Congress·In Committee·S. 1691

Sen. Merkley Leads Bipartisan Push to Limit TSA Facial Recognition at Airports

Traveler Privacy Protection Act of 2025

10 months ago·View on Congress.gov

⏸

Stalled

No legislative action in over 90 days.

Legislative Progress

Senate

House

President

Law

Key Points

The bill stops the TSA from using facial recognition on most travelers unless they specifically agree to it. For people in programs like PreCheck or Global Entry, the TSA must clearly explain how their data is used and allow them to opt out at the security line without any penalty or extra wait time.
For regular travelers not in special programs, the default would be checking a physical ID card. The TSA could only use facial scanning if a person "opts in" by giving clear, active permission. Simply standing in line or entering the airport does not count as giving permission.
The TSA would be banned from using facial recognition for "passive surveillance," which means they couldn't use cameras to track or identify people as they walk through the airport. The technology could only be used at specific security checkpoints to verify who a person is.
The bill sets strict limits on how long the government can keep your biometric data. Most facial images would have to be deleted immediately after identity is confirmed, or within 24 hours of a flight. Any old data that doesn't meet these new privacy rules would have to be deleted within 90 days.
To ensure the technology is fair, the government would have to release yearly reports on how well it works. These reports must look for bias to see if the software is less accurate for certain groups based on their race, age, or gender.

Technology DigitalCivil RightsNational Security Foreign Policy

Impact Analysis

Personal Impact

Who is affectedScoreImpactCertaintyScopeDurationSentiment

Scores: 1 = low, 5 = highSentiment: -5 to +5 (net benefit)

Milestones

2 milestones2 actions

May 8, 2025Senate

Read twice and referred to the Committee on Commerce, Science, and Transportation.

May 8, 2025

Introduced in Senate

What Happens Next

Projected impacts based on AI analysis

90 days after enactment

TSA must delete all previously collected biometric data that doesn't meet the new rules

Any facial images or biometric data TSA stored before this law was passed would be wiped within 90 days of enactment, giving travelers a clean slate on their privacy.

30 days after enactment

New data minimization rules take effect for all TSA facial recognition use

Starting 30 days after enactment, TSA can only keep your facial image long enough to confirm your identity and must delete it immediately after — or within 24 hours of your flight departure at most.

1 year after enactment

First annual GAO report on facial recognition accuracy and bias

Within one year of enactment, the public will get an independent report examining whether TSA's facial recognition works equally well across different races, ages, and genders — and whether the privacy protections are actually working.

Related News

6 articles

TravelPulse·7 months ago

Airport Facial Recognition Technology Causing Major Debate in Washington

The Senate is weighing the Traveler Privacy Protection Act (S. 1691), which would limit TSA facial recognition to opt-in only. While privacy advocates cheer the bill, the airline industry warns it could slow down travel and jeopardize security as the TSA expands the tech to hundreds of airports.

Daily Wire·8 months ago

Airline Industry Lobbies Against Bill That Would Restrict TSA Use Of Biometric Data

The airline industry is challenging the Traveler Privacy Protection Act of 2025, claiming it would slow down travel and jeopardize security. The bipartisan proposal, backed by Senators Merkley, Marshall, and Kennedy, aims to protect privacy by standardizing how biometric data is used.

R−

Men's Journal·8 months ago

Delta, United, & American Do Not Hold Back on TSA Changes

Major U.S. airlines are urging Senators to vote against the Traveler Privacy Protection Act. The bill would require TSA to provide an identity verification option without facial recognition and prohibit discriminatory treatment or extra wait times for those who choose to opt out.