The Illinois Biometric Information Privacy Act (BIPA) regulates the collection, use, and retention of biometric identifiers including “a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry” (§ 10). It requires private entities to inform individuals in writing of “the specific purpose and length of term for which a biometric identifier or biometric information is being collected, stored, and used” and to obtain “a written release” before collection (§ 15(b)). Entities must also develop “a written policy, made available to the public, establishing a retention schedule and guidelines for permanently destroying biometric identifiers” (§ 15(a)) and are prohibited from selling or profiting from such data (§ 15(c)). By mandating informed consent, transparency, and accountability in biometric processing, BIPA provides a foundational framework for regulating technologies, such as facial recognition and automated identity verification, that underpin many artificial intelligence systems. It remains the principal U.S. precedent for safeguarding biometric data within algorithmic and AI-driven environments.