TRENTON, N.J. — New Jersey lawmakers are advancing legislation that would require businesses to notify customers when facial recognition or other biometric surveillance technology is being used inside stores, entertainment venues, and other commercial properties.
Assembly Bill 3929, approved by the Assembly Consumer Affairs Committee in March, would prohibit businesses from using biometric surveillance systems on consumers unless clear notice is provided and the technology is used for a lawful purpose.
The bill arrives as retailers, stadiums, casinos, airports, and private companies increasingly rely on facial recognition and biometric scanning systems for security, theft prevention, and customer tracking. Privacy advocates have raised growing concerns in recent years about how businesses collect, store, and use biometric data, particularly when customers may not realize they are being scanned.
Under the proposal, businesses could satisfy the notice requirement by posting signs in visible locations around areas where biometric systems are operating.
The legislation also targets how companies use information collected through those systems. If a business denies a customer entry or removes someone from its premises using biometric surveillance data, the company would be required to provide a detailed explanation of the action and explain the criteria used to make that determination.
The provision reflects broader concerns over automated identification systems and facial recognition watchlists, which critics say can sometimes produce inaccurate matches or unfairly target certain groups.
Restrictions on Biometric Data Sales
Beyond disclosure requirements, the bill would prohibit businesses from selling, leasing, trading, sharing, or otherwise profiting from biometric information gathered from consumers.
Biometric identifiers can include facial scans, fingerprints, retina patterns, voice recognition, and other physical characteristics used to identify individuals.
Unlike passwords or account information, biometric data cannot easily be changed if compromised, making it a growing focus of privacy debates nationwide.
Several states have adopted laws regulating biometric data collection, though New Jersey’s proposal specifically focuses on how private businesses use biometric surveillance systems in physical locations open to consumers.
—
Key Points
• New Jersey bill would require businesses to disclose biometric surveillance use
• Companies using facial recognition could face penalties for violations
• Businesses would be barred from profiting from consumer biometric data
—
Consumer Fraud Penalties Included
Violations of the bill would be treated as unlawful practices under New Jersey’s Consumer Fraud Act.
Businesses found in violation could face fines of up to $10,000 for a first offense and up to $20,000 for subsequent violations. Additional penalties could include cease-and-desist orders, punitive damages, and treble damages awarded to affected consumers.
The legislation includes a limited compliance window allowing businesses to avoid liability for a first violation if they demonstrate compliance within 30 days.
The bill was prefiled for the 2026-2027 legislative session and updated following technical review before committee approval.
Assembly Bill 3929 remains under consideration in the New Jersey Legislature.