Ogletree Deakins Ogletree Deakins
Home > Insights & Resources > Blog Posts > AI on the Factory Floor: A Primer for Manufacturers

AI on the Factory Floor: A Primer for Manufacturers

By Lauren N. Watson
Download PDFPrintShare

Manufacturers across the country are deploying new technologies, including AI-enabled dashcams and surveillance cameras, productivity monitoring tools, and other automated decision-making technologies, to improve safety, production efficiency, and workforce management. These tools offer real operational benefits. They also create overlapping legal obligations that many manufacturers have not yet addressed.

00:00
24:53

Quick Hits

  • AI-enabled dashcams, facility surveillance cameras, and other safety and productivity monitoring tools can trigger data privacy obligations that vary by state.
  • A manufacturer’s compliance obligations do not depend on what the tool is called or how it is described, but on whether it collects sensitive data types, monitors workers, or generates outputs that feed into employment decisions.
  • Applicable law often demands manufacturers develop compliance strategies before these tools are deployed, not retrofit the strategies after regulatory enforcement or litigation forces the issue.

The question is not whether manufacturers may use these tools—they can. The question is what steps they must take before they begin using the tools and how they can ensure compliance with applicable law as they use them. Manufacturers are required to develop and leverage a state-aware compliance strategy built around three questions for each new tool: what data is collected, what does the system do with the data, and how is the tool’s output used in the workplace?

Your Cameras May Be Doing More Than You Think

Driver-facing artificial intelligence (AI) dashcams marketed for fleet safety are now standard in many commercial and industrial fleets. Likewise, surveillance cameras that identify individual workers on the floor for timekeeping or safety purposes, or track time-on-task for productivity and work assignment purposes, are becoming increasingly commonplace. But these technologies are not just safety and workforce management tools. Because they, in some instances, could be considered to use biometric data, they can trigger more onerous legal requirements in certain states.

Four states, Colorado, Illinois, Texas, and Washington, have implemented biometric-specific privacy laws. Although each law varies, common requirements include:

  • Consent: Obtaining express, informed consent from individuals prior to obtaining or utilizing their biometric data. The authorization process generally requires a signed, written acknowledgment that discloses the purpose of collection and retention timelines, among other things.
  • Data Protection and Security: Organizations must establish adequate safeguards (including vendor diligence and contractual terms), to shield biometric data from improper access or misappropriation.
  • Restrictions on Data Disclosures: These statutes broadly bar organizations from selling, leasing, disclosing, or profiting from an individual’s biometric data without their authorization.
  • Data Retention: Biometric privacy statutes typically establish a ceiling for how long organizations may maintain biometric data.

Certain of these laws also require the preparation of a written biometric privacy policy that describes the business’s practices with respect to the data.

Accordingly, manufacturers operating in these high-risk jurisdictions will want to treat the deployment of these tools as an operational decision requiring legal and security review, not just a hardware purchase. Before deploying AI-enabled dashcams or surveillance cameras, it would be appropriate for the company to conduct a deployment analysis to confirm whether the system captures or uses biometric data. If so, the deployment analysis likely needs to go further, which would include evaluating the use case and vendor security assessment, developing a strategy for obtaining and recording consent and retaining tool outputs, and clearly determining how the tool’s outputs will be used to identify further compliance obligations that should be met before the tool is rolled out to the workforce.

Tracking Productivity? There Are Rules for That

Technology that tracks keystrokes, idle time, work pace, and task completion rates are increasingly used for both administrative staff and floor workers. These tools, however, implicate a growing set of state laws that privacy-conscious employers cannot afford to ignore. Currently, four states have implemented laws specific to the electronic monitoring of employees.

Connecticut requires employers that engage in any type of electronic monitoring to give prior written notice to all affected employees and to post that notice in a conspicuous place readily available for viewing, though an exception exists where the employer has reasonable grounds to believe employees are engaged in conduct that violates the law, violates the legal rights of the employer or its employees, or creates a hostile workplace environment.

Delaware prohibits employers from monitoring telephone conversations, electronic mail, electronic transmission, or internet access or usage unless they either provide an electronic notice at least once daily or give a one-time written notice acknowledged by the employee, with an exception for processes designed solely for computer system maintenance or protection that are not targeted at a particular individual.

New York requires prior written notice upon hiring to all employees subject to electronic monitoring, along with a conspicuous workplace posting, and mandates that employees be advised and acknowledge that all telephone conversations, electronic mail, and internet access may be subject to monitoring at any time by any lawful means.

New York and Delaware limit their respective definitions of “employer” to entities with a place of business in the state, and the definitions feature a similar exception for nontargeted system maintenance processes.

Finally, Maine recently enacted its own employee monitoring law, which requires employers to, among other things, provide employees with written or electronic notice before engaging in electronic activities, further expanding the trend of state-level regulation in this space.

