ipopba - stock.adobe.com

FTC warns businesses about biometric information use

The Federal Trade Commission said businesses will be held accountable for the way they use consumers' biometric information.

Listen to this article. This audio was generated by AI.

The Federal Trade Commission on Thursday declared its intention to hold companies accountable for the collection and use of consumers' biometric information.

FTC commissioners unanimously passed a policy statement on biometric information asking companies to ensure such technologies aren't causing substantial harm to consumers. The FTC's concern is with the "increasing risks that biometric information technology poses to the public," said Ben Wiseman, acting associate director of the FTC's Division of Privacy and Identity Protection, during the FTC's open meeting. Biometric information includes facial recognition, fingerprints and other biological information.

The FTC's position on biometric information anchors on Section 5 of the FTC Act, which deals with unfair and deceptive business practices.

"Just because a technology is new or innovative does not mean it gets a pass from the FTC Act," Wiseman said.

It's the second time the FTC has spoken out about how existing consumer protection laws apply to new and emerging technologies. Earlier this year, the FTC, along with other federal agencies, stated that consumer protection laws will be enforced for companies using AI resulting in consumer harms.

FTC targets unfair, deceptive use of biometric information

The flexible nature of the FTC Act puts the agency in a position to protect consumer privacy regardless of changing technologies, FTC Chair Lina Khan said during the meeting.

The biometric policy statement lays out clearly how some of these traditional consumer protection authorities would apply to the risks created by biometric information technologies.
Lina KhanChair, Federal Trade Commission

"The biometric policy statement lays out clearly how some of these traditional consumer protection authorities would apply to the risks created by biometric information technologies," she said.

Indeed, the FTC is warning businesses that false claims about the accuracy of biometric information technology used could violate the FTC Act.

The FTC will also consider other factors in determining violations, such as whether businesses fail to assess the risks or harms posed to consumers before collecting biometric information, fail to address those risks, fail to assess third-party access to biometric information, or engage in unexpected collection of biometric information.

FTC Commissioner Alvaro Bedoya noted how multiple cities and states have banned government agencies' ability to use biometric information for surveillance. However, he said, while most of those bans apply to government use of biometric information and technologies, it doesn't apply to commercial use.

"With today's statement, I am proud that we're setting clear guideposts for how our oldest consumer protection authority, Section 5 of the FTC Act, applies to biometrics," Bedoya said.

Makenzie Holland is a news writer covering big tech and federal regulation. Prior to joining TechTarget Editorial, she was a general reporter for the Wilmington StarNews and a crime and education reporter at the Wabash Plain Dealer.

Dig Deeper on Risk management and governance

Cloud Computing
Mobile Computing
Data Center
and ESG