May 17, 2022

Volume XII, Number 137

Advertisement
Advertisement

May 16, 2022

Subscribe to Latest Legal News and Analysis
Advertisement

Data Privacy, Security Considerations in Multi-Residence Buildings

New data privacy and security concerns arise as multi-unit residential buildings implement new technologies to manage access, strengthen security, regulate compliance with internal policies and legal requirements, and improve the resident experience, and New York City and other jurisdictions are attempting to address them.

Examples of data privacy and security risks in this area abound. For instance, many newer (or newly updated) residential buildings utilize “smart access” systems to identify and grant access to residents and guests based on their biometric identifiers (e.g., fingerprints or facial geometry) or their possession of a key card or fob. Although these systems are convenient for residents and building management, condominium and cooperative boards, property owners, and property management companies must be mindful of the data privacy and security-related concerns that may arise in the jurisdictions in which the properties are located.

New York City has passed the Tenant Data Privacy Act, imposing rigorous data privacy and security obligations on the owners of “smart access” buildings. Additionally, a growing number of jurisdictions have laws on their books regulating the collection and use of biometric information. For instance, Portland (Oregon) and Baltimore County have passed laws banning the use of facial recognition technology. Further, a number of states, including California, Illinois, New York, Texas, and Washington, regulate the collection and use of biometric information more broadly. Biometric information also qualifies as personally identifiable information under the data breach notification and reasonable safeguard laws in many states.

Condominium and cooperative boards, property owners, property management companies, and others should regularly consider the potential data privacy and security risks when installing and authorizing residents to use new technologies that collect and utilize resident data.

Key considerations:

  1. What data is being collected?

  2. Is notice and/or consent required in connection with such collection?

  3. Is the data being stored and, if so, for how long, for what purpose, and have appropriate data security safeguards been implemented?

  4. Have internal policies been implemented, and training provided, to ensure proper management of the data?

  5. Is the data shared with third parties and, if so, are appropriate contractual protections in place?

As organizations like condominium and cooperative boards, property owners, and property management companies collect more and more data from their residents, it is critical to take proactive steps to assess their compliance with applicable data privacy and security laws.

Jackson Lewis P.C. © 2022National Law Review, Volume XI, Number 355
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Damon Silver, Employment Lawyer, Corporate Matters, Jackson Lewis
Associate

Damon W. Silver is an Associate in the New York City, New York, office of Jackson Lewis P.C.

In his Privacy, e-Communication and Data Security practice, Mr. Silver advises clients in various industries on compliance with federal and international privacy laws, including HIPPA, the ADA, GINA, FMLA, the TCPA, FCRA, and the EU-U.S. Privacy Shield. He also provides guidance to organizations on data breach prevention and response. 

In the area of employment litigation, Mr. Silver defends...

212-545-4063
Delonie A. Plummer Privacy Attorney Jackson Lewis Law Firm White Plains, New York
Associate

Delonie A. Plummer is an Associate in the White Plains, New York, office of Jackson Lewis P.C. Her practice focuses on representing employers in workplace law matters, including preventive advice and counseling. 

In her Privacy, Data and Cybersecurity practice, Ms. Plummer counsels employers on compliance with federal and state privacy laws, in addition to data breach prevention and response.

While attending law school, Ms. Plummer served as a Senior Associate of the Pace International...

914-872-6923
Advertisement
Advertisement
Advertisement