FB pixel

Google accused of violating the Illinois Biometric Information Privacy Act

| Stephen Mayhew
Categories Biometrics News  |  Commercial Applications  |  Facial Recognition
 

Google has become the latest technology firm to face legal action after being accused of violating the 2008 Illinois Biometric Information Privacy Act over the use of facial recognition technology and photo sharing.

The Illinois statute requires companies that gather biometric data to notify people about the practice before collecting data, and to publish a schedule for destroying the information.

The statute defines biometric identifier as “any personal feature that is unique to an individual, including fingerprints, iris scans, DNA and ‘face geometry,’ among others,” and establishes biometric information as “any information captured, converted, stored, or shared based on a person’s biometric identifier used to identify an individual.” The law allows for damages of $5,000 for each intentional violation and $1,000 for each negligent violation.

A Chicago resident named Lindabeth Rivera filed the class action complaint on March 1 in federal court in Chicago. The complaint is similar to claims lodged in Chicago federal court in June and August last year against Shutterfly and Facebook over their use of facial recognition technology in digital photo sharing and social media.

In January, a federal judge in Illinois dismissed a lawsuit challenging Facebook’s use of facial recognition software, commenting: “Because plaintiff does not allege that Facebook targets its alleged biometric collection activities at Illinois residents, the fact that its site is accessible to Illinois residents does not confer specific jurisdiction over Facebook.”

In the same month, a different federal judge in Illinois allowed lawsuit against Shutterfly Inc. to proceed despite the company’s claims that its tagging software does not break state privacy law. Shutterfly argued that the Illinois Biometric Information Privacy Act (BIPA) does not pertain to “photographs and any information gleaned from photographs” as they “cannot be biometric identifiers”.

According to Rivera’s complaint, as reported by Cook County Record, Google’s cloud-based Google Photos service has “created, collected and stored” millions of “face templates or face prints from millions of Illinois residents, many thousands of whom are not even enrolled in the Google Photos service. Google creates these templates using sophisticated facial recognition technology that extracts and analyzes data from the points and contours of faces that appear in photos taken on Google Droid devices and uploaded to the cloud-based Google Photos service.

“Each face template that Google extracts is unique to a particular individual, in the same way that a fingerprint or voiceprint uniquely identifies one and only one person,” the complaint said. “Since the service functions without respect to whether any of the people have Google Photos accounts, the company did not meet its obligation under BIPA guidelines to notify non-users “of the specific purpose and length of term for which their biometric identifiers or information would be collected, stored and used, nor did Google obtain a written release from any of these individuals. … Google does not have written, publicly available policies identifying their retention schedules, or guidelines for permanently destroying non-users’ biometric identifiers or information.”

Rivera has asked the court for class certification and a jury trial and to award BIPA’s statutory damages and attorney fees, as well as an order requiring Google to comply with the act.

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

OpenAge is on a roll: CEO talks AgeKeys with Biometric Update Podcast

Since launching in November, the OpenAge Initiative has become a common reference point among many in the age assurance industry….

 

Milwaukee police sink efforts to contract facial recognition with unsanctioned use

A meeting on whether and how Milwaukee police should use facial recognition in criminal investigations took an unexpected turn Thursday…

 

New UK deepfake detection testing framework, challenge aim to meet crisis head-on

Having declared deepfakes the greatest challenge of the online age, the UK government is set to take the lead on…

 

Kneron’s access control biometrics pass Fime performance and PAD assessments

Kneron’s has passed assessments for biometric presentation attack detection and performance in a month-long evaluation of its access control technology…

 

Entreprises d’identité, unissez-vous! French MoU unites EUDI Wallet stakeholders

Dozens of firms and public authorities have agreed to work together on the launch of France’s implementation of the European…

 

Analysis of 50 European eIDs shows most popular apps found in Ukraine and Turkey

The most popular European digital identities are not in the EU, a new survey analyzing 50 eID apps across the…

Comments

24 Replies to “Google accused of violating the Illinois Biometric Information Privacy Act”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events