These laws should be construed broadly as likely applicable to a wide array of technologies given the complexity of modern devices and the quickly evolving nature of these regulations, and there is a high likelihood that future state legislation across the country will further restrict what is considered permissible employer monitoring. Accordingly, manufacturers that are planning to use monitoring tools in these jurisdictions must ensure employees are on notice of the tools they will use.

Automated Decisions, Real Legal Requirements

In addition to biometric functionalities, AI-enabled tools frequently utilized by manufacturers often implicate decision-making functionalities. As such, the use of these tools often implicates state AI laws, including the following:

  • California: California’s Fair Employment and Housing Act (FEHA) regulations bring automated-decision tools used in hiring under state anti-discrimination law, make bias testing relevant to liability, and require extended recordkeeping. The California Consumer Privacy Act’s (CCPA) automated decision-making technology (“ADMT”) regulations separately govern the use of automated decision-making technology for significant decisions, and require pre-use notice, the recognition of new data subject rights, and the completion of a risk assessment.
  • Colorado: The revised Colorado AI Act (effective January 1, 2027) requires deployers of covered ADMTs to give clear pre-use notice, post-adverse outcome disclosure within thirty days, and (on request) data correction instructions and meaningful human review where commercially reasonable.
  • Connecticut: Connecticut’s comprehensive AI law, signed May 29, 2026, covers “automated employment-related decision technology,” including any computation-based tool generating predictions, recommendations, rankings, or scores that make or materially influence employment decisions. Employers must disclose in plain language when applicants interact with automated technology and provide written pre-decision notice identifying the tool, its purpose, the data analyzed, and contact information.
  • Illinois: Illinois recently amended its Human Rights Act to make discriminatory-effect AI use in employment a civil rights violation, regardless of intent, and to require notice when AI is used in employment decisions.
  • New York City: Local Law 144 bars use of an automated employment decision tool unless a bias audit is completed and required pre-use notices are provided.
  • Texas: The Texas Responsible Artificial Intelligence Governance Act prohibits intentionally discriminatory AI use but does not impose disclosure mandates and requires more than disparate impact alone to prove a violation.

What It Means for Manufacturers

Manufacturers deploying AI-enabled monitoring and decision tools may want to consider inventorying every system that touches workers, map each to the states and worker groups it effects, and build a state-by-state notice-and-consent matrix that addresses biometric collection, electronic monitoring, and automated decisions. Manufacturers may want to review their vendor contracts to ensure they allocate responsibility for consent, privacy notices, retention, and security. And, vendor diligence should be supplemented whenever new features are enabled. Most importantly, manufacturers may want to define when AI outputs may inform employment decisions, train supervisors not to treat AI scores as self-proving facts, and retain the documentation that shows their compliance work, including risk assessments, bias-testing records, notices, and consents. The manufacturers best positioned to use these tools are those that can explain, tool by tool and state by state, what each system collects, what it decides, and how the company prevents a tool from becoming an unlawful employment decision engine.

Ogletree Deakins’ Cybersecurity and Privacy Practice Group and Technology Practice Group will continue to monitor developments and will post updates on the Cybersecurity and Privacy, Manufacturing, and Technology blogs as additional information becomes available.

Follow and Subscribe
LinkedIn | Instagram | Webinars | Podcasts

Author

Lauren N. Watson Profile Image
Lauren N. Watson
Associate, Raleigh

Topics

Cybersecurity and Privacy , Manufacturing , Technology

Browse More Insights

Podcasts Seminars Webinars
Fingerprint Biometric Authentication Button. Digital Security Concept
Practice Group

Technology

Ogletree Deakins is uniquely situated to provide tech employers and users (the “TECHPLACE™”) with labor and employment advice, compliance counseling, and litigation services that embrace innovation and mitigate legal risk. Through our Technology Practice Group, we support clients in the exploration, invention, and/or implementation of new and evolving technologies to navigate the unique and emerging labor and employment issues present in the workplace.

Learn more
Robotic arm and steel conveyor in assembly manufacturing factory.
Industry Group

Manufacturing

We know that the employment needs of manufacturers are unique to the industry, and we approach them as such, bringing effective and practical solutions tailored to the needs of specific workplaces and workforces. Several of our attorneys were formerly in-house counsel with manufacturing companies, giving us additional insight into the time-sensitive and practical needs of […]

Learn more
Modern dark data center, all objects in the scene are 3D
Practice Group

Cybersecurity and Privacy

The attorneys in the Cybersecurity and Privacy Practice Group at Ogletree Deakins understand that data now accumulates quickly, transmits easily, and—increasingly—is processed by artificial intelligence (AI) systems that introduce new dimensions of legal risk. 

Learn more

Sign up to receive emails about new developments and upcoming programs.

Sign Up Now