This bill establishes regulations regarding the use of biometric surveillance systems by business entities, specifically prohibiting their use on consumers at physical premises unless certain conditions are met. A business entity must provide clear and conspicuous notice to consumers about the use of such systems and ensure that the systems are employed for lawful purposes. The notice requirement can be fulfilled by posting a sign in a visible location. Additionally, if a business entity uses information from a biometric surveillance system to deny or remove a consumer from its premises, it must provide a detailed explanation of its actions and the criteria used for its decision.

Furthermore, the bill prohibits business entities from profiting from information obtained through biometric surveillance, including selling, leasing, or sharing such data. Violations of these provisions are classified as unlawful practices under the consumer fraud act, with penalties including monetary fines, cease and desist orders, and potential punitive damages. Notably, a business entity will not face penalties for a first violation if it demonstrates compliance within 30 days of being informed of the violation. The bill is set to take effect six months after its enactment.