HOA HELL, a groundbreaking book for California homeowners by Michael B. Kushner

Order Now
CALL US TODAY (949) 767-3910

Can a California HOA Use Biometric Surveillance in Common Areas?

by | Fact Sheets

Overview

Security cameras have become common in HOA communities, and in the prior Fact Sheet in this series, I examined when an HOA may lawfully install ordinary surveillance cameras in common areas such as hallways, entrances, garages, and elevators. But surveillance-related technology has advanced quickly over the last several years, and with those advances comes new privacy concerns and challenges.

Biometric surveillance, however, goes well beyond ordinary video monitoring. Instead of simply recording activity in a location, these systems attempt to identify individuals based on biological or behavioral characteristics. Facial recognition systems are the most familiar example, but biometric technologies may also include fingerprints, voiceprints, retinal scans, and other identifiers used to establish identity. Civil Code 1798.140, part of the California Consumer Privacy Act (CCPA), defines biometric information broadly and specifically includes facial recognition data and other identifiers used to recognize or verify a person’s identity.

Although most HOAs are not “businesses” regulated by the CCPA itself (although its security vendors might be), the statute’s definition of biometric information highlights how sensitive this type of data is under California law. Unlike ordinary security camera footage, biometric systems convert a person’s physical characteristics into persistent identifying data that can be stored, analyzed, and used to track individuals over time. That difference raises privacy concerns far beyond those associated with traditional video surveillance.

California law places strong limits on surveillance practices that intrude upon personal privacy. Article I, Section 1 of the California Constitution expressly protects the right to privacy. Courts applying that provision recognize that individuals retain control over highly sensitive personal information, including identifying data that can be used to track their movements or confirm their identity. Statutes such as Penal Code 647 and Civil Code 1708.8 reinforce those protections by prohibiting visual surveillance that captures activities performed where people reasonably expect privacy.

Location tracking raises similar concerns. Penal Code 637.7 prohibits the use of electronic tracking devices to determine the location or movement of a person without consent. Although that statute primarily addresses physical tracking devices, its underlying principle reflects California’s strong stance against unauthorized monitoring of an individual’s movements. Biometric surveillance systems that identify residents and follow their movements throughout a building or development raise many of the same concerns.

An HOA’s duty to maintain common areas and promote resident safety must always be balanced against residents’ privacy rights. Improper implementation of facial recognition or biometric tracking systems could expose an HOA to serious liability for invasion of privacy or negligence if the system collects identifying information without adequate safeguards and consent or uses that information in ways that intrude upon residents’ privacy.

This Fact Sheet addresses whether California HOAs have the right to implement enhanced video surveillance technology that gathers biometric and location data of its residents and guests and what the law says about that. Given the strength of California’s privacy protections and the sensitivity of biometric data, it is difficult to see how an HOA could implement such technology lawfully without obtaining clear, informed consent from all of the residents whose biometric information would be collected.

This Fact Sheet is the fourth in a five-part series on security cameras and privacy rights in California HOAs. In the first Fact Sheet, “Can My California HOA Stop Me From Installing Security Cameras on My Property?,” I explained the rules governing homeowner-installed cameras on member properties. The second Fact Sheet, “Can a California Condo Owner Install a Video Doorbell Outside Their Unit?,” addressed the unique challenges condominium owners face when installing doorbell cameras. The third Fact Sheet, “Can a California HOA Install Security Cameras in the Common Areas?,” examined the authority of HOAs to install ordinary surveillance cameras in shared spaces. And the final Fact Sheet, “Is It Illegal to Record Audio on Security Cameras in California HOAs?,” explains the separate legal limitations that apply when cameras record not just video, but also audio.

Key Points

Biometric surveillance in an HOA common area raises a very different legal issue than ordinary security cameras. The question is not simply whether an HOA wants better security. The real question is whether an HOA can identify residents and guests, store that identifying data, and potentially track their movements in the name of common area safety without crossing the line into unlawful surveillance.

  • Biometric surveillance does far more than record activity in a common area. An ordinary security camera records what happens in a hallway, garage, elevator, or lobby. A biometric system goes further by attempting to identify the people appearing in the footage through facial recognition or other biological markers. That difference matters because once an HOA moves from merely observing conduct in a common area to identifying and tracking specific individuals, it shifts from ordinary security monitoring into the collection and use of highly sensitive personal information.
  • California law treats biometric information as unusually sensitive personal data. The CCPA (at Civil Code 1798.140) defines biometric information broadly and includes facial recognition data and other identifiers used to establish identity. Although most HOAs are not businesses regulated by the CCPA itself (though some HOA vendors very well may be), the importance of that definition is to highlight how seriously California law treats the collection or use of biometric information. In other words, the law does not treat facial recognition as just another form of camera footage. It treats it as a category of information capable of uniquely identifying a person.
  • California’s constitutional and statutory privacy protections create major legal barriers to biometric surveillance by HOAs. Article I, Section 1 of the California Constitution expressly protects the right to privacy. Courts applying that provision recognize that people retain control over highly sensitive personal information, including identifying data that can confirm who they are or track where they go. Penal Code 647 and Civil Code 1708.8 reinforce those protections by prohibiting certain forms of visual intrusion into private spaces and the use of devices to capture images of activities performed where people have a reasonable expectation of privacy. When an HOA installs a system that identifies residents and guests, and even tracks their movements, rather than merely recording activity in the HOA’s common areas, those privacy protections move to the center of the analysis.
  • Explicit informed consent is required before an HOA can collect biometric data. Some HOAs that are trying to implement the use of biometric surveillance have argued that inclusion in the governing documents of such a right is sufficient “consent.” Such HOAs are almost certainly wrong. General agreement to live in an HOA, accept the CC&Rs, or comply with operating rules does not, however, waive constitutional or statutory privacy rights. If an HOA wants to collect facial recognition data or other biometric identifiers from residents or guests, it cannot plausibly rely on broad community rules as a substitute for meaningful, informed consent. The law treats this kind of information as too sensitive for that. At a minimum, any attempt to justify this type of surveillance would require clear, informed, and affirmative consent from the people whose biometric data would be collected. [It is worth noting that the Davis-Stirling Act already recognizes a homeowner’s right to withhold much less sensitive personal information. Civil Code 5220 allows members to opt out of sharing their name, property address, email address, or other mailing address with other members through the HOA’s membership list. If California law protects a homeowner’s right to withhold basic contact information, it is difficult to imagine a court concluding that an HOA could collect and use far more sensitive identifying data such as biometric identifiers or location-tracking information without that homeowner’s explicit consent.]
  • Location tracking creates a second layer of legal exposure. Penal Code 637.7 prohibits the use of electronic tracking devices to determine the location or movement of a person without consent. While that statute primarily addresses physical tracking devices, its core principle fits this issue closely. A biometric surveillance system that identifies residents and tracks their movements throughout a building or development raises many of the same concerns because it allows the HOA, or its vendor, to monitor where people go and when they go there. That kind of persistent movement tracking goes far beyond the legitimate function of an ordinary common area security camera.
  • An HOA’s safety-related obligations do not give it unlimited authority to collect resident/guest data. HOAs do have obligations to maintain common areas and respond reasonably to known safety risks. In some communities, that may justify ordinary security cameras, lighting, locks, gates, security personnel, or other safety measures in common areas. But those duties must be balanced against the privacy rights of the residents and guests. An HOA cannot take a general duty to promote safety and use it as a blank check to identify, catalog, and track every person who enters the property. The fact that a board wants more security does not answer whether a far more intrusive surveillance method is lawful.
  • Less intrusive alternatives make biometric surveillance extremely difficult for an HOA to justify. That balancing problem becomes even more severe because HOAs have many less intrusive ways to address safety concerns. Ordinary security cameras, controlled access systems, guest sign-in procedures, vendor check-in protocols, lighting improvements, gates, and locks all allow an HOA to deter crime and monitor common areas without collecting facial recognition data or tracking residents’ movements. The availability of those alternatives makes it hard to argue that facial recognition or biometric tracking is necessary.
  • Non-consensual or improper use of biometric surveillance can expose an HOA to serious liability. If an HOA collects identifying data without adequate consent, stores it insecurely, misuses it, shares it improperly, or deploys a system that intrudes into residents’ privacy, the HOA can expose itself to serious claims for invasion of privacy, negligence, breach of fiduciary duty, and related liability. The problem is not limited to the initial installation of the system. The collection, storage, security, retention, and use of the data all create significant risk. And because HOA boards are typically composed of laypeople rather than trained privacy or cybersecurity professionals, that risk becomes even harder to manage responsibly.
  • If your HOA attempts to implement biometric surveillance, call MBK Chapman. I’m widely considered the leading pioneer of homeowner-side HOA law in California, and the HOA lawyers that I’ve trained at MBK Chapman are widely considered the very best in the state at representing homeowners in disputes with their HOAs. When an HOA adopts surveillance systems that exceed the limits imposed by California’s privacy laws, our HOA lawyers can step in to challenge those practices and protect your rights.

