Guide to U.S. Biometric Privacy Laws

Just Updated: New Information and States Added as of January 2025!

What's New in This Edition:

  • New details on biometric privacy laws
  • 24 states included: details on state and local biometric information and related legislative trends

About the Guide to U.S. Biometric Privacy Laws

Welcome to the 2025 Security Industry Association (SIA) Guide to Biometric Privacy Laws for SIA members! Biometric technologies create, compare and match data based on physiological (either morphological or biological) or behavioral measurements, to uniquely identify a person. Biometric data is the data that is created from those measurements. The most common biometric technologies in use across government, commercial and consumer application today involve face, fingerprint, voice, iris or palm recognition. Recent advancements in computing power, artificial intelligence-driven software and industry innovation have made these technologies more affordable, accessible and ubiquitous in a wide variety of applications requiring more accurate and secure methods of identification. Biometric technologies have emerged as critical to the security field because they can enhance capabilities of solutions like video security, access control and identity management systems that help customers secure their facilities, employees and patrons against the threat of violence, theft or other harm. And there is no substitute for using biometrics when it comes to securing financial or other types of transactions where high-assurance identity authentication is essential. As state-level data privacy laws continue to be enacted across the country, and clarified by state courts, this guide, produced by SIA's government relations team and co-authored by Dykema, can serve as a starting point for any business user or industry supplier of biometric technologies attempting to navigate the legal landscape around biometrics throughout the United States, which can be complex. Businesses need to be proactive in their compliance quests. In particular, as we have seen in Illinois, a court’s interpretation of the law can change businesses’ compliance requirements quickly and impose instant litigation risks, which is why it’s imperative that a business consult an attorney regarding maintaining compliance, as the laws and their interpretations evolve.

In this informative guide, explore:

  • U.S. statewide laws that impose requirements on the use of biometric data and technologies in the following states and localities:
    • California
    • Colorado
    • Connecticut
    • Delaware
    • Florida
    • Illinois
    • Indiana
    • Iowa
    • Kentucky
    • Maryland
    • Minnesota
    • Montana
    • Nebraska
    • Nevada
    • New Hampshire
    • New Jersey
    • New York City
    • Oregon
    • Rhode Island
    • Tennessee
    • Texas
    • Utah
    • Virginia
    • Washington
  • Additional resources for BIPA compliance
  • And more!
Access the Guide to U.S. Biometric Privacy Laws This report (in PDF download format) is free for SIA members. Free for SIA members! If you are a SIA member, log in to your mySIA account to obtain free access to this valuable resource. (Not sure if your company is a member? Access the SIA Member Directory here.) Not a SIA member? You can purchase the Guide to U.S. Biometric Privacy Laws for $199 or become a member of SIA to unlock this and countless other benefits for your organization, including research and publications, training and education offerings, events and networking opportunities, advocacy, professional development and more. SIA membership starts at just $275 for associate members and $660 for regular members, which includes security manufacturers, integrators and others. Explore membership benefits, options and more.

This content is for SIA members only.

All employees of SIA member companies have access rights to this content. If you do not have an account with SIA, click here to create an account.

If you are not a SIA member, click here to join the SIA.