As technology advances, private consumers now have access to devices that were once limited to specialized business or government use. Modern technology used by employers for work purposes and employees bringing their own technology to the job poses potential issues in the workplace as it related to privacy.  Today, employers and employees can obtain, preserve, and use biometric information about others with tools that fit seamlessly into daily life.

Biometric information refers to measurable biological data or behavioral characteristics that can be used to identify an individual. Unlike passwords or ID badges, biometric identifiers are tied to a person’s physical traits. Employers can reset passwords or issue new identification, but individuals cannot easily change biological features that define them.

Common examples of biometric identifiers include:

• Fingerprints
• Facial geometry or facial recognition data
• Retina or iris scans
• Voiceprints
• Hand or palm geometry
• DNA in some jurisdictions

One of the newest workplace concerns involving biometric data is the rise of smart glasses. These devices are marketed as convenient and stylish, but they also record audio and video, support AIgenerated meeting summaries, store data, and allow communication functions such as sending emails or making calls. Smart glasses are increasingly used for tasks that benefit employers, including facial recognition for security in place of ID badges, sales applications that match customers to products, and medical uses that help clinicians document symptoms or conditions.

This new technology creates a complex set of issues for employers who may consider restricting their use. For example, an employee may rely on prescription smart glasses to perform essential job functions or may use them as an assistive device for a visual or hearing impairment. A blanket ban could trigger compliance concerns under the Americans with Disabilities Act. Smart glasses also raise workplace privacy issues, particularly in jurisdictions that require mutual consent for audio recording. In addition, restrictions may interfere with employee rights under the National Labor Relations Act, which protects the ability to document unsafe conditions or workplace misconduct. Finally, the devices can collect biometric data such as eye tracking and facial recognition, which may implicate state biometric privacy laws.

The ADA and Smart Glasses

While ordinary prescription glasses are not considered a disability under the ADA, smart glasses used to assist employees with significant visual, or hearing impairments may qualify as a reasonable accommodation. Some employees may need smart glasses to enlarge text, improve readability, or provide realtime transcription. A broad prohibition on smart glasses could therefore be viewed as disregarding legitimate accommodation needs. As these devices become more common, employers should revisit internal policies and continue engaging in the interactive process to ensure compliance with the ADA.

Employee Rights and Workplace Privacy

Smart glasses also raise concerns about privacy and data security. Because they resemble ordinary eyewear, they allow users to record conversations without others realizing it. They can also capture proprietary or confidential information through photos or video. These capabilities may disrupt workplace operations and complicate efforts to protect intellectual property. Employers must balance legitimate security concerns with employee rights and applicable privacy laws, especially when these devices are required or encouraged by the employer  enhance productivity.

Biometric Privacy

Given the sensitive nature of biometric data, several states have enacted laws to regulate its collection and use. Illinois, Texas, and Washington have taken the lead, and their laws directly affect how emerging technologies, including AIenabled smart glasses, may be used in workplaces and public settings.

Illinois’ Biometric Information Privacy Act, enacted in 2008, is widely regarded as the strongest biometric privacy law in the country. It is the only statute that allows a private individual to bring a lawsuit if they believe their biometric information was collected or used in violation of the law. The statute requires a written retention and destruction schedule, written consent before collecting biometric data, and a prohibition on selling the information. Violations can result in penalties ranging from one thousand to five thousand dollars, along with attorney’s fees.

Texas and Washington have similar goals but take a different approach. Both states limit enforcement to the state attorney general and apply less restrictive standards on the sale or disclosure of biometric information. These distinctions become especially important when organizations deploy AI glasses that can capture facial geometry, voice patterns, eye movements, and other biometric identifiers in real time. Any use of smart glasses involving facial recognition, identity matching, or continuous biometric monitoring must be evaluated under these state laws to avoid unauthorized collection or use of biometric data.

Several additional states are developing their own biometric privacy laws. This trend reflects a broader national movement toward regulating technologies that collect biometric information and underscores the need for consistent and compliant datahandling practices before deploying smart glasses in the workplace.

Practical Considerations

With the rapid pace of technological change, employers must stay several steps ahead. Companies should consider:

• Drafting clear policies governing the use of AI devices, including smart glasses
• Monitoring legal developments in relevant jurisdictions to ensure policies remain current
• Implementing security safeguards such as geofencing to limit unauthorized use
• Training staff regularly on policy requirements and security risks
• Reviewing vendor and contractor agreements to ensure alignment with company protocols

Smart glasses can provide substantial benefits in the workplace, but they also introduce significant legal and operational risks. Employers that are thinking forward in regard to workplace policy development, privacy compliance, and employee engagement will be better positioned to harness the advantages of this technology while minimizing exposure. As biometric privacy laws continue to evolve, thoughtful planning and consistent oversight will be paramountfor maintaining a safe, compliant, and forwardlooking workplace.

If you would like to learn more about AI in the workplace  or want assistance drafting your own policy, please contact CMBG3 Law.

Nathanael E. Wright is a partner and a member of the Emerging Practice Group at CMBG₃