Many businesses currently are defending a wave of class action lawsuits filed under the Illinois’ Biometric Information Privacy Act, popularly known as “BIPA” ). The floodgates to litigation were opened earlier this year when the Illinois Supreme Court ruled that individuals need not allege actual injury or adverse effect, beyond a violation of his/her rights under BIPA, in order to qualify as an “aggrieved” person and be entitled to seek liquidated damages, attorneys’ fees and costs, and injunctive relief under the Act. Potential damages are substantial as the BIPA provides for statutory damages of $1,000 per negligent violation or $5,000 per intentional or reckless violation of the Act. The majority of BIPA suits have been brought as class actions seeking statutory damages on behalf of each individual affected, exposing businesses to potentially crushing damages.
In the wake of the Illinois Supreme Court decision that held that claimants need only allege a procedural violation to have standing to bring an action under the Illinois Biometric Information Privacy Act (BIPA) and the continued wave of BIPA-related litigation, the Illinois legislature is considering an amendment to BIPA that would strip the statute of its private right of action. SB2134, as currently written, would amend BIPA by deleting the private right of action and instead provide for enforcement under the Department of Labor (for violations concerning employment-related biometric data collection) or generally by the state attorney general under the state’s consumer protection statute.
The use of facial recognition technology by certain web and mobile services with social aspects has become an emerging concern in the past year. Multiple social media companies have been ensnared in litigation over their use of facial recognition technology to provide certain photo-tagging and other related services, with plaintiffs seeking statutory damages under Illinois’ Biometric Information Privacy Act (BIPA).
Plaintiffs alleging violations of BIPA generally assert that certain web and mobile services have amassed users’ faceprints without the requisite notice and consent by using advanced facial recognition technology to extract biometric identifiers from uploaded user photographs. Defendants, in turn, have argued that BIPA expressly excludes from its coverage “photographs” and “any information derived from photographs” and that the statute’s use of the term “scan of hand or face geometry” was only meant to cover in-person scans of a person’s actual hand or face (not the scan of an uploaded photograph). Thus far, such defense arguments have been rejected at the early motion to dismiss phase of several ongoing disputes.
It is currently in committee (however, SB2134 is denoted as having a procedural deadline of March 28, 2019 for the committee to report the bill). We will keep an eye on it, as well as other legislative debate in other states on biometric privacy bills.
With over 34 years’ experience in advising employers and employees on workplace issues, let Boznos Law work with you to ensure you are ready to meet the challenges posed by the changes to the employment laws. Call Bill Boznos today at (630) 375-1958 or contact us at www.boznoslawoffice.com/contact-us through our website.
