An identical version of the Illinois Biometric Information Privacy Act (BIPA) has been introduced in the Florida Senate. The bill includes the same private right of action. The Illinois BIPA has become an enormous revenue earner for the plaintiff’s bar, who have filed gotcha lawsuits against companies seeking millions of dollars on the ground that the companies did not comply with all of the technical requirements of the law. I suspect that is a similar driving force behind the Florida version.
Like the Illinois version, the Florida version does not take into consideration how biometric technology actually works. It is based on a misunderstanding that devices using biometrics for authentication are storing libraries of fingerprints, iris scans, etc., that can be hacked, stolen, and misused. Hopefully, if the legislation proceeds to receive serious consideration, the Florida Legislature will hold hearings to learn more about how biometric technology works, the massive liability a bill like this could create for companies doing business in Florida, and the possibility that companies will stop using what is the most secure form of authentication out of a fear of liability.
Given the politically conservative makeup of the Florida state legislature and Governor’s office, I do not anticipate that this bill will become law. Nevertheless, it is definitely under-the-radar legislation that has not received attention in the media and we should monitor it moving forward.