December 2024

State Updates

 

State laws on the use of biometric technology

10/16/20

Author: ADP Admin/Friday, October 9, 2020/Categories: Compliance Corner , State Compliance Update, Illinois

Some states regulate the collection, use and disclosure of biometric data, which may include the data collected by finger- or hand-scanning time clocks. The following is a brief description of some of these state laws. Please read on to help ensure that your company is staying compliant.


Illinois

 

To date, the law with the broadest reach is the Illinois Biometric Information Privacy Act (BIPA). BIPA requires that companies in possession of biometric data develop a written policy, made available to the public, establishing a retention schedule and guidelines for permanently destroying biometric data within a certain period of time. It also requires that companies make certain disclosures and obtain a written release before collecting and storing biometric data, and that they use a certain standard of care to store, transmit and protect the data from disclosure.

 

Courts have not yet determined whether BIPA applies to the data collected by biometric time clocks. But given the risk that BIPA could be found to apply, and the number of lawsuits that have been filed, we previously provided you with information about BIPA’s requirements and other helpful materials.

ADP® offers the following resources to help you comply with the requirements of BIPA:

o   A sample notice/written release to be used before enrolling an employee in the time clock

o   A sample retention and destruction policy

o   Information on how to destroy biometric data collected and stored by the time clock. You should purge data when it is no longer needed (e.g., when an employee is no longer employed or moves to a position that no longer requires use of a time clock). You should also notify ADP that any biometric data on ADP’s systems should be purged.

 

All of these materials are included in the Employer Toolkit.

 


California


It is a misdemeanor under California law to require an employee or applicant, as a condition of obtaining or securing employment, to provide fingerprint for the purpose of furnishing that information to a third party, and “these…fingerprints could be used to the detriment of the employee or applicant.”

 

In addition, the California Consumer Privacy Act (CCPA) applies to the collection, use, and retention of biometric data. Certain provisions of the CCPA apply to biometric time clocks used to collect employee biometric data, including, among other things, the requirement that, before such collecting biometric data, a business must disclose what information is being collected and the purpose of that collection.

 

New York

 

Under New York law (New York State Labor Law Section 201-a), employers may not require employees to be fingerprinted as a condition of securing or continuing employment, except as otherwise provided by law. While the New York State Department of Labor has interpreted this law to prohibit employers from requiring employees to use finger-scanning technology, employers may request that employees use the technology on a purely voluntary basis.

 

Texas

 

Texas law (Tex. Bus. & Com. Code Ann. §503.001) requires that companies obtain consent before collecting “biometric identifiers” for a “commercial purpose.” It also imposes specific requirements on how such biometric identifiers may be stored and used and when they must be destroyed. The law does not define “commercial purpose.”


On the horizon


Both the federal government and other states are considering laws that will regulate biometric information. ADP is here to help you stay on top of relevant legal developments where the law is fluid and unsettled.

 

In the attached Employer Toolkit, we’ll share some tips and best practices for you to consider if using biometric technology.

 

If you have any questions, please reach out to your HR Business Partner.

 

Number of views (3882)/Comments (0)

Tags: 10/16/20

Recent State Updates

 

© Copyright 2016 ADP LLC. 10200 Sunset Drive | Miami, FL 33173

The ADP logo, ADP, ADP TotalSource and a more human resource. are registered trademarks of ADP, LLC. All other trademarks and service marks are the property of their respective owners.