The Biometric Information Privacy Act, which the Illinois legislature passed in 2008, has led to a barrage of class action lawsuits in the past six months. Thought to be the nation’s most stringent law protecting biometric identifiers—which include fingerprints, iris or face scans, and voice identification—BIPA has spurred about 30 such suits in Cook County alone.
Filed against employers such as gas stations, restaurants, and retail outlets, mostly stemming from employer time clocks that use fingerprint identification, the cases allege that businesses did not obtain proper informed consent from their employees, or did not maintain or inform employees about the company’s use, storage and destruction of biometric data, as required by the law. Some of the cases also claim the employer improperly shared with time clock vendors the biometric data, and some go so far as name these third parties as defendants.
These local cases follow on the heels of five class-action lawsuits that were filed in 2015, four against Facebook and one against Shutterfly, which allege that these social media companies used facial recognition software without asking for consent or following under procedural requirements under BIPA, which allows an “aggrieved” person to recover $1,000 for each negligent violation and $5,000 for each intentional or reckless violation.