And what about Freja? Well, if the Danish Copyright Act takes effect on March 31, 2026 as expected, Cali John can get into a ton of trouble if he uses the video to create a realistic, digitally generated imitation of Freja. Again, consent is required. Again, there can be monetary penalties if you don’t get that consent.
But there’s another question we have to consider.
The vendor responsibility
Does the videoconference provider bear any responsibility for the violations of Illinois and Danish law?
“5. USE OF SERVICES AND YOUR RESPONSIBILITIES. You may only use the Services pursuant to the terms of this Agreement. You are solely responsible for Your and Your End Users’ use of the Services and shall abide by, and ensure compliance with, all Laws in connection with Your and each End User’s use of the Services, including but not limited to Laws related to recording, intellectual property, privacy and export control. Use of the Services is void where prohibited.”
But such requirements haven’t stopped BIPA lawyers from filing lawsuits against deep pocketed software vendors. Remember when Facebook settled for $650 million?
So remember what could happen the next time you participate in a multinational, multi-state, or even multi-city videoconference. Hope your AI note taker isn’t capturing screen shots.
Las Vegas is a destination visited by over 40 million people per year from all over the world. And the casino hotels know that they’re hungry for food, and they hope the hungry people will stay on property.
So do they serve Caesars Burgers?
Um, no. 40 million people don’t eat the same thing.
This becomes very clear if you visit the Bacchanal Buffet at Caesars Palace, with over 250 items prepared in 10 kitchens.
“From Roman-style pizza to Carne Asada Tacos inspired by the food trucks of L. A., there’s something for everyone. Find a world of flavor at our nine live-action cooking stations. Indulge in originals like slow-cooked prime rib, smoked beef brisket, crab, and wood-fired pizza. Or try something different, like whole Ahi Tuna Poke, roasted duck, or Singaporean Blue Crab and seasonal agua frescas.”
(Imagen 4)
There is literally something for everyone. And the hungry person salivating for Ahi Tuna Poke doesn’t care about the beef brisket.
Which brings us to local police automated fingerprint identification system (AFIS) proposals.
Variety for hungry people
If you had asked me in September 1994 (before I started at Printrak in October) the target audience for local police AFIS, I would have replied, “fingerprint people.”
That answer would be incorrect.
Tenprint and latent people
Because, even if you limit things to the criminal AFIS world, there are (at least) two types of fingerprint people: tenprint examiners, and latent examiners. I asked my buddy Bredebot to summarize the stereotypical differences between the two. Here is some of what he said:
“‘Assembly line‘ comparisons: Because tenprint comparisons use high-quality, known impressions taken under controlled conditions, their work can be automated and is often perceived as a high-volume, less complex task. This is in contrast to the specialized analysis required for latent prints.
“Artistic and subjective: Because latent prints are often smudged, distorted, and incomplete, examiners must make subjective judgments about their suitability for comparison. This has led to the criticism that the process is more of an art than a science.”
Bredebot has never attended an International Association for Identification conference, but I have. Many many years ago I attended a session on tenprint examiner certification. Latent examiners had this way cool certification and some people thought that more tenprint examiners should participate in their way cool certification program. As I recall, this meeting way heavily attended…by latent folks. Even today, the number of Certified Latent Print Examiners (CLPEs) is far greater than the number of Certified Tenprint Examiners (CTPEs).
Other people
But you can’t procure an AFIS by talking to tenprint and latent people alone.
As I noted years ago, other people get involved in a local police AFIS procurement, using Ontario, California as an example:
(Imagen 4)
The field investigators who run across biometric evidence at the scene of a crime, such as a knife with a fingerprint on it or a video feed showing someone breaking into a liquor store.
The information technologies (IT) people who are responsible for ensuring that Ontario, California’s biometric data is sent to San Bernardino County, the state of California, perhaps other systems such as the Western Identification Network, and the Federal Bureau of Investigation.
The purchasing agent who has to make sure that all of Ontario’s purchases comply with purchasing laws and regulations.
The privacy advocate who needs to ensure that the biometric data complies with state and national privacy laws.
The mayor (still Paul Leon as I write this), who has to deal with angry citizens asking why their catalytic converters are being stolen from their vehicles, and demanding to know what the mayor is doing about it.
Probably a dozen other stakeholders that I haven’t talked about yet, but who are influenced by the city’s purchasing decision.
Feeding the hungry people
So even a relatively simple B2B product has multiple target audiences.
Should product marketers apply the same one-dimensional messaging to all of them?
Um, no.
If you did that, purchasing agents would fall asleep at mentions of “level 3 detail,” while latent examiners would abandon their usual attention to detail when confronted by privacy references to the California Information Practices Act of 1977. (The CCPA, CPRA, and CPPA apply to private entities.)
So, whether you like it or not, you need separate messaging for each of your categories of hungry people.
