August 4, 2021

Volume XI, Number 216

Advertisement

August 04, 2021

Subscribe to Latest Legal News and Analysis

August 03, 2021

Subscribe to Latest Legal News and Analysis

August 02, 2021

Subscribe to Latest Legal News and Analysis

Portland’s Facial Recognition Law: Impact on National Companies

Many have been watching facial recognition law developments closely, and saw that Portland became the first US city to regulate the use of such technology by private entities operating “places of public accommodation” within the city. Of particular concern for the Portland city council was the use potentially discriminatory use of these technologies, and its impact on “children, Black, Indigenous and People of Color, people with disabilities, immigrants, refugees, and other marginalized communities and local businesses.”

The ordinance applies to use of facial recognition technology in public places (like “lodgings, amusements, transportations”), but does not apply to private clubs, homes, or places of accommodation that are in their “nature distinctly private.” The ordinance provides for a private right of action, with the potential of $1,000 per day “for each day of violation.” Under the ordinance, public places of accommodation can only use facial recognition technologies for:

  1. User verification, when the user is accessing his or her own “personal or employee issued communication and electronic device”
  2. For “automatic face detection services in social media” apps
  3. To comply with the law

Unlike other laws that impact use of facial recognition technologies (Illinois’ biometric law), this ordinance is narrowly focused on “Face Recognition,” namely those technologies that help identify, verify, detect, or characterize the facial features of individuals based on their face.  Nevertheless, there has been much concern over the wording of the ordinance, given the narrow permitted uses of the technology and the broad definition of places of public accommodation. Several industry organizations and individual companies objected to the law, and some have indicated that they will be pushing for additional exemptions to the broad ban.

Putting it Into Practice: We will continue to monitor developments related to this ordinance. In the meantime, for national chains (hotels, restaurants, retailers) and others who have operations in Portland, especially those who have been moving towards increased use of touchless technologies in their interactions with customers and guests, they will want to keep this new ordinance’s requirements and restrictions in mind. For more on using facial recognition and artificial intelligence tools more generally, both the FTC’s recent decision in this space and our recent AI roundup provide suggestions.

Copyright © 2021, Sheppard Mullin Richter & Hampton LLP.National Law Review, Volume XI, Number 40
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Liisa Thomas, Sheppard Mullin Law Firm, Chicago, Cybersecurity Law Attorney
Partner

Liisa Thomas, a partner based in the firm’s Chicago and London offices, is Co-Chair of the Privacy and Cybersecurity Practice. Her clients rely on her ability to create clarity in a sea of confusing legal requirements and describe her as “extremely responsive, while providing thoughtful legal analysis combined with real world practical advice.” Liisa is the author of the definitive treatise on data breach, Thomas on Data Breach: A Practical Guide to Handling Worldwide Data Breach Notification, which has been described as “a no-nonsense roadmap for in-house and...

312-499-6335
Advertisement
Advertisement