WHAT THIS BILL REGULATES · 1 REQUIREMENT TYPE
How Is This Bill Enforced
Verbatim statutory text on the left; plain-language analysis and a per-section checklist on the right. Numbered markers cross-link to the matching checklist row.
This Act may be cited as the Surveillance-Based PricePrice"Price" means the amount charged to a consumer in relation to a transaction, including all related costs and fees, and any other material terms of the transaction that has a direct bearing on the amount paid by the consumer or the value of the good or service to the consumer.Section 5 Discrimination Act.
Names the Act the Surveillance-Based Price Discrimination Act. Imposes no compliance obligation.
As used in this Act: "Automated decision systemAutomated decision system"Automated decision system" means any system, software, or process, including one derived from machine learning, statistics, or other data processing or artificial intelligence techniques and excluding passive computing infrastructure, that uses computation, the result of which is used to assist or replace human decision-making.Section 5" means any system, software, or process, including one derived from machine learning, statistics, or other data processing or artificial intelligence techniques and excluding passive computing infrastructure, that uses computation, the result of which is used to assist or replace human decision-making. "BehaviorsBehaviors"Behaviors" mean an individual's observable, measurable, or inferred actions, habits, preferences, interests, or vulnerabilities, including an individual's political, personal, or professional affiliations, web browsing history, purchase history, financial circumstances, or consumer behaviors.Section 5" mean an individual's observable, measurable, or inferred actions, habits, preferences, interests, or vulnerabilities, including an individual's political, personal, or professional affiliations, web browsing history, purchase history, financial circumstances, or consumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5 behaviorsBehaviors"Behaviors" mean an individual's observable, measurable, or inferred actions, habits, preferences, interests, or vulnerabilities, including an individual's political, personal, or professional affiliations, web browsing history, purchase history, financial circumstances, or consumer behaviors.Section 5. "Biometric informationBiometric information"Biometric information" means data or information generated by the technological, processing, measurement, or analysis of a consumer's biological, physical, or behavioral characteristics, that can be used for the purpose of uniquely identifying an individual. "Biometric information" includes fingerprints, voiceprints, scans or records of an eye retina or iris, facial maps, facial geometry, facial templates, genetic information, or other unique biological, physical, or behavioral patterns or characteristics.Section 5" means data or information generated by the technological, processing, measurement, or analysis of a consumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5's biological, physical, or behavioral characteristics, that can be used for the purpose of uniquely identifying an individual. "Biometric informationBiometric information"Biometric information" means data or information generated by the technological, processing, measurement, or analysis of a consumer's biological, physical, or behavioral characteristics, that can be used for the purpose of uniquely identifying an individual. "Biometric information" includes fingerprints, voiceprints, scans or records of an eye retina or iris, facial maps, facial geometry, facial templates, genetic information, or other unique biological, physical, or behavioral patterns or characteristics.Section 5" includes fingerprints, voiceprints, scans or records of an eye retina or iris, facial maps, facial geometry, facial templates, genetic information, or other unique biological, physical, or behavioral patterns or characteristics. "ConsumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5" has the meaning set forth in the ConsumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5 Fraud and Deceptive Business Practices Act. "Genetic information" has the meaning set forth in the Health Insurance Portability and Accountability Act of 1996, as specified in 45 CFR 160.103. "IndividualizedIndividualized"Individualized" means specific to an individual or group, band, class, or tier of individuals with particular personal characteristics, behaviors, or biometric information.Section 5" means specific to an individual or group, band, class, or tier of individuals with particular personal characteristicsPersonal characteristics"Personal characteristics" means individual qualities, features, attributes, or traits, including immutable characteristics, such as race and eye color, mutable characteristics, such as address, weight, citizenship, or parenthood status, and any other personally identifiable information that could be used to identify an individual, including social security number, name, or phone number.Section 