New York Biometric Bill (S2539) Clears Senate, Heads to Assembly
New York Biometric Bill (S2539) Clears Senate, Heads to Assembly: What Shoppers Should Know
The New York State Senate passed S2539 on May 12, 2026, by a vote of 55 to 5. The bill would require stores that scan or track customers' biometric data to post plain-language warning signs at every entrance. It is not law yet; the Assembly and the Governor must still act.
Information last verified on June 3, 2026. This is a developing story; we update it as the record changes.
Jurisdiction scope: This article addresses New York bill S2539 (Senate) and its companion A1558 (Assembly) in the 2025-2026 session, and contrasts them with current New York and Illinois biometric-privacy law. It describes a pending bill that is not yet enacted. It does not address every state's biometric rules. For related coverage, see our data privacy laws hub.
What Happened
The New York State Senate passed S2539C on May 12, 2026, by a vote of 55 aye to 5 nay (with 1 absent and 2 excused), according to the bill record on nysenate.gov. The measure, sponsored by Senator Zellnor Myrie, would require retailers that track customers through electronic devices, or that collect biometric data, to post warning signs. The Assembly companion, A1558C, sponsored by Assembly Member Linda Rosenthal, was ordered to third reading and substituted by S2539C on June 1, 2026, placing it on the Assembly floor calendar. As of June 3, 2026, the Assembly has not taken a final passage vote, and the Governor has not signed anything. The bill is not law. Its core command, in the operative version C, reads:
"Conspicuously post a warning sign at each entrance indicating that such retailer performs such tracking. Such warning sign shall be written in plain language." Source: S2539C, 2025-2026 Reg. Sess. (N.Y.)
What the Law Actually Says
New York does not currently have a statewide biometric-privacy statute modeled on Illinois law. New York's existing data law is the SHIELD Act, codified at New York General Business Law section 899-bb, which requires reasonable data-security safeguards but does not create biometric-specific signage duties or a biometric private right of action.
At the local level, New York City already regulates this space. Under New York City Administrative Code sections 22-1201 and 22-1202, a commercial establishment that collects biometric identifier information must post a clear and conspicuous sign near customer entrances, and it is unlawful to sell, lease, trade, share in exchange for anything of value, or otherwise profit from that information. The NYC ordinance also gives aggrieved individuals a private right of action. The state bill would extend a signage rule statewide but, in version C, enforces it only through municipal civil penalties, not a private lawsuit.
Illinois remains the model statewide biometric statute. The Illinois Biometric Information Privacy Act (BIPA), 740 ILCS 14, requires written notice and consent before collecting biometric identifiers and, critically, allows individuals to sue directly. New York's pending bill does not adopt that consent-and-private-action model. You can compare the two regimes through our pages on New York biometric privacy and the Illinois biometric privacy law (BIPA), as well as the broader New York data privacy laws overview.
Analysis: Why This Matters
The following is analysis from the Recording Law Editorial Team.
What the bill does, and what it no longer does, both changed during the amendment process, and that is the most notable feature of the current record. As introduced and through versions A and B, S2539 carried a substantive command: in addition to signage, it stated that "it shall be unlawful for a retailer to sell, lease, trade, share in exchange for anything of value or otherwise profit from the transaction of biometric identifier information." That sentence tracked the New York City ordinance almost word for word. In version C, the version the Senate actually passed and that was substituted in the Assembly, that no-sale sentence is absent from the enacting text, even though the sponsor memo still describes a sale restriction. Readers relying on the memo or on earlier coverage may therefore overstate what the operative bill would do.
As it stands in version C, the bill is principally a transparency-and-signage measure. It would require a plain-language warning at each entrance, opt-out information where applicable, and tiered civil penalties capped at 500 dollars per violation, enforced through local consumer-affairs offices rather than private suits. That is a meaningfully narrower instrument than the Illinois BIPA model, which pairs an up-front consent requirement with a private right of action that has driven large settlements in that state.
Two structural points are worth flagging without predicting any outcome. First, the bill would layer a statewide signage floor on top of New York City's existing notice rule, raising practical questions about how the two interact for retailers already complying with the city ordinance. Second, the version-to-memo gap on the no-sale provision is a live drafting question: the text governs, but the discrepancy is the kind of issue that can be revisited if the Assembly amends the bill before final passage. We take no position on whether the bill will pass or how any provision would be applied. We are describing what the text says today.
How This Affects You
If you shop in New York, nothing about this bill changes your rights right now. As of June 3, 2026, S2539/A1558 is a proposal that has cleared one chamber. Stores are not required to post any new biometric warning sign because of this bill, and no new penalty applies, unless and until the Assembly passes the measure and the Governor signs it, after which version C would take effect 90 days later.
If you operate a retail business in New York, the bill is worth tracking, but it is not yet an obligation. New York City businesses that already comply with NYC Administrative Code sections 22-1201 and 22-1202 are operating under a separate, currently effective local law; that duty exists today regardless of what happens to the state bill. Whether the statewide measure ultimately includes a no-sale ban, a private right of action, or only signage will depend on the final text the Legislature passes and the Governor signs. This page is general information about a pending bill, not advice about your store's specific compliance posture; a New York lawyer can address that.
This is general legal information, not legal advice. It covers New York and reflects sources verified on June 3, 2026. This describes a pending bill that is not yet law; consult a lawyer licensed in your jurisdiction about your specific situation.
Related articles
- Data privacy laws hub
- New York data privacy laws
- New York biometric privacy
- Illinois biometric privacy law (BIPA)
Last updated: 2026-06-03. This is a developing story; details verified as of June 3, 2026.
Sources and References
- NY Senate Bill S2539 (2025-2026), bill page, sponsor, action history, Senate vote 55-5 on May 12 2026(nysenate.gov).gov
- NY Assembly Bill A1558 (2025-2026), companion, substituted to third reading June 1 2026(nysenate.gov).gov
- S2539 amendment A text (earlier version retaining the no-sale provision)(nysenate.gov).gov
- New York General Business Law Section 899-bb (SHIELD Act)(nysenate.gov).gov
- New York City Administrative Code Section 22-1202 (biometric notice and no-sale)(amlegal.com)
- Illinois Biometric Information Privacy Act, 740 ILCS 14(ilga.gov).gov