Answer: D - There has been an increase in state law enactments pertaining to collecting, using, and storing biometric data. Before collecting, using, or storing customers’ biometric data, organizations are generally best served (and best serve their customers without a strong potential for liability) by (1) creating internal security standards and practices to prevent misuse of and unauthorized access to customers’ biometric data; (2) informing customers of biometric data collection, use and storage practices; and (3) obtaining customers’ consent before collecting, using and/or storing customers’ biometric data.