5, behaviorsBehaviors"Behaviors" mean an individual's observable, measurable, or inferred actions, habits, preferences, interests, or vulnerabilities, including an individual's political, personal, or professional affiliations, web browsing history, purchase history, financial circumstances, or consumer behaviors.Section 5, or biometric informationBiometric information"Biometric information" means data or information generated by the technological, processing, measurement, or analysis of a consumer's biological, physical, or behavioral characteristics, that can be used for the purpose of uniquely identifying an individual. "Biometric information" includes fingerprints, voiceprints, scans or records of an eye retina or iris, facial maps, facial geometry, facial templates, genetic information, or other unique biological, physical, or behavioral patterns or characteristics.Section 5. "InsurerInsurer"Insurer" means every person engaged as principal, indemnitor, surety, or contractor in the business of making insurance contracts.Section 5" means every person engaged as principal, indemnitor, surety, or contractor in the business of making insurance contracts. "Personal characteristicsPersonal characteristics"Personal characteristics" means individual qualities, features, attributes, or traits, including immutable characteristics, such as race and eye color, mutable characteristics, such as address, weight, citizenship, or parenthood status, and any other personally identifiable information that could be used to identify an individual, including social security number, name, or phone number.Section 5" means individual qualities, features, attributes, or traits, including immutable characteristics, such as race and eye color, mutable characteristics, such as address, weight, citizenship, or parenthood status, and any other personally identifiable information that could be used to identify an individual, including social security number, name, or phone number. "PricePrice"Price" means the amount charged to a consumer in relation to a transaction, including all related costs and fees, and any other material terms of the transaction that has a direct bearing on the amount paid by the consumer or the value of the good or service to the consumer.Section 5" means the amount charged to a consumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5 in relation to a transaction, including all related costs and fees, and any other material terms of the transaction that has a direct bearing on the amount paid by the consumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5 or the value of the good or service to the consumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5. "Surveillance dataSurveillance data"Surveillance data" means data obtained through observation, inference, or surveillance of a consumer that is related to personal characteristics, behaviors, or biometric information of the individual or group, band, class, or tier of individuals of which the individual is a part. "Surveillance data" includes information gathered, purchased, or otherwise acquired.Section 5" means data obtained through observation, inference, or surveillance of a consumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5 that is related to personal characteristicsPersonal characteristics"Personal characteristics" means individual qualities, features, attributes, or traits, including immutable characteristics, such as race and eye color, mutable characteristics, such as address, weight, citizenship, or parenthood status, and any other personally identifiable information that could be used to identify an individual, including social security number, name, or phone number.Section 5, behaviorsBehaviors"Behaviors" mean an individual's observable, measurable, or inferred actions, habits, preferences, interests, or vulnerabilities, including an individual's political, personal, or professional affiliations, web browsing history, purchase history, financial circumstances, or consumer behaviors.Section 5, or biometric information of the individual or group, band, class, or tier of individuals of which the individual is a part. "Surveillance dataSurveillance data"Surveillance data" means data obtained through observation, inference, or surveillance of a consumer that is related to personal characteristics, behaviors, or biometric information of the individual or group, band, class, or tier of individuals of which the individual is a part. "Surveillance data" includes information gathered, purchased, or otherwise acquired.Section 5" includes information gathered, purchased, or otherwise acquired.
Section 5 defines the scope-defining terms used throughout the Act. Key terms include automated decision system, which is broadly drafted to capture any computational system used to assist or replace human decision-making (excluding passive computing infrastructure), and surveillance data, which sweeps in any data about personal characteristics, behaviors, or biometric information obtained through observation, inference, or surveillance — including data acquired by purchase from third parties.