(Imagen 4)
One time, as part of an account-based marketing effort, I had to construct a multi-variable messaging matrix…for a product that is arguably simpler than an AFIS.
And yes, I used Microsoft Excel.
And I can use my mad Excel skillz for you also, if your company needs content, proposal, or analysis assistance in your technology product marketing operations. Contact Bredemarket at https://bredemarket.com/mark/.
Geolocation and “somewhat you why” (my proposed sixth factor of identity verification and authentication) can not only be used to identify and authenticate people.
They can also be used to learn things about people already authenticated, via the objects they might have in their possession.
Stalkerware
404 Media recently wrote an article about “stalkerware” geolocation tools that vendors claim can secretly determine if your partner is cheating on you.
Before you get excited about them, 404 Media reveals that many of these tools are NOT secret.
“Immediately notifies anyone traveling with it.” (From a review)
Three use cases for geolocation tracking
But let’s get back to the tool, and the intent. Because I maintain that intent makes all the difference. Look at these three use cases for geolocation tracking of objects:
Tracking an iPhone (held by a person). Many years ago, an iPhone user had to take a long walk from one location to another after dark. This iPhone user asked me to track their whereabouts while on that walk. Both of us consented to the arrangement.
Tracking luggage. Recently, passengers have placed AirTags in their luggage before boarding a flight. This lets the passengers know where their luggage is at any given time. But some airlines were not fans of the practice:
“Lufthansa created all sorts of unnecessary confusion after it initially banned AirTags out of concern that they are powered by a lithium battery and could emit radio signals and potentially interfere with aircraft navigation.
“The FAA put an end to those baseless concerns saying, “Luggage tracking devices powered by lithium metal cells that have 0.3 grams or less of lithium can be used on checked baggage”. The Apple AirTag battery is a third of that size and poses no risk to aircraft operation.”
Tracking an automobile. And then there’s the third case, raised by the 404 Media article. 404 Media found countless TikTok advertisements for geolocation trackers with pitches such as “men with cheating wives, you might wanna get one of these.” As mentioned above, the trackers claim to be undetectable, which reinforces the fact that the person whose car is being tracked did NOT consent.
From consent to stalkerware, and the privacy implications
Geolocation technologies are used in every instance. But in one case it’s perfectly acceptable, while it’s less acceptable in the other two cases.
Banning geolocation tracking technology would be heavy-handed since it would prevent legitimate, consent-based uses of the technology.
So how do we set up the business and technical solutions that ensure that any tracking is authorized by all parties?
Does your firm offer a solution that promotes privacy? Do you need Bredemarket’s help to tell prospects about your solution? Contact me.
There are laws, and there are regulations. In California, we are modifying the latter.
Before launching into these regulatory changes, remember that the CCPA is the California Consumer Privacy Act, while the CPPA is the California Privacy Protection Agency. (There’s also a CPRA, the California Privacy Rights Act.)
Imagen 4.
I have attached the May 2025 version of the “Modified Text of Proposed Regulations,” specifically regarding changes to the California Consumer Privacy Act regulations. They affect automated decision-making, conducting risk assessments, and performing cybersecurity audits.
The regulations will now head to the California Office of Administrative Law for final review before they can be formally enacted.
In the meantime, we have this thingie, in which
The initial proposal (noticed on November 22, 2024) is illustrated by blue underline for proposed additions and red strikethrough for proposed deletions, unless otherwise indicated, as in Articles 9, 10, and 11. Changes made after the 45-day comment period are illustrated by purple double underline for proposed additions and orange double strikethrough for proposed deletions.
When you get to the purple double underline and orange double strikethrough stage, you know things are getting serious.
Californians, get the acronyms right: CCPA, CPRA, CPPA.
“Imagine having complete insight and control over how your personal information is collected, shared, and sold. That’s what the California Consumer Privacy Act (CCPA) brought in 2020. Then came the California Privacy Rights Act (CPRA), effective January 2023, expanding those rights and establishing the California Privacy Protection Agency (CPPA) to enforce them. These laws together position California at the forefront of privacy regulation in the United States.”
I’ve frequently talked about geolocation as a factor of authentication, and have also mentioned the privacy concerns that rise with the use of geolocation for identification.
But sometimes it’s not just an issue of privacy, but something more sinister.
Authentic Living Therapy is a counselor specializing in trauma, abuse, emotional abuse, anxiety, depression, self-harm, parenting, and relationship difficulties. The page recently shared an image post on Facebook with the title
“Tracking someone’s location isn’t always about care. Sometimes, it’s about control.”
If you are a tech marketer and want to share how your identity solution protects individual privacy, I can help you write the necessary content. Let’s meet. Before your competition shares ITS story and steals your prospects and revenue.
