What Is BIPA?
BIPA stands for the Biometric Information Privacy Act, which is active in the state of Illinois. It’s purpose is to protect the privacy and integrity of Biometric data that could be potentially exploited. This data includes retina scans, iris scans, fingerprints, voiceprint, and scans of the face or hands.
In short, Biometric data is any information that could serve as identifiers for individuals. However, to qualify for BIPA it must be Biometric, the regulation doesn’t cover photographs for instance. Under BIPA a private entity cannot collect, capture, purchase, or receive any Biometric data without first obtaining the right permissions.
What Does the Act Cover?
BIPA covers an individual’s right to their Biometric data in the state of Illinois and this IT company in Bloomington. If a company or private entity wants to collect, purchase, or trade Biometric data such as retina scans, fingerprints, or voice scans, they must first notify the individual and obtain their permission.
Permissions can be given in writing. The private entity must inform the individual that their Biometric data is being collected or stored, or that their Biometric information is being used for a specific purpose. In order to continue collecting or storing this data the private entity must receive written consent from that individual.
How Does It Affect Cybersecurity?
You would think that cybersecurity would become simpler and more formidable as technology improves, but conversely, it seems to get more complex. There is a continual struggle between companies and cybercriminals to gain the upper hand, now Biometric information is in the mix.
There is a need to maintain privacy for individuals, particularly when it comes to Biometric data. This is why BIPA has been introduced and is making an impact. But there is also a need for companies to use Biometric data to protect the privacy and security of individuals. Of course, there is always a risk these companies will be hacked and valuable Biometric data will be lost.
Finding the balance between these dynamics is the challenge of the coming years. The introduction of BIPA certainly helps as it provides individuals with more autonomy and returns the power of data handling back into their hands.
What Precautions Should Businesses Take?
When it comes to data handling, modern businesses need to be sharp. The BIPA legislation has already won several cases in the Illinois area where companies have infringed on the rights of consumers. To ensure that businesses are on the right side of the regulation, its principles need to be fully understood and adhered to. This can be done with regular training and reviews.
What’s the Impact of the BIPA on Consumers?
The impact on consumers may be two-fold. Initially there will be very little difference and in some ways services and security may improve. Because consumers now have more autonomy over their data, however, they will also have more choices and decisions to make. Giving consent for data and responding to company requests will be part of the changing consumer driven landscape of the near future.