A bill that is now being considered by the Senate would prevent businesses from using biometric information about a customer “for any purpose other than that which the individual reasonably expects.”
What is “biometric information”?
An example of “biometric information” might be DNA you share with a genetic history company or facial recognition data gathered from photo sharing websites.
The bill would ban the “improper use” of this data, such as a company selling a customer’s DNA profile or fingerprint information without the customer realizing it.
With new technology comes new risks
Thanks to advancing technology, consumers today may be giving away more information about themselves than they realize. We use our fingerprints and facial recognition data to log into our smartphones, and may submit our DNA to ancestry companies like 23 And Me. The biometric bill’s sponsor, Rep. Luneau, says the bill would make it so companies “can't go selling [a customer’s biometric information] to the highest bidder, they can't go putting it online and giving it away to the world.”
Pros and cons
Proponents of the bill include former state representative and privacy advocate Neal Kurk, who argues “A reasonable person should have reasonable expectations of what should be done with his information… There’s no going back. You can’t get a new face, can’t change your DNA.” Such privacy advocates feel companies don’t always make it clear to their customers how their personal data – including biometric information - might be used by the company.
Opponents feel the measure is too broad, especially since people have different ideas about what they might “reasonably expect” businesses to do with their information. This could have all sorts of unintended legal consequences. For example, the attorneys in the state's consumer protection bureau already handle thousands of complaints every year. If the law passed, it could increase the number of complaints and require additional staffing.