(a) 1 A person shall not use surveillance dataSurveillance data"Surveillance data" means data obtained through observation, inference, or surveillance of a consumer that is related to personal characteristics, behaviors, or biometric information of the individual or group, band, class, or tier of individuals of which the individual is a part. "Surveillance data" includes information gathered, purchased, or otherwise acquired.Section 5 as part of an automated decision systemAutomated decision system"Automated decision system" means any system, software, or process, including one derived from machine learning, statistics, or other data processing or artificial intelligence techniques and excluding passive computing infrastructure, that uses computation, the result of which is used to assist or replace human decision-making.Section 5 to inform the individualizedIndividualized"Individualized" means specific to an individual or group, band, class, or tier of individuals with particular personal characteristics, behaviors, or biometric information.Section 5 pricePrice"Price" means the amount charged to a consumer in relation to a transaction, including all related costs and fees, and any other material terms of the transaction that has a direct bearing on the amount paid by the consumer or the value of the good or service to the consumer.Section 5 assessed to a consumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5 for goods or services. A person does not violate this subsection if the person assesses different pricesPrice"Price" means the amount charged to a consumer in relation to a transaction, including all related costs and fees, and any other material terms of the transaction that has a direct bearing on the amount paid by the consumer or the value of the good or service to the consumer.Section 5 to different consumersConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5 based on the cost of providing the good or service to the different consumersConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5.
(b) This Section shall not apply to: (1) an insurerInsurer"Insurer" means every person engaged as principal, indemnitor, surety, or contractor in the business of making insurance contracts.Section 5 in compliance with the Illinois Insurance Code that only uses risk-relevant data as part of an automated decision systemAutomated decision system"Automated decision system" means any system, software, or process, including one derived from machine learning, statistics, or other data processing or artificial intelligence techniques and excluding passive computing infrastructure, that uses computation, the result of which is used to assist or replace human decision-making.Section 5 that informs decisions related to any costs assessed to a consumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5 for an insurance policy; or (2) an entity that declines to extend credit at specific terms to a consumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5 or enter into a transaction with a consumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5 based on data provided in a consumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5 report in compliance with the Fair Credit Reporting Act.
Section 10 is the operative prohibition. It bars any person from using surveillance data as an input to an automated decision system that produces individualized prices for goods or services. The prohibition is sweeping — it applies to any person, not just to a defined covered entity, and reaches both personalized pricing and tier-based or cohort-based pricing that targets groups defined by personal characteristics, behaviors, or biometric information.
A cost-of-service safe harbor permits price differentiation based on the actual cost of providing a good or service to different consumers. Two carve-outs apply: (1) insurers compliant with the Illinois Insurance Code that use only risk-relevant data, and (2) entities making credit decisions under the Fair Credit Reporting Act.
The Attorney General shall enforce this Act. A person who violates this Act shall be subject to a civil penalty not to exceed $10,000 for each violation and reasonable attorney's fees. A violation of any provision of this Act shall constitute a separate violation with respect to each consumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5 or transaction.
Designates the Illinois Attorney General as the public enforcer. Civil penalties are capped at $10,000 per violation, with each consumer or transaction counting as a separate violation — meaning a single non-compliant pricing system could generate enormous aggregate exposure. Reasonable attorney's fees are also recoverable.
(a) A person aggrieved by a violation of this Act may bring a civil action on behalf of themselves or a group of similarly situated persons to restrain further violations and to recover damages, costs, and reasonable attorney's fees, including the greater of: (1) the amount of actual damages sustained; (2) $3,000 for each violation; or (3) 3 times the amount of actual damages sustained, if it is established by clear and convincing evidence that the person who violated this Act engaged in bad faith conduct or intentionally violated this Act.
(b) A violation of any provision of this Act shall constitute a separate violation with respect to each consumerConsumer"Consumer" has the meaning set forth in the Consumer Fraud and Deceptive Business Practices Act.Section 5 or transaction.
Creates a private right of action for any person aggrieved by a violation, exercisable individually or on behalf of similarly situated persons. Recoverable amounts are the greater of actual damages, $3,000 per violation, or treble actual damages where bad faith or intentional violation is shown by clear and convincing evidence. Injunctive relief, costs, and attorney's fees are also available. Each consumer or transaction is a separate violation.
Nothing in this Act, including the enforcement authority granted to the Attorney General, preempts or otherwise affects any other right, claim, remedy, presumption, or defense available at law or in equity.
Savings clause: nothing in the Act preempts or affects any other right, claim, remedy, presumption, or defense available at law or in equity. Creates no new compliance obligation.
The Attorney General may adopt rules necessary to implement and enforce this Act.
Authorizes the Attorney General to adopt rules to implement and enforce the Act. Imposes no compliance obligation on regulated parties.