California Expands Data Breach Notification Law to Include Passport and Biometric Data
Lawmakers in California have approved new legislation that serves to expand the state’s data breach notification law by requiring businesses to notify consumers of compromised passport numbers and biometric information.
[...]
For David Oberly, associate at US law firm Blank Rome, the amendment better aligns California’s data breach notification law with modern approaches to identity verification.
“At the time that many states’ original data breach notification laws were passed, biometric data was largely a thing of science fiction,” Oberly told The Daily Swig.
“However, as time and technology has progressed, biometric technologies have become mainstream today, with biometric data being commonly utilized across a broad range of different, diverse industries.”
Oberly noted that several other US states have also amended their breach notification laws this year to include biometric data, including Arkansas, New York, and Washington.
"California Expands Data Breach Notification Law to Include Passport and Biometric Data," by James Walker was published in The Daily Swig on October 16, 2019.