Employers who continue to operate under the assumption that there is no need to maintain any type of biometric privacy compliance program when using facial recognition software are extremely vulnerable to liability exposure by the Federal Trade Commission (FTC). Companies should take the steps now, even if they are not governed by any biometric privacy regulation, to build a privacy compliance program. The FTC is becoming increasingly aggressive when it comes to policing the misuse of facial recognition. The FTC guidance, “Facing the Facts: Best Practices for Common Uses of Facial Recognition Technologies,” draws upon three core privacy and security principles: privacy-by-design, simplified consumer choice, and transparency.
