SB3779 (the “ICE Out of Our Faces Act”) prohibits covered immigration officers within U.S. Customs and Border Protection and U.S. Immigration and Customs Enforcement from acquiring, possessing, accessing, or using any biometric surveillance system or information derived from such systems. The bill defines facial recognition broadly to include tools that log facial or body characteristics or infer emotion, location, or activity, and it covers gait and voice recognition as "other biometric recognition." It requires agencies to delete all covered biometric information in their possession within 30 days of enactment.
The statute also builds an enforcement structure: evidence obtained in violation is generally inadmissible, individuals may bring civil suits against the Federal Government for damages and injunctive relief, state attorneys general can sue parens patriae, and officers who violate the rule may face retraining, suspension, or termination subject to due process. The act leaves open interaction with other Federal, State, or local law where there is no actual conflict.
At a Glance
What It Does
The bill makes it illegal for any covered immigration officer to acquire, possess, access, or use biometric surveillance systems (real‑time or recorded facial recognition and other distance-based biometrics) or information derived from those systems in the United States, and orders deletion of agency-held biometric data within 30 days of enactment.
Who It Affects
The measure applies to ICE and CBP officers, employees, agents, contractors and subcontractors, and to individuals authorized under 8 U.S.C. 1357(g). It also reaches private vendors whose systems supply biometric-derived information to those entities.
Why It Matters
If enacted, the bill would remove a core investigative capability from immigration enforcement at borders, ports, and interior operations and force agencies to scrub existing biometric datasets quickly — a direct operational and legal pivot for DHS and its contractors, and a test case for federal liability claims over surveillance practices.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
SB3779 draws a bright statutory line around biometric surveillance in immigration enforcement. It defines a ‘‘biometric surveillance system’’ as software that performs facial recognition or other biometric matching either in real time or from recordings or photos.
The definitions are expansive: facial recognition includes automated or semi‑automated identification and also logging of face/head/body characteristics used to infer emotion, association, activity, or location; ‘‘other biometric recognition’’ covers gait and voice recognition captured from a distance but explicitly excludes fingerprints or palmprints not captured at a distance.
The operative prohibition applies to any ‘‘covered immigration officer’’ — a category that explicitly includes officers, employees, agents, contractors, and subcontractors of CBP and ICE and any individual acting under section 287(g). For that entire group the bill bars acquisition, possession, access, or use of biometric surveillance systems or any information derived from such systems within the United States.
The statute then imposes a hard deadline: agencies must delete all information collected for or derived from such systems, including information collected before enactment, within 30 days.On enforcement, the bill takes a mixed approach. It declares evidence obtained in violation generally inadmissible by the Federal Government, but it creates an express civil pathway: any individual aggrieved may sue the Federal Government for relief, and state attorneys general can bring parens patriae actions on behalf of residents.
Courts can award actual and punitive damages, attorneys’ fees, costs, and injunctive relief. Separately, individual covered immigration officers who violate the prohibition may face administrative discipline — retraining, suspension, termination — subject to due process and determination by the appropriate tribunal.The statute also contains a rule of construction clarifying that it does not preempt other Federal, State, or local law unless there is an actual conflict with the bill’s limitations.
That language preserves potential overlap with state privacy statutes or law enforcement uses — an inclusion that will shape intergovernmental disputes about whether state or local entities may continue particular biometric practices in areas where DHS does not act.
The Five Things You Need to Know
The ban covers not only officers and employees of ICE and CBP but also agents, contractors, and subcontractors, and individuals operating under 8 U.S.C. 1357(g).
All biometric information collected by a covered immigration officer for use in, or derived from, a biometric surveillance system — including data collected before enactment — must be deleted within 30 days of the bill becoming law.
The bill’s definitions explicitly include systems that infer emotion, associations, activities, or location from facial or body characteristics and bring gait and voice recognition under the statute’s reach.
Evidence obtained in violation of the prohibition is inadmissible for Federal Government use in investigations or proceedings, except in judicial investigations or proceedings alleging a violation of this section.
The statute authorizes individuals and State attorneys general to sue the Federal Government for relief; courts may award actual and punitive damages, attorneys’ fees and costs, and injunctive relief, while offending officers face administrative penalties such as retraining, suspension, or termination.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Short title
Gives the Act its public name: the 'ICE Out of Our Faces Act.' This is the label courts and litigants will use in pleadings and the shorthand lawmakers will cite when discussing legislative intent and scope.
Definitions for enforcement scope
Establishes the statutory vocabulary that controls scope. 'Biometric surveillance system' is tied to software performing facial or other biometric recognition in real time or from recordings. 'Covered immigration officer' is broad and explicitly captures contractors, subcontractors, and personnel operating under 287(g). The definitions also exclude fingerprint or palm prints not captured from a distance, which preserves traditional AFIS-style fingerprinting used in many criminal contexts while sweeping in more modern remote biometrics like gait and voice recognition.
