FB pixel

Class action lawsuits could determine biometric data collection

 

According to a news feature recently published in Tech.Mic, Facebook might have to dramatically change how it handles identification data due to class-action lawsuits.

Last spring, the social networking firm was accused in multiple class-action suits of violating the privacy of its users by collecting their facial data without proper permission.

The lawsuits allege that Facebook’s facial recognition program violates the privacy of its users, citing a law in Illinois entitled the “Biometrics Information Privacy Act”, which requires companies to get written content from a user if it is collecting biometric data.

Multiple suits, launched by Carlo Licata, Adam Pezen, Frederick Gullen and Nimesh Patel in Illinois argue that Facebook does not properly seek permission for biometric data collection. The suits were filed at the state level since no federal biometric data collection legislation exists in the United States.

Licata’s complaint, as an example, alleges the company was “calculatedly elusive” in introducing the system to its users. Furthermore, his complaint states that Facebook did not put in place a legal release authorizing the collection of their “faceprints,” or a readily available policy describing how Facebook will retain or potentially destroy users’ biometric data. According to the Illinois law, it is unlawful to acquire biometric data without providing details about the purpose and length of the data collection. The lawsuit, according to previous BiometricUpdate.com coverage, thus seeks class certification and an injunction ordering Facebook to comply with the Illinois law, to “put a stop to its surreptitious collection, use and storage” of users’ biometric data.

Facebook’s facial recognition works by running an algorithm against a database comprised of literally millions of faces. The company obtained the algorithm when it purchased Face.com, a Tel Aviv-based technology company that had developed a platform for efficient and accurate facial recognition in photos uploaded via Web and mobile applications. BiometricUpdate.com reported around the time of acquisition that Face.com apps and API services could scan billions of photos monthly and tag faces in those photos, tying them directly to available social networking information.

At a 2012 Senate hearing on biometric technology, Facebook privacy and public policy manager Robert Sherman said that the “tag suggestions” program is simply a “convenience feature” and assured the Senate that users’ data is secure. He also added that Facebook’s faceprint database works only with its own software, and “alone, the templates are useless bits of data”.

In previous statements, Facebook called the lawsuit “without merit” and stated that the company will defend itself vigorously. Facebook also pointed out that the face-tagging feature could be disabled, which deletes the data used to suggest tags of other people.

In October, Facebook filed a motion to dismiss the Licata suit arguing, that based on the “choice of law” provision in its terms of service, California, not Illinois, law should apply users, and that, regardless, the Illinois law expressly “excludes both ‘photographs’ and ‘information derived from photographs’ from its reach.”

The Tech.Mic article also notes that legal analysts are watching another similar class-action case which claims that Shutterfly, the online photo printing and publishing company, violated the Illinois law by way of its application of facial recognition software. In that case, the plaintiff was identified and tagged in a photo, without providing permission or even being a direct user of the service.

In the cases before the Illinois courts, the plaintiffs have asked the judges to create a class of users, which could number in the millions, and award damages of $5,000 per violation. Due to the impact upon biometric data collection, legal analysts will very carefully examine the reasoning and decisions eventually made in these cases.

Article Topics

 |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Biometrics connecting ID and payments through digital wallets, apps and passkeys

Biometrics are connecting with payment credentials, whether through numberless credit cards and banking apps or passkeys, as the concrete steps…

 

Reach of Musk, DOGE’s federal data access sets off privacy, security alarms

Led by tech billionaire Elon Musk and a shadowy team believed to be under his control, the United States DOGE…

 

Mobile driver’s licenses on the cusp of ‘major paradigm shift’

More entities have integrated the California mobile driver’s license (mDL) credential for identity verification. Although just 15 states have introduced…

 

Gesture-based age estimation tool BorderAge joins Australia age assurance trial

Australia’s age assurance technology trial is testing the new biometric tool that performs age estimation based on hand gestures. The…

 

European AI compliance project CERTAIN launches

The pan-European project to create AI compliance tools CERTAIN has kicked off its work, with the goal of making European…

 

Signaturit Group acquiring Validated ID for undisclosed sum

Spain-based digital identity and electronic signature provider Validated ID is being acquired by Signaturit Group, a European company offering identity…

Comments

15 Replies to “Class action lawsuits could determine biometric data collection”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events