signed into law Senate Bill No. 332, “An Act concerning online services, consumers, and personal data” (“SB 332”). New Jersey is the fourteenth state to pass a comprehensive consumer privacy bill, and the obligations and rights created by SB 332 follow the format used in a growing number of states that have passed comprehensive consumer privacy laws.
Scope and Exemptions
SB 332 imposes obligations on “controllers” – entities or individuals that determine the purpose and means of processing personal data – that ...
Blog Editors
Recent Updates
- Can Silence Stop the Clock? How Secrecy May Allow Plaintiffs to Toll the Sherman Act’s Four-Year Statute of Limitations
- Discovery Pitfalls in the Age of AI
- Is the Deal Done? Litigation After Mergers and Acquisitions – Speaking of Litigation Video Podcast
- Eleventh Circuit Clarifies: Discovery Materials Can Be Used to Meet Rule 9(b)
- Biometric Backlash: The Rising Wave of Litigation Under BIPA and Beyond