Californians, get the acronyms right: CCPA, CPRA, CPPA.
“Imagine having complete insight and control over how your personal information is collected, shared, and sold. That’s what the California Consumer Privacy Act (CCPA) brought in 2020. Then came the California Privacy Rights Act (CPRA), effective January 2023, expanding those rights and establishing the California Privacy Protection Agency (CPPA) to enforce them. These laws together position California at the forefront of privacy regulation in the United States.”
I’ve frequently talked about geolocation as a factor of authentication, and have also mentioned the privacy concerns that rise with the use of geolocation for identification.
But sometimes it’s not just an issue of privacy, but something more sinister.
Authentic Living Therapy is a counselor specializing in trauma, abuse, emotional abuse, anxiety, depression, self-harm, parenting, and relationship difficulties. The page recently shared an image post on Facebook with the title
“Tracking someone’s location isn’t always about care. Sometimes, it’s about control.”
If you are a tech marketer and want to share how your identity solution protects individual privacy, I can help you write the necessary content. Let’s meet. Before your competition shares ITS story and steals your prospects and revenue.
“We provide the world’s leading news coverage and information on the global biometric technology market via the web and an exclusive daily newsletter. Our daily biometrics updates, industry perspectives, interviews, columns and in-depth features explore a broad range of modalities and methods, from fingerprint, voice, iris, and facial recognition, to cutting-edge technologies like DNA analysis and gait recognition, related identification tools such as behavioral biometrics, and non-biometric identification methods such as identity document verification and telephone forensics. Our coverage touches on all applications and issues dealt with in the sector, including national security, mobile identity, and border control, with a special emphasis on UN Sustainable Development Goal 16.9 to provide universal digital identification and the ID4Africa movement.”
Over the last ten years, there have been two instances in which I have been newsworthy.
2015 with MorphoTrak
The first occurred in 2015, when my then-employer MorphoTrak exhibited an airport gate called MorphoWay at a conference then known as connect:ID. At the 2015 show, I demonstrated MorphoWay for Biometric Update’s videographer.
Me at connect:ID, 2015.
“In the video, Bredehoft scans his passport through the document reader, which checks the passport against a database to verify that it is, in fact, a CBP-authorized document.
“Once verified, the gates automatically open to allow Bredehoft to exit the area.”
2025 with Bredemarket
The second occurred ten years later in 2025, when I wrote a guest opinion piece entitled “Opinion: Vendors must disclose responsible uses of biometric data.” As I previously mentioned, I discussed the need to obtain consent for use of biometric data in certain instances, and noted:
“Some government agencies, private organizations, and biometric vendors have well-established procedures for acquiring the necessary consents.
“Others? Well…”
Biometric Update didn’t create a video this time around, but I did.
Biometric vendors…
2035???
So now that I’ve established a regular cadence for my appearances in Biometric Update, I fully expect to make a third appearance in 2035.
Because of my extensive biometric background, I predict that my 2035 appearance will concern the use of quantum computing to distinguish between a person and their fabricated clone using QCID (quantum clone identification).
No video yet, because I don’t know what video technology will be like ten years from now. So here’s an old fashioned 2D picture.
My prior post may have given the false impression that Tebra is the only company that employs artificial intelligence to improve the speed and accuracy of electronic health records (EHRs) and electronic medical records (EMRs).
There are actually several companies using AI or other technologies to improve EHR and EMR completion. Here’s a (woefully incomplete) list. Many of these companies also handle other practice management functions required by a medical practice, including intake, telehealth, and payments.
Electronic health records (EHRs) can be a pain in a particular body part. But Tebra and other firms offer ways to automate portions of the record keeping process. And if these automations work, they also increase EHR accuracy.
I’ve previously talked about how an EHR can incorporate a patient identifier, derived from the facial recognition of the patient. This prevents misidentification, which can cause severe problems if the EHR data is applied to the wrong patient.
“Tebra’s EHR+ platform connects care, billing, scheduling, and more. Built-in AI speeds up notes, handles reviews, and automates repetitive admin work.”
“Before using AI-powered scribe tools, review applicable laws and regulations in your practice’s jurisdiction regarding electronic recordings, AI scribes, and informed consent. Some jurisdictions require verbal or written consent prior to any form of ambient documentation. Check your state board or consult legal counsel for guidance.”
Harry Chambers of OneTrust gave a far-reaching overview of the worldwide state of privacy legislation this morning. Chambers covered a ton of topics, but I’m going to focus on proposed changes to the California Invasion of Privacy Act, or CIPA.
“CIPA was originally enacted in 1967 to combat traditional wiretapping and eavesdropping, primarily in the context of telephone communications. It was never designed to address the complexities of the digital age or regulate how businesses track user interactions on the internet.”
But that didn’t stop the lawyers. As Chambers noted, a ton of lawsuits tried to apply 1967 law to modern use cases, including (Fisher Phillips) “routine website technologies such as cookies, pixels, search bar/form, chatbots, and session replay tools.”
Heck, back in 1967 cookies made you high. Whoops, that’s brownies.
Imagen 4.
You can imagine how California technology businesses felt about this. Chatbots as illegal wiretapping? Ouch.
Imagen 4.
Enter California SB 690 to stop what Fisher Phillips called a “shakedown” (settle or you’ll go to court). It proposed to align CIPA with the “commercial business purposes” definition under CCPA as amended.
