Bill > HB407

This bill establishes the "Biometric Information Privacy Act" in Missouri, creating comprehensive regulations for the collection, use, storage, and protection of biometric identifiers and information by private entities. The bill defines biometric identifiers as unique biological characteristics like retina or iris scans, fingerprints, and facial geometry, while explicitly excluding certain items like photographs, medical images, and written signatures. Private entities are now required to develop a public written policy for retaining and destroying biometric data, obtain explicit written consent before collecting such information, and inform individuals about the specific purpose and duration of data collection. The act prohibits selling, leasing, or trading biometric information and restricts its disclosure, allowing such actions only with written consent, for completing financial transactions, or when required by law. Entities must protect biometric data using industry-standard security measures and cannot discriminate against individuals who choose not to share their biometric information. Individuals who believe their rights under this act have been violated can pursue legal action, with potential damages ranging from $1,000 to $5,000 per violation depending on the nature of the infringement, and the possibility of recovering attorney's fees. The bill includes several exemptions for healthcare providers, government agencies, and financial institutions, ensuring that the regulations do not interfere with existing privacy laws and professional practices.

https://house.mo.gov/Bill.aspx?bill=HB407&year=2025&code=R