By Bob Katzen
The Consumer Protection and Professional Licensure Committee held a hearing on a proposal that would add biometrics to the Security Breach Law that the Legislature approved in 2007. That law requires the Office of Consumer Affairs and Business Regulation to regulate the use and protect the security of personally identifying information including passwords and social security numbers. It also imposes a duty on third parties who hold such information to report breaches in security.
Biometric indicators are unique biological attributes or measurements that can be used to authenticate the identity of a person including fingerprints, genetic information, iris or retina patterns, voice recognition, facial characteristics and hand geometry.
Supporters say the 2007 law has worked well and has resulted in the identification of thousands of breaches and the protection of millions of Massachusetts residents, including 947,000 Target customers whose information was compromised in 2013. They argued the law must be updated to keep up with new and changing technology and to protect consumers.
The House and Senate gave initial approval to the same bill in 2017 but it was never given final approval.