Photo of Nicola Menaldo

Nicola Menaldo represents and counsels technology and retail clients on a wide range of issues central to their business needs.

The Office of Science and Technology Policy (OSTP), a part of the Executive Office of the President, recently published a white paper titled “The Blueprint for an AI Bill of Rights: Making Automated Systems Work for the American People” (Blueprint). This Blueprint offers a nonbinding framework for the responsible development of policies and

Amazon and Microsoft won summary judgment in two class action lawsuits filed in federal court in the U.S. District Court for the Western District of Washington asserting violations of the Illinois Biometric Information Privacy Act. While the facts of the cases are unique—the defendants received a data set that was developed by a third party

After a five-day trial and only an hour of deliberation, the nation’s first trial under the Illinois Biometric Information Privacy Act (BIPA) ended with a bang. The jury found that the defendant, BNSF Railway Company, recklessly or intentionally violated BIPA 45,600 times (once per class member), resulting in a $228 million judgment.

Click here to

In recent years, apparel and retail businesses have increasingly sought to provide customers with options to interact with the brand’s merchandise and services in virtual environments. This includes everything from virtual try-on to virtual stores in the metaverse. Depending on their specific nature, these services could potentially trigger biometric privacy laws, generating risk for businesses.

In February, the Texas attorney general brought the first enforcement action under Texas’ Capture of Use of Biometric law. CUBI was the first state law to govern the collection and use of biometric data, predating the more well-known Illinois law by seven years.

This update explores (1) the key differences between CUBI and the Illinois

For the second year in a row, amidst a wave of biometric lawsuits in other states, Maryland legislators have introduced a new biometric privacy law mimicking the Illinois Biometric Information Privacy Act (BIPA). In 2021, a similar proposed law (HB 0218) failed to make it past committee hearings and was withdrawn by its sole sponsor, Maryland House Delegate Sara Love.
Continue Reading Maryland Legislators Once Again Push for a BIPA-Style Biometric Privacy Bill

What Is the Ordinance?

New York City’s new biometrics ordinance goes into effect today, Friday, July 9. The ordinance regulates the use of “biometric identifier information” in “commercial establishments.” It is the first law of its kind in the State of New York.

  • “Biometric identifier information” is broadly defined to mean “a physiological or biological

It’s a new year and it looks like 2021 is going to be another eventful one for privacy. In the past few weeks, we’ve seen several states introduce new privacy legislation, starting with Washington. On January 5, the Washington Privacy Act of 2021 (SB 5062) was introduced in the Washington State Senate and

Does your company use chatbots to interact with customers online? If so, California’s new Autobot Law, Cal. Bus. & Prof. Code § 17940, et seq. (SB 1001) goes into effect July 1, 2019 and may affect your business. As the nation’s first autobot regulation, SB 1001 makes it unlawful “to use a bot to communicate or interact with another person in California online, with the intent to mislead the other person about its artificial identity for the purpose of knowingly deceiving the person about the content of the communication in order to incentivize a purchase or sale of goods or services in a commercial transaction or to influence a vote in an election.”
Continue Reading I Am Robot: California’s New Law Requires Disclosure of Use of Bots