Imagen 4. For the story behind this picture, see “AI Still Has Bias.”
On June 3, the California Senate unanimously approved SB 690.
But submission to the California Assembly is delayed:
“On July 2, the author of SB 690, State Senator Anna Caballero (D-14), announced she was pausing SB 690, holding it in the Assembly until at least 2026. Caballero cited ‘outstanding concerns around consumer privacy,’ and acknowledged continued opposition from consumer privacy advocates and attorneys’ groups.”
So the lawsuits can continue until morale improves.
If you ignore what Yves-Alexandre de Montjoye et al said about the validity of 12 fingerprint minutiae points in their 2013 study (cited in phys.org), their conclusions about cell phone locations deserve consideration.
“By analyzing 15 months of cell phone mobility data from 1.5 million people, researchers have found that only four spatio-temporal points (an individual’s approximate whereabouts at the approximate time when they’re using their cell phone) are all that’s needed to uniquely identify 95% of the individuals.”
Why?
“[T]he researchers’ data shows that just four spatio-temporal points are needed to uniquely identify the mobility trace of an individual. In other words, it’s not likely that someone else will be in the same locations as you are at four different times of day.”
And once you perform multi-factor authentication by combining geolocation with another factor, such as an address or a social media post, privacy disappears.
Perhaps you’ve heard the joke about an anonymous survey managed by a company’s personnel department. In the joke, one employee received two emails:
The first was from HR, announcing the anonymous survey.
The second was from the employee’s supervisor, reporting that HR says that the employee is the only person who hasn’t completed the “anonymous” survey.
But maybe it’s not a joke.
Is the zero knowledge/World dream of one unique identity per person actually a curse? According to Biometric Update, Vitalik Buterin of Ethereum fame claims it REMOVES privacy.
“[U]nder one-per-person ID, even if ZK-wrapped, we risk coming closer to a world where all of your activity must de-facto be under a single public identity….
“[T]here can’t be an easily legible hard limit on how many identities you can easily get. If you can only have one identity, you do not have pseudonymity, and you can be coerced into revealing it.”
Buterin believes multiple identities, managed separately, provide concurrent identity and privacy.
Biometric marketing leaders already know that I’ve talked about reader personas to death. But what about WRITER personas? And what happens when you try to address ALL the reader and writer personas?
Reader personas
While there are drawbacks to using personas, they are useful in both content marketing and proposal work when you want to tailor your words to resonate with particular types of readers (target audiences, or hungry people).
I still love my example from 2021 in which a mythical Request for Proposal (RFP) was issued by my hometown of Ontario, California for an Automated Biometric Identification System (ABIS). The proposal manager had to bear the following target audiences (hungry people) in mind for different parts of the proposal.
The field investigators who run across biometric evidence at the scene of a crime, such as a knife with a fingerprint on it or a video feed showing someone breaking into a liquor store.
The examiners who look at crime scene evidence and use it to identify individuals.
The people who capture biometrics from arrested individuals at livescan stations.
The information technologies (IT) people who are responsible for ensuring that Ontario, California’s biometric data is sent to San Bernardino County, the state of California, perhaps other systems such as the Western Identification Network, and the Federal Bureau of Investigation.
The purchasing agent who has to make sure that all of Ontario’s purchases comply with purchasing laws and regulations.
The privacy advocate who needs to ensure that the biometric data complies with state and national privacy laws.
The mayor (Paul Leon back in 2021, and still in 2025), who has to deal with angry citizens asking why their catalytic converters are being stolen from their vehicles, and demanding to know what the mayor is doing about it.
Probably a dozen other stakeholders that I haven’t talked about yet, but who are influenced by the city’s purchasing decision.
Writer personas
But who is actually writing the text to address these different types of readers?
Now in this case I’m not talking about archetypes (a topic in itself), but about the roles of the subject matter experts who write or help write the content.
I am currently working on some internal content for a Bredemarket biometric client. I can’t reveal what type of content, but it’s a variant of one of the 22 types of content I’ve previously addressed. A 23rd type, I guess.
But what would happen if someone in a role other than product marketing consultant wrote this content?
An engineer would emphasize different things. Maybe a focus on the APIs.
A finance manager would emphasize different things. Maybe an ROI focus.
A salesperson may focus on different things. Maybe qualification of a prospect. Or eventually conversion.
So the final content is not only shaped by the reader, but by the writer.
You can’t please everyone so you’ve got to please yourself
With all the different reader and writer personas, how should you respond?
Do all the things?
Perhaps you can address everyone in a 500 page proposal, but the internal content Bredemarket is creating is less than 10 pages long.
Which is possibly already too long for MY internal target audience.
So I will NOT create the internal content that addresses the needs of EVERY reader and writer persona.
Which is one truth about (reader) personas in general. If you need to address three personas, it’s more effective to create 3 separate pieces than a single one.
Which is what I’m doing in another project for this same Bredemarket biometric client, this one customer-facing.
And the content targeted to latent examiners won’t mention the needs of Paul Leon.
In which I address the marketing leader reader persona
So now I, the biometric product marketing expert writer persona, will re-address you, the biometric marketing leader reader persona.
You need content, or proposal content.
But maybe you’re not getting it because your existing staff is overwhelmed.
So you’re delaying content creation or proposal responses, or just plain not doing it. And letting opportunities slip through your fingers.
Bredemarket 