In Colorado, a retailer, including hotels, is allowed to retain and use information obtained from IDs for the following purposes:
Colorado law does not regulate a business’s practice of scanning IDs or retaining information obtained from a scan. However, there are instances where merchants are required to record information related to identity, such as notarial services. ID scanning can improve the ease and accuracy of record keeping in these scenarios.
This law, which became effective on January 1, 2023, specifies how controllers must fulfill duties regarding consumers’ assertion of their rights, transparency, purpose specification, data minimization, avoiding secondary use, care, avoiding unlawful discrimination, and sensitive data.
Approved by the Governor on May 18, 2017, and effective from August 9, 2017, this bill states that a notary public shall maintain a journal in which they chronicle all notarial acts that they perform. The notary public shall retain the journal for ten years after the performance of the last notarial act chronicled in the journal.
This law provides an affirmative defense for ID scanning. It states that if a person who, in fact, is not twenty-one years of age exhibits a fraudulent proof of age, any action relying on such fraudulent proof of age shall not constitute grounds for the revocation or suspension of any license issued under this article or article 46 of this title.
Although this is specifically for dispensaries, it provides a good example of ID scanning laws in Colorado. The Colorado Department of Revenue requires that all dispensaries undergo “MED Training” in order to receive a Responsible Vendor designation, which is focused on preventing sales to minors, as well as acceptable forms of identification.
Please note that this information is intended to provide a general overview and does not constitute legal advice. Always consult with a legal professional for advice specific to your situation.
Yes, Colorado law does not regulate a business's practice of scanning IDs or retaining information obtained from a scan. However, the information obtained should be used for legitimate purposes such as verifying a customer's age or identity.
Colorado law does not specify a time limit for retaining the information obtained from ID scanning. However, businesses should adhere to best practices and privacy laws, retaining the information only as long as necessary.
Yes, hotels can use the information obtained from ID scanning for purposes such as verifying a check payment, evaluating creditworthiness, detecting or reducing the risk of fraud, abuse, identity theft or other crimes, collection activities, or confirming that a customer has met the motor vehicle financial responsibility requirements.
Yes, hotels can disclose such information to the Department of Transportation, insurance licensees, notaries, financial institutions if permitted by federal law, or law enforcement agencies.
While Colorado law does not specify penalties for misuse of information obtained from ID scanning, businesses should adhere to privacy laws and best practices to avoid potential legal issues.
While there are no specific laws in Colorado that directly address the use of ID scanning technology in hotels, the general principles of privacy and data protection apply. Hotels must ensure that any data collected through ID scanning is securely stored and used only for legitimate purposes such as verifying a guest's identity or age. Misuse of this data could potentially lead to legal issues.