FB pixel

Google accused of violating the Illinois Biometric Information Privacy Act

| Stephen Mayhew
Categories Biometrics News  |  Commercial Applications  |  Facial Recognition
 

Google has become the latest technology firm to face legal action after being accused of violating the 2008 Illinois Biometric Information Privacy Act over the use of facial recognition technology and photo sharing.

The Illinois statute requires companies that gather biometric data to notify people about the practice before collecting data, and to publish a schedule for destroying the information.

The statute defines biometric identifier as “any personal feature that is unique to an individual, including fingerprints, iris scans, DNA and ‘face geometry,’ among others,” and establishes biometric information as “any information captured, converted, stored, or shared based on a person’s biometric identifier used to identify an individual.” The law allows for damages of $5,000 for each intentional violation and $1,000 for each negligent violation.

A Chicago resident named Lindabeth Rivera filed the class action complaint on March 1 in federal court in Chicago. The complaint is similar to claims lodged in Chicago federal court in June and August last year against Shutterfly and Facebook over their use of facial recognition technology in digital photo sharing and social media.

In January, a federal judge in Illinois dismissed a lawsuit challenging Facebook’s use of facial recognition software, commenting: “Because plaintiff does not allege that Facebook targets its alleged biometric collection activities at Illinois residents, the fact that its site is accessible to Illinois residents does not confer specific jurisdiction over Facebook.”

In the same month, a different federal judge in Illinois allowed lawsuit against Shutterfly Inc. to proceed despite the company’s claims that its tagging software does not break state privacy law. Shutterfly argued that the Illinois Biometric Information Privacy Act (BIPA) does not pertain to “photographs and any information gleaned from photographs” as they “cannot be biometric identifiers”.

According to Rivera’s complaint, as reported by Cook County Record, Google’s cloud-based Google Photos service has “created, collected and stored” millions of “face templates or face prints from millions of Illinois residents, many thousands of whom are not even enrolled in the Google Photos service. Google creates these templates using sophisticated facial recognition technology that extracts and analyzes data from the points and contours of faces that appear in photos taken on Google Droid devices and uploaded to the cloud-based Google Photos service.

“Each face template that Google extracts is unique to a particular individual, in the same way that a fingerprint or voiceprint uniquely identifies one and only one person,” the complaint said. “Since the service functions without respect to whether any of the people have Google Photos accounts, the company did not meet its obligation under BIPA guidelines to notify non-users “of the specific purpose and length of term for which their biometric identifiers or information would be collected, stored and used, nor did Google obtain a written release from any of these individuals. … Google does not have written, publicly available policies identifying their retention schedules, or guidelines for permanently destroying non-users’ biometric identifiers or information.”

Rivera has asked the court for class certification and a jury trial and to award BIPA’s statutory damages and attorney fees, as well as an order requiring Google to comply with the act.

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

ID4Africa speakers urge legal identity inclusion for refugees, stateless persons

African governments must accelerate efforts to provide legal and digital identity to refugees and stateless populations, according to speakers at…

 

Biometrics lawyer Dan Saeedi talks BIPA on Biometric Update Podcast

Dan Saeedi is a BIPA buster. The renowned Chicago attorney, CIPP/US,a partner and team co-lead of the biometric privacy team…

 

World Bank, African DPAs outline formula for trusted digital identity, DPI

Trust has moved steadily to the center of the conversation around digital public infrastructure and identity at ID4Africa, and the…

 

UK watchdog warns of legal risks as London police deploy LFR at protest

London’s Metropolitan Police will deploy live facial recognition (LFR) technology at a protest for the first time this weekend, prompting…

 

Age assurance debate arrives in Bangladesh

The dominos continue to fall in the game of global online safety legislation targeting social media platforms. Bangladesh is weighing…

 

Et tu, browser? Security experts ring bell over browser fingerprinting

Your web browser wants you to think it’s on your side. It’s your helpful window into the online universe, and…

Comments

24 Replies to “Google accused of violating the Illinois Biometric Information Privacy Act”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events