Where BluSKY Person Recognition may not be accepted

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Portland, OR (citywide private-sector ban in public accommodations).

Private entities may not use “Face Recognition Technologies” in any place of public accommodation (retail, lobbies open to the public, etc.). Limited exceptions (e.g., unlocking your own device). Statutory damages are $1,000 per day per violation. This is the one city where a BluSKY Person Reader using face recognition in a publicly accessible area would generally be disallowed. (Portland.gov)

Cities with government-only bans

These ordinances restrict city departments/police, not private property owners/operators:

San Francisco, CA – Government ban; private use not covered. (Davis Wright Tremaine, San Francisco Police Department)
Boston, MA – Government ban. (Electronic Frontier Foundation, WBUR)
Minneapolis, MN – Government ban (police/city agencies). (lims.minneapolismn.gov, GovTech)
Portland, ME – Government ban; later strengthened by voter initiative. (ACLU of Maine, Epic Privacy, Electronic Frontier Foundation)

Bottom line for these: BluSKY Person Readers in private facilities are generally permissible, but deployments in city-owned buildings (or with city agencies as customers) could be restricted.

Cities where it’s allowed but conditioned

New York City, NY

Commercial establishments (retail/food/entertainment) must post a biometric notice and may not sell/trade biometric identifier information (Local Law 3 of 2021 + DCWP rule). (intro.nyc, rules.cityofnewyork.us)
Residential “smart access” (multifamily): the Tenant Data Privacy Law requires express consent, strict data-minimization/retention limits, and prescribes disclosures—very compatible with BluSKY’s on-reader opt-in/opt-out and limited data approach. (NYC Government, Hunton Andrews Kurth, nylaborandemploymentlaw.com)

Notable recent change

Baltimore, MD

A 2021 law temporarily banned private use of facial recognition, but it included a sunset and expired Dec. 31, 2022. Private deployments are currently permitted (subject to any state/federal rules). (SHRM, Hunton Andrews Kurth)

State laws that affect city deployments

(Not bans—but high-stakes consent/retention rules. These apply anywhere in the state, including big cities.)

Illinois (BIPA) – Written consent, public retention schedule, deletion after purpose or 3 years after last interaction, private right of action (heavy litigation). If you deploy in Chicago or elsewhere in IL, make sure your BluSKY flow captures explicit consent and your policy is published. (Note: penalties were moderated in 2024 but compliance remains crucial.) (Illinois General Assembly, Illinois General Assembly, Reuters)
Texas (CUBI) – Inform before capture and obtain consent for “record of hand or face geometry”; confidentiality and destruction duties. Relevant in Dallas/Austin/Houston and statewide. (Texas Statutes, Texas Attorney General, Justia)
Washington State (RCW 19.375) – Notice + consent or opt-out mechanism, disclosure/retention limits for commercial enrollment. Relevant in Seattle and statewide. (Washington Legislative Information, Justia)
Maine (statewide) – Strong government restrictions; does not ban private use. (Portland, ME’s city rule is government-only as noted above.) (American Civil Liberties Union)
Maryland (HB1202) – Narrow rule: employers need applicant consent to use facial recognition during interviews (not an access-control ban, but good to know for on-site recruiting). (Maryland General Assembly)

What this means for BluSKY Person Recognition

Hard stop: Public-facing deployments in Portland, OR (retail, publicly accessible lobbies) should disable facial recognition features and rely on card/phone/QR/PIN only; proof-of-presence photos are not the issue—the recognition is. (Portland.gov)
NYC retail/food/entertainment: Post the biometric notice; do not sell biometric info. NYC residential: capture explicit opt-in, follow TDPA data limits/retention. (intro.nyc, rules.cityofnewyork.us, NYC Government)
IL/TX/WA: Bake consent + retention + deletion into your BluSKY flows and BluINFO policy pages; your on-reader opt-in/opt-out and “no face-measurement templates” stance align well with these regimes. (Illinois General Assembly, Texas Statutes, Washington Legislative Information)