FB pixel

Biometrics vendors increasingly targeted by data privacy act plaintiffs, and other defendants too

Biometrics vendors increasingly targeted by data privacy act plaintiffs, and other defendants too
 

A proposed class action lawsuit has been filed against fingerprint and background check service provider Biometric Impressions for allegedly failing to meet the informed consent requirements of Illinois’ Biometric Information Privacy Act (BIPA), Top Class Actions reports.

The plaintiff, Paul Sayas, alleges he was directed to have a background check conducted by Biometric Impressions, for which the company was paid $35. Sayas claims he was not informed that his biometric data would be stored, let alone how long it would be stored for, and no written notification was provided. Both the notification and consent requirements were therefore not met, according to the plaintiff.

“Biometric Impressions knew or should have known the requirements of BIPA. Biometric Impressions’ violations of BIPA were reckless or in the alternative, negligent,” the suit, which was filed with Cook County Circuit Court, claims.

Hyatt Hotels Corporation, meanwhile, is attempting to bring biometric time and attendance system vendor Kronos into its potential class action suit, countersuing Kronos as the actual defendant and party which violated BIPA, according to Loop North News.

The hotel chain claims that under the terms of its contract with Kronos, the biometrics vendor is the one performing all the actions that BIPA applies to, like collecting, storing, and transmitting fingerprint data. It’s suit says that Kronos declined to assist it in the defence against its former employee’s lawsuit, and accuses Kronos of breaching its contract. Hyatt seeks a court declaration that Kronos “did not perform its obligations in compliance with applicable laws, including BIPA,” and bears a responsibility to assist Hyatt in the class action case.

Kronos has until January 24 to respond to the counterclaim.

Dylan’s Candybar has also been sued for improper collection under BIPA of fingerprint data for time and attendance tracking.

Target is the latest major retailer to be sued under BIPA, following cases recently filed against The Home Depot and Lowes. Greensfelder, Hemker & Gale Attorney Dawn Johnson tells Franchise Times that each of multiple scans by facial recognition cameras will be considered a separate violation under the data protection law, meaning a single visit to the store could create liability of $5,000 times the number of scans.

“With statutory damages up to $5,000 per violation, you can see how this can get very expensive and probably bankrupt some companies (similar to what the TCPA has done),” writes Johnson in reference to the Telephone Consumer Protection Act.

“Target is only the latest big-box retailer to be sued. This reinforces the importance of making sure you comply with laws before installing these types of systems for whatever purpose you are using them.”

Johnson says the increase in BIPA cases has been huge, to the point of roughly one new one each day.

Franchise attorneys likewise see a similar increase as likely to be caused by the new California Consumer Privacy Act.

In a review of the year in biometric privacy for Mondaq, Kimberley J. Gold and other attorneys from the firm Reed Smith concurs with that forecast for the CCPA, which took effect on January 1.

More than 200 class actions were filed under BIPA in 2018 and 2019 alone, according to the article, and with the Rosenbach decision early in the year that standing is created by statutory violations of BIPA is noted as a major event.

New York’s SHIELD Act is also pointed out, as it expands the state’s data breach notification law to specifically include biometric data among “private information” that triggers notification and disclosure obligations. Alaska is also working on similar legislation to that of Illinois’, according to the report, while Massachusetts like CCPA includes biometric data in a broader definition of personal data, but also includes a private right of action for statutory failures without the need to establish standing by proving harm.

Other states, such as Arkansas, adopted or changed data breach laws to specifically address biometrics. The number of states extending biometric privacy rights to consumers and employees is also expected to increase in 2020, making it ever more important for organizations to be aware of their obligations in terms of proactive measures, such as obtaining consent, and reactive measures, such as breach notification requirements. Policies should be drawn up or updated to avoid costly litigation or regulatory action.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

UK police look at future tech, including biometrics like brainwaves

With technology, what was once cutting edge will one day become the norm. Currently, the police are incorporating facial recognition,…

 

ITL signs up French reseller for retail biometric age checks

France-based retail technology provider Bergens has been selected by Innovative Technology (ITL) as its authorized reseller in the region for…

 

4i Digital integrates verifiable credentials from Dock Labs

Latin American ID verification and biometrics provider 4i Digital has announced the integration of verifiable credential technology from Dock Labs….

 

World positions World App as a ZKP-based age verification solution

World has entered the age assurance arena. A post on the World blog says the company’s solution for age verification…

 

Identity verification to surpass $20B by 2030 amid transition to reusable digital ID

Total global revenue from identity verification services will exceed $20 billion by 2030, with digital identity verification passing traditional identity…

 

Mastercard joins OpenWallet Foundation, Paycode partners up to scale digital transactions

A new foundation membership and a technology partnership announced by digital wallet and payment providers are aimed at making digital…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Biometric Market Analysis

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events