Federal Court in Illinois dismisses biometric data privacy case against Smarte Carte

August 22, 2016 - 

A federal district court in Illinois recently dismissed a biometric data privacy case against Smarte Carte, based on a U.S. Supreme Court ruling of a similar case, according to a report by IllinoisPolicy.org.

The plaintiff alleged that Smarte Carte’s use of fingerprint-keyed lockers at Chicago’s Union Station was in violation of Illinois’ Biometric Information Privacy Act (BIPA).

The court’s decision for dismissal was based on the U.S. Supreme Court’s May 16th ruling in the Spokeo v. Robins case.

The decision is also a significant departure from recent outcomes in other BIPA cases against Facebook, Google and SnapChat in which courts allowed them to proceed.

The BIPA was initially passed by the Illinois General Assembly in 2008 to ensure fair practices in private entities’ collection, use and storage of biometric data.

According to the BIPA, it is illegal for a private entity to collect an individual’s biometric identifier or information without informing the person in writing about the purpose and length of time for which the data is being collected, retained or used.

The organization must also obtain written consent from the individual to use or store the biometric data, as well as protect the security of the biometric information.

The plaintiff sued Smarte Carte for unspecified damages under the BIPA over allegations that the company did not obtain her consent to collect, store and use her fingerprint data, nor did it provide information regarding the storage of her biometric data.

The court noted that in order to have adequate cause to file a lawsuit in federal court, the plaintiff would need to have a legitimate conflict that needs to be resolved, according to Article III of the U.S. Constitution.

The court referenced the Spokeo v. Robins case in which the U.S. Supreme Court emphasized that a “concrete and particularized injury” is required in order to satisfy Article III’s “case or controversy” component. As such, the court noted that the allegations of a mere violation of the act does not qualify.

“How can there be an injury from the lack of advanced consent to retain the fingerprint data beyond the rental period if there is no allegation that the information was disclosed or at risk of disclosure?” the court asked.
Additionally, the court noted that the plaintiff did not illustrate how she was “aggrieved” by Smarte Carte’s alleged BIPA violation as to adequately justify receiving damages under the law.

Despite dismissing the case, the judge said that the plaintiff has the option to file her BIPA claims in Illinois state court.

Leave a Comment

comments

About Justin Lee

Justin Lee has been a contributor with Biometric Update since 2014. Previously, he was a staff writer for web hosting magazine and website, theWHIR. For more than a decade, Justin has written for various publications on issues relating to technology, arts and culture, and entertainment. Follow him on Twitter @BiometricJustin.