Disclaimer: This page provides general informational summaries only and does not constitute legal advice. AI-generated content may contain errors. Always consult a qualified attorney for guidance specific to your situation.
Read full disclaimer →
AI Summary
This bill mandates private entities to establish retention schedules for biometric data and prohibits its collection and disclosure with exceptions.
Business Impact
If you collect biometric data in Kentucky, you must develop a retention and destruction schedule or face civil penalties.
What do these statuses mean? ▼
Introduced
— Filed in the legislature; not yet heard in committee
In Committee
— Assigned to and being reviewed by a legislative committee
Passed
— Approved by one or both chambers; awaiting further action
Signed / Enacted
— Signed into law by the governor; may or may not be in effect yet
Dead / Vetoed
— Vetoed, failed to pass, or session expired without action
Unknown
— Status data not yet available or awaiting classification
Affected Industries
What This Means
HB32 aims to regulate biometric data collection by requiring private entities to create retention schedules and prohibiting unauthorized collection and disclosure. This legislation could significantly impact businesses that handle biometric identifiers, such as facial recognition technology providers and data analytics firms.
Key Provisions
- Defines terms related to biometric data.
- Requires retention and destruction schedules for biometric identifiers.
- Prohibits collection, trade, and disclosure of biometric information with exceptions.
- Establishes a standard of care for collecting biometric data.
- Creates a civil cause of action for violations.
Latest Legislative Action
WITHDRAWN
Bill Sponsors (showing 5 of 29)
| Name | Role |
|---|---|
| A. Camuel | Primary |
| A. Donworth | Primary |
| A. Gentry | Primary |
| A. Moore | Primary |
| A. Thompson | Primary |
Compliance Checklist
Develop a retention and destruction schedule for biometric data.
Who: Private entities collecting biometric data.
Penalty: Civil cause of action for violations.
Who: Private entities collecting biometric data.
Penalty: Civil cause of action for violations.
Ensure compliance with the prohibition on unauthorized collection and disclosure.
Who: Private entities collecting biometric data.
Penalty: Civil cause of action for violations.
Who: Private entities collecting biometric data.
Penalty: Civil cause of action for violations.
Related & Companion Bills
Full Legal Analysis
The proposed bill HB32 establishes a new section in KRS Chapter 369 to define key terms related to biometric data. It requires private entities to develop and adhere to a retention and destruction schedule for biometric identifiers and information, ensuring that such data is not retained longer than necessary. Furthermore, the bill prohibits the collection, trade, and disclosure of biometric information by private entities, with limited exceptions, thereby enhancing privacy protections for individuals. A standard of care is also introduced for entities collecting biometric information, which may raise compliance expectations. Violations of these provisions would create a civil cause of action, allowing affected individuals to seek legal recourse. This bill aligns with similar regulations in states like Illinois, which has enacted stringent biometric privacy laws, indicating a growing trend towards stricter oversight of biometric data practices.
Official Source
Official Bill Text
View HB32 on official legislature website →
Affected Industries
More Kentucky AI Legislation
HB 227
AN ACT relating to addictive online platforms.
High
HB 455
AN ACT relating to artificial intelligence and declaring an emergency.
Medium
HB227
AN ACT relating to addictive online platforms.
High
HB58
AN ACT relating to privacy protection.
Medium
HB692
AN ACT relating to data privacy.
Medium
SB4
AN ACT relating to protection of information and declaring an emergency.
High
View All KY Laws →
More Kentucky AI Laws
Browse all published AI bills and regulations for Kentucky.