Wondered if something like HIPAA might be applicable where the author describes eye-tracking data as individual health data; upon further reading I found HIPAA’s scope is limited to specific types of entities that collect and record health data.
I can see where an activity like this would have benefits for medical research, but employing it to get clicks and shit…
Ooooooh don’t even get me started on HIPAAs limitations, let alone enforcement!
When we have our facial recognition week, let’s be sure to ask our speaker (Varoon from AI Now Institute) about other kinds of biometrics like this. To me that’s where the future of privacy violations are – eye tracking, gait analysis, speech recognition, and so on.