A second US state debates letting residents sue for misuse of biometric identifiers

Little progress has been recorded for a bill in the U.S. state of Missouri that would protect biometric information from misuse by businesses.

The Biometric Information Privacy Act, (House Bill 1047) introduced to Missouri’s lower house in February, has languished in the Emerging Issues Committee since May. No hearings are scheduled, not has any business for the bill been put on a calendar.

Note is being taken of the bill for its close resemblance to a very similar law passed in 2008 by neighboring state Illinois. That state’s law also is called BIPA.

Other states are working on legislation to protect biometric identifies from being collected without consent and without notice of how the data will be managed and secured. But only Illinois has those regulations plus a right to sue businesses for misusing identifiers.

In fact, the bill, which must still pass the House, then the Senate and be signed by the governor, has the same monetary penalties.

An analysis by legal trade publication JD Supra claims that businesses found to be negligent in violating the law would have to pay up to $1,000 and pay $5,000 or actual damages for intentional or reckless violations.

It is not clear if the law affords discretion in assigning actual damage figures or if a person has the right to sue for each violation. Many businesses in the United States make employees scan their finger or iris biometrics upon starting or ending a workday.

The covered biometric identifiers are described as they commonly are – scans of eyes, fingers, face, voice, face or other biological characteristics.

The bill could be dead. Opposition to Illinois’ is slowly growing among businesses with some saying the state’s law could bankrupt some businesses.

Article Topics

biometric data  |  biometric identifiers  |  Biometric Information Privacy Act (BIPA)  |  biometrics  |  data protection  |  lawsuits  |  legislation  |  privacy  |  United States