Biometric Policy

Fox Rothschild LLP (the “Firm”) provides this Biometric Information Privacy Policy (“Biometrics Policy”) to define its policies and procedures for the collection, use, disclosure, and retention of biometric information. For information on the biometric (and other personal) information we collect, how we use it, and your rights in connection with it, see the Privacy Notice for Fox Rothschild Employees.

As used in this Biometrics Policy, “biometric information” means: (i) a retina or iris scan, fingerprint, voiceprint, scan or record of hand or face geometry, or any other unique biological pattern or characteristic used to identify an individual; or (ii) any information, regardless of how it is captured, converted, stored, or shared, based on an identifier listed in (i) used to identify an individual.

Applicability. The Firm has instituted this Biometrics Policy to define its policies and procedures for the collection, use, disclosure, and retention of biometric information in connection with the computer provided to you by the Firm (the “Firm Device”). The Firm Device utilizes the Windows Hello secure login feature that collects biometric information (i.e., facial geometry) through a camera located in the lid of the laptop or an external webcam, or biometric information (i.e., fingerprint) through a fingerprint scanner on the laptop keyboard. The purpose of the Windows Hello secure login feature is to use a biometric identifier in place of a traditional password on Firm Devices and, if utilized, in connection with passkeys for third party websites, which creates a more secure computing experience. This Biometrics Policy does not apply to voice recordings such as voicemails and Webex recordings, which is covered in the Privacy Notice for Fox Rothschild Employees.

To satisfy requirements under biometrics laws such as (to the extent applicable) the Illinois Biometric Information Privacy Act, the Texas Capture or Use of Biometric Identifier Act, and Washington State Wash. Rev. Code § 19.375.020, and data privacy laws such as (to the extent applicable) the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act, we have:

published a Privacy Notice for Fox Rothschild Employees detailing the collection and use of biometric information and other personal information;
provided this Biometric Information Privacy Policy to set out the Firm’s policies and procedures on the collection, use, retention and destruction of biometric information on Firm Devices; and
provided users with a form written Biometric Information Privacy Policy Acknowledgment and Consent for the collection of biometric information on Firm Devices.

Consent. To the extent required by applicable law, written consent must be obtained from employees or other individuals from whom biometric information is collected for the Firm’s use, disclosure, and retention of their biometric information. The Firm provides to users of Firm Devices the form Biometric Information Privacy Policy Acknowledgement and Consent, which informs users of:

the biometric information collected, captured, or otherwise obtained to utilize Windows Hello;
the specific purpose for which the biometric information is being collected, used, and retained;
confirmation that the biometric information will not be disclosed to third parties;
the length of time for which the biometric information is retained by the Firm;
the Firm’s schedule and procedure for permanently disposing of the biometric information; and
the protective measures utilized by the Firm to safeguard the biometric information.

Collection and Use of Biometric Information. To utilize Windows Hello in lieu of a password, the Device will utilize the camera or fingerprint sensor (as applicable) to compare the user’s facial geometry or fingerprint (as applicable) to the facial geometry or fingerprint (as applicable) that was registered on the Firm Device. In this context, a user is considered to be “interacting” with the Firm Device as long as they keep utilizing Windows Hello on the Firm Device. The biometric information is considered necessary for purposes such as complying with a court order, statute, or public records retention schedule specified under applicable law; responding to a valid warrant or subpoena issued by a court of competent jurisdiction; and/or protecting against or preventing actual or potential fraud, criminal activity, claims, security threats, or liabilities. The Firm does not sell, lease, trade, or otherwise profit from biometric information collected under this Biometrics Policy.

Disclosure of Biometric Information. The Firm never shares biometric information with a third party. If the Firm is required to disclose biometric information to comply with applicable law or to comply with a valid warrant or subpoena issued by a court of competent jurisdiction, the actual biometric information is encrypted and can only be used by Windows Hello on the specific Firm Device on which it was created. In other words, the biometric information cannot be copied and used on another device.

Retention and Disposal. The Firm will permanently delete a user’s biometric information from the Firm Device upon the earlier of: (i) the applicable method of using Windows Hello (i.e., facial geometry recognition or fingerprint recognition) being disabled on the Firm Device by such user or another person; or (ii) promptly following such user permanently surrendering the Firm Device to the Firm for any reason.

Safeguards. The biometric data used to support Windows Hello is stored on the Firm Device only. It does not roam between Firm devices and is never sent to external devices or servers. This separation helps to stop potential attackers by providing no single collection point that an attacker could potentially compromise to steal biometric data. Even if an attacker could obtain the biometric data from the Firm Device, it couldn't be converted back into a raw biometric sample recognizable by the biometric sensor. The Firm uses a reasonable standard of care to store, transmit and protect from disclosure any biometric information collected. Such storage, transmission, and protection from disclosure is performed in a manner that is the same as or more protective than the way the Firm stores, transmits, and protects other confidential and sensitive information, including personal information.

Biometric Policy

Making the Move: How to Appropriately Change Your Washington Domicile

Fox Rothschild Recruits Commercial Litigator in Los Angeles

Court Denies Early Dismissal in Patent Suit Over Generic Cataract Surgery Drug

What Taylor Swift's Voice Trademark Applications Say About AI Threats

DOJ Officially Reschedules Certain Cannabis

The Presumption of Innocence Podcast Series

Executive Transactions

Executive Order Accelerates Psychedelic Drug Development for Serious Mental Illness

Beth Oliva Elected Chair of the Nicotine Resource Consortium

Litigation Partner Christopher Nelson Joins Fox Rothschild in Los Angeles