California law may permit ordinary security cameras in common areas, but enhanced biometric surveillance presents a very different legal problem. Once an HOA begins identifying residents and guests, storing their biometric data, or tracking their movements, the analysis shifts sharply toward privacy rights and away from routine common area security. For these reasons, HOAs that attempt to deploy biometric surveillance in common areas assume legal risks far greater than those associated with ordinary security cameras.

 

FAQs

Can a California HOA use facial recognition cameras in the common areas?

Almost certainly no. While HOAs may install ordinary security cameras in common areas for safety purposes, biometric systems that identify residents and guests raise much more serious privacy concerns. Because these systems collect and analyze identifying data, their use can conflict with California’s constitutional right to privacy and related privacy statutes.

Does California law treat biometric information differently from ordinary camera footage?

Yes. Civil Code 1798.140, part of the CCPA, defines biometric information broadly and includes facial recognition data and other identifiers used to establish identity. That definition reflects how seriously California law treats the collection and use of biometric data. Unlike ordinary video footage, biometric systems generate persistent identifying information that can be stored and analyzed.

Do residents have privacy rights in HOA common areas?

Residents generally do not have a reasonable expectation of privacy in shared spaces such as hallways, entrances, elevators, or garages. Biometric surveillance, however, that identifies individuals and tracks their movements likely violate their privacy rights even if such data is captured only in the common areas. Systems that go beyond recording activity and begin identifying people can trigger constitutional and statutory privacy protections.

What laws apply if an HOA surveillance system intrudes on residents’ privacy?

Article I, Section 1 of the California Constitution protects the right to privacy. Penal Code 647 and Civil Code 1708.8 reinforce those protections by prohibiting certain forms of visual intrusion into private spaces and the use of devices to capture images of activities performed where people have a reasonable expectation of privacy. Violations of these protections can expose an HOA to civil liability.

Can an HOA track the movements of residents using surveillance technology?

I don’t think so. Tracking a person’s movements from one location to another without affirmative informed consent raises serious privacy concerns.

Does agreeing to the CC&Rs give an HOA permission to collect biometric data?

Even if your HOA’s governing documents authorized the HOA to use biometric surveillance, my answer would be very likely not. Agreement to live in an HOA and comply with the governing documents does not waive constitutional or statutory privacy rights. HOAs cannot rely on general community rules as a substitute for meaningful consent when collecting highly sensitive identifying information.

About MBK Chapman Fact Sheets

Homeowners searching for answers online will often come across articles that appear authoritative, but are actually written as search-engine marketing content rather than by an experienced HOA lawyer. These pieces tend to prioritize keyword density over clarity, accuracy, or legal context, which often leaves homeowners more confused than informed.

At MBK Chapman, our Fact Sheets are part of our HOA Law Library and are written by Michael Kushner, an HOA lawyer with decades of hands-on experience representing California homeowners. In fact, Michael Kushner is the HOA lawyer who pioneered the systems and strategies used by some of California’s most successful homeowner-side HOA law firms.

Each Fact Sheet is deliberately concise, statute-based, and designed as a quick-reference guide to help homeowners understand key HOA laws and enforcement rules at a glance.

 

AND DON’T FORGET TO TUNE INTO MY PODCAST, HOA HELL

 

YOU CAN ALSO ORDER MY GROUNDBREAKING BOOK

HOA HELL | California Homeowners’ Definitive Guide to Beating Bad HOAs

 

Amazon  |  Barnes & Noble

 

HOA HELL Book