Regulating Facial Processing Technologies: Tensions Between Legal and Technical Considerations in the Application of Illinois BIPA

05/15/2022
by   Rui-Jie Yew, et al.
0

Harms resulting from the development and deployment of facial processing technologies (FPT) have been met with increasing controversy. Several states and cities in the U.S. have banned the use of facial recognition by law enforcement and governments, but FPT are still being developed and used in a wide variety of contexts where they primarily are regulated by state biometric information privacy laws. Among these laws, the 2008 Illinois Biometric Information Privacy Act (BIPA) has generated a significant amount of litigation. Yet, with most BIPA lawsuits reaching settlements before there have been meaningful clarifications of relevant technical intricacies and legal definitions, there remains a great degree of uncertainty as to how exactly this law applies to FPT. What we have found through applications of BIPA in FPT litigation so far, however, points to potential disconnects between technical and legal communities. This paper analyzes what we know based on BIPA court proceedings and highlights these points of tension: areas where the technical operationalization of BIPA may create unintended and undesirable incentives for FPT development, as well as areas where BIPA litigation can bring to light the limitations of solely technical methods in achieving legal privacy values. These factors are relevant for (i) reasoning about biometric information privacy laws as a governing mechanism for FPT, (ii) assessing the potential harms of FPT, and (iii) providing incentives for the mitigation of these harms. By illuminating these considerations, we hope to empower courts and lawmakers to take a more nuanced approach to regulating FPT and developers to better understand privacy values in the current U.S. legal landscape.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
02/21/2021

Detecting Compliance of Privacy Policies with Data Protection Laws

Privacy Policies are the legal documents that describe the practices tha...
research
07/14/2018

Eavesdropping Whilst You're Shopping: Balancing Personalisation and Privacy in Connected Retail Spaces

Physical retailers, who once led the way in tracking with loyalty cards ...
research
10/06/2022

Exploring the Relationships between Privacy by Design Schemes and Privacy Laws: A Comparative Analysis

Internet of Things (IoT) applications have the potential to derive sensi...
research
05/27/2020

Towards an Open Platform for Legal Information

Recent advances in the area of legal information systems have led to a v...
research
11/26/2021

A Proposal for Amending Privacy Regulations to Tackle the Challenges Stemming from Combining Data Sets

Modern information and communication technology practices present novel ...
research
12/21/2022

PABAU: Privacy Analysis of Biometric API Usage

Biometric data privacy is becoming a major concern for many organization...
research
10/22/2019

Formalizing Privacy Laws for License Generation and Data Repository Decision Automation

In this paper, we summarize work-in-progress on expert system support to...

Please sign up or login with your details

Forgot password? Click here to reset