FB pixel

Biometric privacy lawsuit hits law enforcement provider in latest round of BIPA class actions

Biometric privacy lawsuit hits law enforcement provider in latest round of BIPA class actions
 

Motorola and Vigilant are among the latest crop of companies to be named in Biometric Information Privacy Act (BIPA) lawsuits, for their role in the state’s gallery of mugshots, Law Street reports. The suit appears to be the first known instance of BIPA defendants operating a database used by law enforcement customers.

A trio of plaintiffs filed the suit in Illinois Northern District Court, alleging that Motorola and Vigilant store booking images of more than 18 million people, including people who have been found innocent or had charges expunged, without providing the data storage, use and deletion policies required by BIPA. The companies offer access to the images to law enforcement agencies for a fee. The plaintiffs did not consent to the collection of their biometrics by these companies either, the complaint claims, though presumably the initial image collection by law enforcement did not require consent.

The suit makes the usual points about the endurance of biometrics and claims about the potential harms of the data’s misuse or theft.

The database is also allegedly used with other facial recognition products to allow nearly real-time identification and tracking of millions of people. This claim relates to recent allegations that Clearview AI was used by up to 30 Chicago Police officials. Between the two BIPA suits, the inner workings of the Chicago Police Department could soon become public information.

OkCupid data access allegedly not ok

Startup Clarifai has similarly been sued for allegedly using biometric data from OkCupid user profiles to train its facial recognition algorithm without providing information or receiving consent from the users, Bloomberg Law reports.

The suit was filed in Cook County Circuit Court, and claims Clarifai gained access to the data through an investor with ties to dating website OkCupid.

“OkCupid did not enter into any commercial agreement at that time with Clarifai, and has no relationship with the company now,” OkCupid Global Communications Manager Michael Kaye told Bloomberg Law.

Also in the Cook County, vending machine operator Compass Group USA Inc. has been hit with a BIPA suit for collecting thumbprints without meeting the informed consent requirements, reports Top Class Actions. The plaintiff claims she did not fully understand that her biometric data would be kept when she used one of the company’s machines, and that its collection of biometrics is invasive and coercive.

A lawsuit has also been filed against XSport Fitness chain operator Capital Fitness and its subsidiary Executive Affiliates for collecting employee fingerprints without informed consent, according to ClassAction.org. Executive Affiliates used a fingerprint biometric time and attendance system without following any of the data policy disclosure requirements of the Act, according to the allegations filed with the Circuit Court of Cook County.

Expert says private right of action has unintended consequences

American Action Forum Director of Technology and Innovation Policy Jennifer Huddleston says other states considering data privacy legislation should consider the potential downside of bestowing a private right of action on citizens, Alton Daily News writes.

“You have the possibility that these lawsuits and this threat of liability could deter innovation as a result of concern that anything that doesn’t clearly check all of those boxes is going to be subject to very expensive litigation,” Huddleston explains.

She refers to the practice of withholding certain services from state residents, one potential unintended consequence of the private right of action, as “innovation arbitrage.”

Article Topics

 |   |   |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Municipal ID programs offer ID to undocumented people, and ICE wants their data

Amid the ongoing collapse of democratic norms in the U.S., it is easy to miss a nightmare scenario unfolding for…

 

Unissey levels-up biometric injection attack detection certification

Unissey’s face biometrics have been certified to substantial-level compliance with the European biometric injection attack detection (IAD) standard. Injection attacks…

 

Hey babe, check out my regulations: porn star, VerifyMy spice up UK Online Safety Act

It’s one thing when Christian moralists lobby for age assurance laws – but another thing entirely when the voices are…

 

Regula launches dedicated biometric morph attack detector

A new face morphing detector has been unveiled by Regula to defend against the significant security threat of passports and…

 

UK regulator fines 23andMe over massive genetic data breach

The U.K. Information Commissioner’s Office (ICO) has fined U.S.-based 23andMe £2.31 million for serious security failures that resulted in a…

 

Tonga reveals MOSIP and VS One World foundations of DPI success

Tonga launched its TongaPass digital ID and digital government portal this month. The government is now ramping up registration as…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Biometric Market Analysis

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events