Privacy & Information Security Law Blog

On August 4, 2020, Senators Jeff Merkley (OR) and Bernie Sanders (VT) introduced the National Biometric Information Privacy Act of 2020 (the “bill”). The bill would require companies to obtain individuals’ consent before collecting biometric data. Specifically, the bill would prohibit private companies from collecting biometric data—including eye scans, voiceprints, faceprints and fingerprints—without individuals’ written consent, and from profiting off of biometric data. The bill provides individuals and state attorneys general the ability to institute legal proceedings against entities for alleged violations of the act.

Key elements of the bill include:

• requiring companies to develop and make publicly available written policies concerning their use of individuals’ biometric data, including the business purpose for collecting the data and a retention schedule and guidelines for permanently destroying the data;
• limiting the collection, capture, purchase, receipt or other method of obtaining individuals’ biometric data unless the company (1) requires the data in order to provide a service to the individual or has a valid business purpose; and (2) first informs the individual in writing that the data is being collected and receives the individual’s written consent;
• prohibiting the sale, lease, trade, use for advertising purposes or other form of profiting from individuals’ biometric data;
• limiting the disclosure of individuals’ biometric data unless (1) the individual provides written release; (2) the disclosure is at the request of the individual to complete a financial transaction; or (3) the disclosure is required by law or other legal process;
• providing individuals access to their biometric data upon request, including the types of data collected, purpose for use, sources of collection, third parties with whom the company shares data and the types of data shared with third parties; and
• providing individuals and state attorneys general the ability to bring civil actions against companies for alleged violations of the act.

Senator Merkley and other lawmakers have also proposed legislation that would prohibit federal use of biometric technologies, including the Facial Recognition and Biometric Technology Moratorium Act introduced in June.

Read the bill.