December 29, 2017 -
The results of dozens of biometric privacy suits filed in Illinois state court depend on the legal definition of the term “aggrieved” in the state’s Biometric Information Privacy Act (BIPA), the National Law Review reports.
The uncertainty is whether people affected by procedural violations of the consent and data storage requirements of BIPA are “aggrieved” under the Act if no harm or misuse of the data is shown. Defendants have argued that plaintiffs must establish harm from a statutory violation for the term to apply, while plaintiffs have argued that the procedural violation is sufficient for them to be considered “aggrieved” under the statute, Jeffery Neuburger of Proskauer Rose LLP writes in the Review.
Many of the lawsuits initially filed under BIPA were against social media companies and video game makers, but they are increasingly being filed against businesses authenticating customers or employees, especially those using biometric time and attendance solutions.
As previously reported, a district court judge presiding over a suit against Facebook recently said that violations of BIPA’s consent and data retention requirements could be considered harm in and of themselves.