“We provide the world’s leading news coverage and information on the global biometric technology market via the web and an exclusive daily newsletter. Our daily biometrics updates, industry perspectives, interviews, columns and in-depth features explore a broad range of modalities and methods, from fingerprint, voice, iris, and facial recognition, to cutting-edge technologies like DNA analysis and gait recognition, related identification tools such as behavioral biometrics, and non-biometric identification methods such as identity document verification and telephone forensics. Our coverage touches on all applications and issues dealt with in the sector, including national security, mobile identity, and border control, with a special emphasis on UN Sustainable Development Goal 16.9 to provide universal digital identification and the ID4Africa movement.”
Over the last ten years, there have been two instances in which I have been newsworthy.
2015 with MorphoTrak
The first occurred in 2015, when my then-employer MorphoTrak exhibited an airport gate called MorphoWay at a conference then known as connect:ID. At the 2015 show, I demonstrated MorphoWay for Biometric Update’s videographer.
Me at connect:ID, 2015.
“In the video, Bredehoft scans his passport through the document reader, which checks the passport against a database to verify that it is, in fact, a CBP-authorized document.
“Once verified, the gates automatically open to allow Bredehoft to exit the area.”
2025 with Bredemarket
The second occurred ten years later in 2025, when I wrote a guest opinion piece entitled “Opinion: Vendors must disclose responsible uses of biometric data.” As I previously mentioned, I discussed the need to obtain consent for use of biometric data in certain instances, and noted:
“Some government agencies, private organizations, and biometric vendors have well-established procedures for acquiring the necessary consents.
“Others? Well…”
Biometric Update didn’t create a video this time around, but I did.
Biometric vendors…
2035???
So now that I’ve established a regular cadence for my appearances in Biometric Update, I fully expect to make a third appearance in 2035.
Because of my extensive biometric background, I predict that my 2035 appearance will concern the use of quantum computing to distinguish between a person and their fabricated clone using QCID (quantum clone identification).
No video yet, because I don’t know what video technology will be like ten years from now. So here’s an old fashioned 2D picture.
My prior post may have given the false impression that Tebra is the only company that employs artificial intelligence to improve the speed and accuracy of electronic health records (EHRs) and electronic medical records (EMRs).
There are actually several companies using AI or other technologies to improve EHR and EMR completion. Here’s a (woefully incomplete) list. Many of these companies also handle other practice management functions required by a medical practice, including intake, telehealth, and payments.
Electronic health records (EHRs) can be a pain in a particular body part. But Tebra and other firms offer ways to automate portions of the record keeping process. And if these automations work, they also increase EHR accuracy.
I’ve previously talked about how an EHR can incorporate a patient identifier, derived from the facial recognition of the patient. This prevents misidentification, which can cause severe problems if the EHR data is applied to the wrong patient.
“Tebra’s EHR+ platform connects care, billing, scheduling, and more. Built-in AI speeds up notes, handles reviews, and automates repetitive admin work.”
“Before using AI-powered scribe tools, review applicable laws and regulations in your practice’s jurisdiction regarding electronic recordings, AI scribes, and informed consent. Some jurisdictions require verbal or written consent prior to any form of ambient documentation. Check your state board or consult legal counsel for guidance.”
Harry Chambers of OneTrust gave a far-reaching overview of the worldwide state of privacy legislation this morning. Chambers covered a ton of topics, but I’m going to focus on proposed changes to the California Invasion of Privacy Act, or CIPA.
“CIPA was originally enacted in 1967 to combat traditional wiretapping and eavesdropping, primarily in the context of telephone communications. It was never designed to address the complexities of the digital age or regulate how businesses track user interactions on the internet.”
But that didn’t stop the lawyers. As Chambers noted, a ton of lawsuits tried to apply 1967 law to modern use cases, including (Fisher Phillips) “routine website technologies such as cookies, pixels, search bar/form, chatbots, and session replay tools.”
Heck, back in 1967 cookies made you high. Whoops, that’s brownies.
Imagen 4.
You can imagine how California technology businesses felt about this. Chatbots as illegal wiretapping? Ouch.
Imagen 4.
Enter California SB 690 to stop what Fisher Phillips called a “shakedown” (settle or you’ll go to court). It proposed to align CIPA with the “commercial business purposes” definition under CCPA as amended.
Imagen 4. For the story behind this picture, see “AI Still Has Bias.”
On June 3, the California Senate unanimously approved SB 690.
But submission to the California Assembly is delayed:
“On July 2, the author of SB 690, State Senator Anna Caballero (D-14), announced she was pausing SB 690, holding it in the Assembly until at least 2026. Caballero cited ‘outstanding concerns around consumer privacy,’ and acknowledged continued opposition from consumer privacy advocates and attorneys’ groups.”
So the lawsuits can continue until morale improves.
Bredemarket 