Privacy Foundation

The Privacy Foundation at the University of Denver Sturm College of Law

Friday, October 30, 2020
12:00 - 1:00 pm

Via Zoom

Facial Recognition & Privacy

Session Recording

(This session recording is password protected.  Please contact Vincent Gonzales for the password)


Jed Brubaker, Assistant Professor of Information Science, University of Colorado Boulder

David S. Ray, COO & General Counsel, Rank One Computing

Steven Zansberg, Senior Counsel, Ballard Spahr LLP

Program Details

10:00 am - 10:05 am  Dean’s Welcome

John Soma, Executive Director, Privacy Foundation Professor of law, University of Denver Sturm College of Law

10: 05 am – 11:00 am : Panel I -- Technical and legal history surrounding facial recognition

  • Technological Constraints
    • Errors in identifying African Americans & other minorities, especially women
    • Challenging conditions – lighting, angle, photo quality, etc.
    • False negatives vs. False positives
  • Right to be let alone
  • Where can it be used?/Where is it being used?
    • Unlocking phones/computers
    • Airports/CBP
    • Sporting events
    • Law enforcement databases
    • Credit card payments
  • Kyllo v. United States, 533 U.S. 27 (2001) (Supreme Court case on police using heat sensing technology to obtain drug warrants)

11:05 am -12:00: Panel II-- Current legal facial recognition environment

  • US Federal, state, and local
    • California CCPA
    • Illinois BIPA
    • Texas bus. & com. Code § 503.001
    • San Francisco, Oakland, & Somerville, many have banned government actors from using facial recognition technology
    • Facebook lawsuits
  • EU
    • GDPR requires consent, anonymization of data, data protection impact assessments, etc.
    • European parliament
    • EU – conflicting priorities
      • Proposed temporary ban in public spaces
      • Proposed pan-European facial recognition network

12:05 pm -1:00 pmPanel III -- round table discussion: future of the regulatory environment of facial recognition

  • Limits on law enforcement
  • What should businesses plan for now?
    • How to implement facial recognition tech within the changing legal framework
    • Legality of software like Deepface (Facebook), Sensesational (Expedia), emotion recognition, etc.
  • Technologies beyond facial recognition -- walk style/human stride, voice recognition, etc.
  • Who owns biometric data? What happens when it is used or sold without consent?
  • Consumer rights vs. Civil rights


Facial Recognition technology got its start in computer labs, driven by many diverse interests—academic curiosity, law enforcement, and national defense, to name of few. It has been fine tuned over the decades for various applications, and facial recognition products are now emerging onto the marketplace. Along with the implementation of this technology, many legal issues have arisen; prominently among them is privacy.

This seminar will delve into some of the legal issues and privacy concerns associated with facial recognition technology. These include everything from the relatively mild problem of false negative identifications which prevent a smartphone from unlocking to the alarming number of false positives resulting in arrest or detainment of innocent people, ubiquitous surveillance, databases of biometric data, and the changing standards associated with the technology. Whether your business would like customers to be able to pay with a face scan, your client believes he has been discriminated against based on biometric data, or your company just wants to be in compliance with the patchwork of state, local, and international laws, this seminar will offer guidance and help clarify these issues.

CLE Credit Has Been Applied For

The University of Denver Sturm College of Law is committed to providing facilities that are accessible to persons with and without disabilities.  We encourage persons who use wheelchairs to contact Lauri Mlinar at 303-871-6139 for further information




Based at the University of Denver Sturm College of Law, the Privacy Foundation attracts a worldwide audience of professionals to the Foundation’s research findings as well as public seminars on topical privacy issues.

The Privacy Foundation conducts research and educates both practitioners of the legal profession and the general public about technologies that affect personal privacy when improperly implemented. Wireless, digital television, satellite, biometric, and Internet technologies enhance the possible tracking of individuals in ways never before imaginable. The Privacy Foundation was formed to research the privacy and security implications of this highly networked world. In researching new technologies – and in describing their business, legal and societal implications – the Foundation serves to identify possible threats to individual privacy. The Foundation also assists media outlets in their efforts to accurately inform and educate the public concerning the ever-present tension between privacy and security. The target audience includes members of the business community, public policy members, academic scholars, privacy advocates, and attorneys.

In pursuit of this mission, the Privacy Foundation hosts bi-annual seminars for the legal and privacy professional communities.

Artificial Intelligence: Cheat Sheet

A Practical Guide to CCPA Readiness

Your readiness roadmap for the California Consumer Privacy Act (CCPA)

Comparing Privacy Laws: GDPR v. CCPA

CCPA and GDPR Comparison Chart

Inside the lobbying war over California's landmark privacy law

How Unique am I?

How unique are you based on your gender, date of birth and zip code? Professor Dewri of the DU Computer Science Department has a web tool to estimate the numbers for you based on the 2010 USA Census data. The more unique you are, the easier it can be identify you in the digital realm. What is your score?

The Privacy Foundation Team

Professor Emeritus John T. Soma is the executive director of the Privacy Foundation at the University of Denver. After completing his PhD in economics in 1975, Professor Soma served from 1976 to 1979 as trial attorney for the U.S. Department of Justice, Antitrust Division, Washington, D.C., where he was primarily assigned to the Department of Justice trial team in the U.S. v. IBM litigation. In 1979, he joined the University of Denver College of Law faculty. In addition to six books on computer law, Professor Soma has authored more than 40 professional articles in the computer law and privacy area.

Bob Voorhees began working with computers in 1967. He has held management positions in IT Audit, Security, and Operations and has been involved in computer forensics and computer crime investigation. He has been a Certified Information Systems Auditor since 1979, holds a Masters in Computer Resource Management and an MBA and serves as senior analyst for the Privacy Foundation.


Sturm College of Law
University of Denver
2255 E. Evans Avenue
Denver, CO 80208