In the past few weeks, five putative class action lawsuits have been filed under the Illinois Biometric Information Privacy Act (“BIPA”), 740 ILCS 14/1 et seq., targeting defendants in the health care, senior living, commercial baking, meat processing and security industries. These recent suits join previously filed BIPA class actions against day care operators, tanning salons, video game manufacturers, hotel groups and supermarkets as well as much larger entities, including Facebook, Google, Shutterfly, Six Flags and Snapchat. All of these suits have similar allegations at their core; that defendants utilized employees’, customers’, or other persons’ biometric identifiers, such as fingerprints, voiceprints, retina scans or facial recognition technology, in violation of BIPA’s disclosure and consent requirements. All seek recovery of BIPA’s statutory liquidated damages of $1,000 for each negligent violation, or $5,000 for each intentional or reckless violation, injunctive relief, and recovery of attorneys’ fees and costs.

BIPA Background

Until the past 18 months, when the first of these suits was filed, BIPA has been a little-known statute. Enacted in 2008, BIPA was passed to protect against risk of identity theft resulting from the growing use of biometric technology to facilitate financial transactions and security screenings. 740 ILCS 14/5.

BIPA applies to both biometric identifiers, such as fingerprints, voiceprints, retina scans, and facial geometry, and other biometric information based on those identifiers to the extent used to identify an individual. 740 ILCS 14/10. BIPA is an important measure because, unlike such things as Social Security numbers and passwords that can be changed if necessary, biometrics are biologically unique and, when compromised, leave an individual without recourse. 740 ILCS 14/5. Continue Reading The Rise of Biometric Lawsuits in Illinois

The following March 3 blog post inspired the Law360 article, “Challenging Personal Jurisdiction In Online Conduct Cases,” published on March 24, 2017. See full article below.

Earlier this week, Judge Edmond Chang of the Northern District of Illinois rejected Google’s arguments that application of the Illinois Biometric Information Privacy Act (BIPA) to facial geometry scanning by Google Photos is, on its face, an improper extraterritorial application of Illinois law. See Rivera v. Google, Inc., Case No. 16-cv-22714, Docket Entry 60.  Faced with Google’s arguments that the claims would require extraterritorial application of the statute and/or would violate the Dormant Commerce Clause by reaching beyond state boundaries, the court essentially punted, saying that “[d]iscovery is needed to determine whether there are legitimate extraterritoriality concerns.” Id. at p. 22.  The court also rejected Google’s argument that BIPA does not cover facial geometry scans pulled from photographs. Continue Reading Biometric Data Claims against Google Survive – But What about Personal Jurisdiction?