Flat ban on acquisition, access, possession, or use
Makes it unlawful for any covered immigration officer to acquire, possess, access, or use biometric surveillance systems or information derived from them inside the United States. Practically, this cuts off direct procurement and internal use by ICE/CBP and extends to contractors and subcontractors who provide or support such systems.
30-day purge of agency-held biometric data
Requires deletion of all information collected for or derived from biometric surveillance systems not later than 30 days after enactment, and explicitly covers data collected before enactment. That creates an aggressive operational timeline: agencies must locate, inventory, and destroy datasets (including backups) and update retention policies and contracts with vendors, or face enforcement actions and litigation risks.
Evidence, private enforcement, and officer penalties
Creates a legal enforcement framework: aside from a narrow admissibility exception, information obtained in violation is not usable by the Federal Government; individuals who are aggrieved may sue the Federal Government for damages and injunctive relief; State attorneys general can sue parens patriae. Courts may award actual and punitive damages, attorneys’ fees, costs, and other relief. Separately, individual officers may face retraining, suspension, termination or other discipline via an appropriate tribunal subject to due process.
Non-preemption clause
States that the Act does not preempt other Federal, State, or local law absent an actual conflict, leaving room for parallel or supplementary state privacy rules and potential legal fights over whether state practices conflict with the Act's limitations on federal officers.
This bill is one of many.
Codify tracks hundreds of bills on Privacy across all five countries.
Explore Privacy in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- Immigrants and visitors interacting with ICE/CBP at borders, ports, and interior checkpoints — they will be shielded from federal facial‑recognition and remote biometric identification by immigration agencies and have a legal pathway to seek damages if aggrieved.
- Civil‑liberties and privacy advocacy groups — the bill translates longstanding advocacy goals into statutory prohibitions and creates enforceable remedies and state‑level parity tools for litigation and oversight.
- Individuals whose biometric data already reside in DHS systems — the 30‑day deletion requirement gives them rapid relief from ongoing federal storage and potential downstream sharing of their biometric identifiers.
- State attorneys general and state officials — the act explicitly authorizes parens patriae suits, giving states a mechanism to challenge federal biometric surveillance where they see public‑interest harms.
Who Bears the Cost
- DHS, ICE, and CBP operations — the agencies must overhaul procurement, suspend or terminate vendor contracts, locate and delete datasets (including backups), and forfeit a set of biometric investigative tools used at ports of entry and in interior enforcement.
- Commercial vendors and system integrators that sell biometric surveillance systems to DHS — they risk contract losses, must revise contracts to reflect new restrictions, and may lose access to government datasets they used for model improvement.
- Covered immigration officers and contractor personnel — subjects of potential administrative discipline and retraining for prior or future use of banned systems, with attendant personnel and morale impacts.
- The Federal Government as defendant — exposure to litigation risk, potential awards of actual and punitive damages, attorneys’ fees, and injunctive relief if courts interpret the waiver of remedies to permit damages against the United States.
Key Issues
The Core Tension
The central dilemma is straightforward: the bill prioritizes privacy and civil‑liberties protection by stripping powerful biometric tools from immigration enforcement, but doing so undermines established investigative capabilities at a time when agencies argue they need rapid identification tools at borders and in interior operations; resolving that trade‑off requires balancing immediate civil‑liberties safeguards against demonstrated operational needs and the legal and technical costs of rapid data purge and systemic changes.
The statute presents several implementation and legal friction points. First, the 30‑day deletion mandate is operationally blunt: agencies will need to identify where biometric‑derived information resides (production systems, analytics databases, contractor environments, backups, and shared repositories) and ensure complete deletion — a technically and contractually complex task that may be costly and slow in practice.
Determining what counts as information "derived from" a biometric surveillance system is also ambiguous and will shape whether downstream analytics, metadata, or model weights built from biometric inputs must be deleted.
Second, the bill’s enforcement architecture raises unsettled legal questions. It authorizes individuals and State attorneys general to sue "the Federal Government" and permits damages and punitive relief.
But suing the United States for damages implicates sovereign‑immunity doctrines; how courts read this statutory text against the backdrop of existing waivers (like the Federal Tort Claims Act) will determine real-world recoverability. The admissibility carve‑out is also unusual: evidence obtained in violation is generally inadmissible by the Federal Government, except in judicial investigations or proceedings alleging a violation of the section — a narrow exception that could produce counterintuitive outcomes where unlawfully gathered biometric data is usable in litigation about the unlawful gathering.
Finally, the bill’s definitional breadth has both policy and compliance consequences. By covering inferences about emotion, associations, activities, or location and bringing gait and voice recognition into the definition, the statute sweeps beyond typical matching use cases into analytics and behavioral inference.
That breadth increases compliance burdens and litigation risk for agencies and their contractors, and invites disputes about whether non‑biometric sensors or routine video systems fall inside the ban.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.