June 4, 2023

Volume XIII, Number 155


June 03, 2023

Subscribe to Latest Legal News and Analysis

June 02, 2023

Subscribe to Latest Legal News and Analysis

Privacy & Information Security Law Blog

On May 18, 2023, the Federal Trade Commission issued a policy statement on “Biometric Information and Section 5 of the Federal Trade Commission Act.”  The statement warns that the use of consumer biometric information and related technologies raises “significant concerns” regarding privacy, data security, and bias and discrimination, and makes clear the FTC’s commitment to combatting unfair or deceptive acts and practices related to the collection and use of consumers’ biometric information and the marketing and use of biometric information technologies.

The statement provides a non-exhaustive list of examples of practices the FTC may scrutinize when assessing potential violations of Section 5 of the FTC Act involving biometric information or technologies, including:


  • False or unsubstantiated marketing claims relating to the validity, reliability, accuracy, performance, fairness or efficacy of technologies using biometric information

  • Deceptive statements about the collection and use of biometric information, including as to the extent of collection and use of biometric information and the implementation of biometric technologies


  • Failing to asses foreseeable harms to consumers before collecting biometric information

  • Failing to promptly address known or foreseeable risks, including identifying and implementing tools for reducing or eliminating those risks

  • Engaging in surreptitious and unexpected collection or use of biometric information

  • Failing to evaluate the practices and capabilities of third parties, including affiliates, vendors, and end users, who will be given access to consumers’ biometric information or will be charged with operating biometric information technologies

  • Failing to provide appropriate training for employees and contractors whose job duties involve interacting with biometric information or technologies that use such information

  • Failing to conduct ongoing monitoring of technologies that the business develops, offers for sale or uses in connection with biometric information to ensure that the technologies are functioning as anticipated and that the technologies are not likely to harm consumers

Copyright © 2023, Hunton Andrews Kurth LLP. All Rights Reserved.National Law Review, Volume XIII, Number 139

About this Author

In today’s digital economy, companies face unprecedented challenges in managing privacy and cybersecurity risks associated with the collection, use and disclosure of personal information about their customers and employees. The complex framework of global legal requirements impacting the collection, use and disclosure of personal information makes it imperative that modern businesses have a sophisticated understanding of the issues if they want to effectively compete in today’s economy.

Hunton Andrews Kurth LLP’s privacy and cybersecurity practice helps companies manage data and...

212 309 1223 direct