Four states propose legislation regulating collection, retention and use of biometric data

The state governments of Connecticut, New Hampshire, Washington, and Alaska have all proposed bills that would regulate the collection, retention and use of biometric data, according to a report by The National Law Review.

If the bills are passed, they could significantly impact the way that organizations capture, obtain, store, or use biometric information.

Many of these new legislative proposals have been modelled after Illinois’ BIPA, which requires companies to inform and receive written consent from the subject about the biometric data collection, retention, purpose and length of time, before proceeding.

Therefore, any business that collects or obtains biometric data is required to publically post a written data retention policy that meets statutory requirements, limit the sharing of biometric data, and protect and store with the same measures that it safeguards other confidential or sensitive information.

BIPA also includes a private right of action for an “aggrieved person” providing statutory damages of $1,000 for each violation and $5,000 for each intentional or reckless violation.

The proposed bills in Connecticut, New Hampshire, Washington, and Alaska includes some of the same provisions which would provide more exposure for businesses that collect and use biometric data.

Illinois and Texas are currently the only states with legislation addressing biometric capture for commercial purposes, however, a handful of other states have been working towards creating legislation

Article Topics

biometrics  |  BIPA  |  data collection  |  data storage  |  legislation  |  privacy