Photo of Nicola Menaldo

Nicola Menaldo represents and counsels technology and retail clients on a wide range of issues central to their business needs.

The U.S. Department of Homeland Security announced new policies on September 14, 2023, regarding its use and acquisition of artificial intelligence technologies, including facial recognition and face capture technologies. DHS also appointed Eric Hysen as the department’s first chief AI officer.

Highlighting the potential “privacy, civil rights, and civil liberties” issues associated with the use

The Federal Trade Commission (FTC) issued a policy statement on May 18, 2023, addressing concerns relating to the collection and use of biometric information. The Biometrics Policy Statement, which the FTC’s Commissioners voted 3-0 to issue, outlines practices related to biometric information that the FTC views as violations or will take into account when evaluating

On April 27, 2023, Washington Governor Jay Inslee signed into law House Bill 1155, also known as the My Health, My Data Act. Its stated purpose is to protect “consumer health data” collected by entities not already subject to the federal Health Insurance Portability and Accountability Act, but one less obvious consequence of the Act

After years out of circulation, class-action lawsuits asserting claims under the Video Protection Privacy Act are now back in reruns. More than 100 putative class actions alleging violations of the VPPA have been filed against publishers that use the Meta pixel on their websites.

It remains to be seen whether these lawsuits will survive evaluation

The Office of Science and Technology Policy (OSTP), a part of the Executive Office of the President, recently published a white paper titled “The Blueprint for an AI Bill of Rights: Making Automated Systems Work for the American People” (Blueprint). This Blueprint offers a nonbinding framework for the responsible development of policies and

Amazon and Microsoft won summary judgment in two class action lawsuits filed in federal court in the U.S. District Court for the Western District of Washington asserting violations of the Illinois Biometric Information Privacy Act. While the facts of the cases are unique—the defendants received a data set that was developed by a third party

After a five-day trial and only an hour of deliberation, the nation’s first trial under the Illinois Biometric Information Privacy Act (BIPA) ended with a bang. The jury found that the defendant, BNSF Railway Company, recklessly or intentionally violated BIPA 45,600 times (once per class member), resulting in a $228 million judgment.

Click here to

In recent years, apparel and retail businesses have increasingly sought to provide customers with options to interact with the brand’s merchandise and services in virtual environments. This includes everything from virtual try-on to virtual stores in the metaverse. Depending on their specific nature, these services could potentially trigger biometric privacy laws, generating risk for businesses.

In February, the Texas attorney general brought the first enforcement action under Texas’ Capture of Use of Biometric law. CUBI was the first state law to govern the collection and use of biometric data, predating the more well-known Illinois law by seven years.

This update explores (1) the key differences between CUBI and the Illinois

For the second year in a row, amidst a wave of biometric lawsuits in other states, Maryland legislators have introduced a new biometric privacy law mimicking the Illinois Biometric Information Privacy Act (BIPA). In 2021, a similar proposed law (HB 0218) failed to make it past committee hearings and was withdrawn by its sole sponsor, Maryland House Delegate Sara Love.
Continue Reading Maryland Legislators Once Again Push for a BIPA-Style Biometric Privacy Bill