SPONSOR: Clemens
This bill establishes the Biometric Information Privacy Act. Any private entity in possession of "biometric identifiers" or "biometric information", as defined in the bill, must have a written and publicly available retention schedule and guidelines for permanently destroying the identifiers and information when the initial purpose for collecting or obtaining them has been satisfied, or within one year of the individual's last interaction with the private entity, whichever occurs first.
No private entity can collect, purchase, receive, or otherwise obtain an individual's biometric identifier or information without first informing the individual in writing of the information being collected and the purpose for collection and receiving a written release from the individual authorizing the collection. No private entity in possession of biometric identifiers or information may sell, lease, trade, or otherwise profit from an individual's identifier or information.
Any entity or individual required to comply with the Health Insurance Portability and Accountability Act must treat biometric identifiers and information as individually identifiable health information protected under the Act.
No private entity may disclose or disseminate an individual's biometric identifier or information unless it has a written release from the individual, the disclosure completes a financial transaction requested or authorized by the individual, the disclosure is required by law, or the disclosure is required pursuant to a warrant or subpoena.
A private entity in possession of biometric identifiers or information must securely store the identifiers or information in accordance with the provisions of the bill.
A private entity must not:
(1) Condition the provision of a good or service on the collection, use, disclosure, transfer, sale, retention, or processing of a biometric identifier unless the biometric identifier is strictly necessary to provide the good or service; or (2) Charge different prices or rates for goods or services or provide a different level of quality of a good or service to any individual who exercises the individual's rights.
Any person aggrieved by a violation of the provisions of this bill will have a right of action in court. The court must award all attorneys' fees and costs, including expert witness fees and other litigation expenses, to a prevailing plaintiff. A prevailing plaintiff may recover against a private entity for each violation in varying amounts, depending on whether the entity was found negligently in violation or intentionally or recklessly in violation.
This bill is similar to HB 407 (2025).
Statutes affected: