Biometric information includes retina or iris scans, fingerprints, voiceprints, hand scans, facial geometry, DNA, and other unique biological information.

BIPA establishes standards for how companies must handle consumers’ biometric information. In addition to its notice and consent requirement, the law prohibits any company from selling or otherwise profiting from consumers’ biometric information. BIPA continues to stand as the most protective biometric privacy law in the nation, with the only one of its kind to offer consumers protection by allowing them to take a company who violates the law to court.


A person’s biometric information belongs to them, and only them. This information should never be left to corporate interests who want to collect data and use it for commercial purposes. BIPA is currently the one legislation that makes it unlawful for private companies to use facial recognition technology to identify and track people without their consent. This technology has proven to be both inaccurate and harmful, making it prone to discriminatory effects, especially on women and people of color. Yet, more than a decade after BIPA’s enactment, we constantly hear new examples about companies seeking to collect, share, and misuse personal information of millions of people, without their knowledge or consent. At this critical moment, it is important for state decision makers to continue protecting BIPA under mounting attacks.

Unlike a phone number, email address, or other password, biometric information can never be changed! That is why we continue to rely upon BIPA to protect our most sensitive information.

Bill Movement:

  • Introduced: 2/21/23
  • Passed Committee: N/A
  • Passed House or Senate: N/A
  • Accepted by House or Senate: N/A
  • Passed Committee: N/A
  • Passed House or Senate: N/A
  • Sent to Governor: N/A
  • Action by Governor: N/A




2023 General Assembly