Sony’s facial recognition robot dog banned in Illinois
Daily News Article — Posted on April 4, 2019
(by Megan Wollerton, CNet) — …Sony’s $2,900 robot dog Aibo is a companion robot, one the company claims “learns its environment and develops relationships with people.” Aibo even enlists a camera in its nose to scan faces and determine who’s who so it can react to them differently.
Because of its face-detecting capabilities, Sony doesn’t sell Aibo in Illinois. The state’s Biometric Information Privacy Act (BIPA) regulates the collection of biometric data, including face scans.
…The story doesn’t stop with Sony’s quirky robot. Illinois also limits access to facial recognition in home security cameras, a feature that’s becoming increasingly prevalent in the consumer security market. Let’s take a closer look at BIPA, the growth of biometric tech in consumer products — and how other states in the US treat your biometric info.
The Biometric Information Privacy Act was established in 2008 to regulate “the collection, use, safeguarding, handling, storage, retention, and destruction of biometric identifiers and information.” BIPA defines “biometric identifiers” as retina scans, iris scans, fingerprints, hand scans, face scans and voiceprints.
Basically, an individual or a company needs “informed written consent” to use another individual’s biometric info. …
A Sony support page titled “Why Is Aibo Not for Sale in Illinois?” simply says:
Due to state regulations and policies, the Aibo™ robotic companion is not for sale or use in Illinois.
In order to mimic the behavior of an actual pet, an Aibo device will learn to behave differently around familiar people. To enable this recognition, Aibo conducts a facial analysis of those it observes through its cameras. This facial-recognition data may constitute “biometric information” under the law of Illinois, which places specific obligations on parties collecting biometric information. Thus, we decided to prohibit purchase and use of Aibo by residents of Illinois.
While Sony simply opted out of selling the face-detecting Aibo in Illinois, other companies, like Nest, sell their facial recognition-enabled cams in Illinois, with the facial recognition feature disabled. …
At the same time that states are implementing biometric privacy laws, [more companies are offering] consumer devices with facial recognition. Two examples are the Honeywell Smart Home Security system and Nest.
Not only is facial recognition more prevalent, there are more products that enlist fingerprints or hand scans for identification. The iPhone and other smartphones have fingerprint-scanning capabilities so you can quickly unlock your phone. At CES 2019, a smart lock called the Elecpro US:E that relies on a face scan and a hand scan to unlock was being demonstrated.
Airports are increasingly adding tech that scans faces or fingerprints to determine who you are, too. Adam Schwartz of the Electronic Frontier Foundation (EFF) refers to the growing popularity of biometric tech as a “normalization of biometrics,” something the EFF finds concerning, he says.
“If you start using biometrics to board your airplane because it’s convenient, other forms of biometrics seem more normal. We’re very concerned about that,” explains Schwartz.
Whether or not you’re personally concerned about your biometric data, expect to see more regulations around it in the coming years. Alaska, Michigan, Montana and New Hampshire are already working on their own biometric laws. And, given the influx of devices that use biometric information both for consumer and commercial purposes, more are probably on the way.
Published at cnet .com. Reprinted here for educational purposes only. May not be reproduced on other websites without permission from CNet.
Background
Although BIPA remains the strictest state privacy law, Texas and Washington also regulate biometric information. A Texas law, established in 2009, similarly defines biometric identifiers as "a retina or iris scan, fingerprint, voiceprint, or record of hand or face geometry."
A section of the law states: "A person may not capture a biometric identifier of an individual for a commercial purpose unless the person: informs the individual before capturing the biometric identifier; and receives the individual's consent to capture the biometric identifier."
Washington's 2017 House Bill 493 doesn't specifically reference face or hand scans in its definition of biometric identifier. The definition also doesn't include "a physical or digital photograph, video or audio recording or data generated therefrom, or information collected, used, or stored for health care treatment, payment, or operations under the federal health insurance portability and accountability act of 1996."
The Electronic Frontier Foundation, a nonprofit advocacy group for digital privacy, supports state regulation of biometric data.
"When you start to capture biometrics from people it turns a corner to where we think that shouldn't be happening without the consent of the person who's biometrics are being taken," EFF senior staff attorney Adam Schwartz says during a phone interview while referencing Illinois' Biometric Information Privacy Act.
"What it says [BIPA] is that, one private person can't take biometrics from another private person without their consent. And that's where we [the EFF] would draw the line," Schwartz adds. (from the CNET article above)