New York City passed a law imposing specific requirements on real estate owners in the city. As buildings are becoming “smarter” landlords are collecting more data about the building coming in, moving around inside, and exiting from their buildings.
This is largely for good intentions. It makes the elevators more efficient. It makes the heating and cooling systems more efficient, reducing the carbon footprint of a building. It makes the building more secure.
But of course, this data could be used for bad acts. New York City’s Tenant Data Privacy Act is trying to limit the use of this data for bad purposes.
The law is limited to residential buildings in NYC. Even if that’s not applicable to you, it provides some good items for compliance officers to think about when it comes to property data privacy.
- Consent. Building owners have to get tenants’ express consent “in writing or through a mobile [app]” before collecting certain data from tenants.
- Privacy policy. Building owners need a “plain language” privacy policy to tenants that discloses how data is collected and how it used.
- Safeguards. Building owners must implement security measures to protect tenants’ data and the data of any other users of the smart access system.
- Data destruction. Building owners must destroy data in specified timelines.
As for the bas use of data, the law prevent apartment building owners from using the data to harass or evict a tenant.
Sources: