Clarity in biometric data privacy suits rules sought for insurance and supplied for labor exemptions

Whether disclosure of biometric data qualifies for coverage under a business insurance policy will be decided in the U.S District Court for Northern Illinois, Law360 reports. The insurance company says a BIPA suit against are not covered for seven different reasons.

American Family Mutual Insurance Co. says the unlawful sharing of personal information by McDonald’s franchisees under BIPA does not entail any obligations on its behalf. The policy contains an exclusion for damages for breaking state law that “prohibits or limits the sending, transmitting, communicating, or distribution of material or information,” according to the company’s movement for declaratory judgement.

The policy language requires an “occurrence” resulting in “bodily injury,” “property damage,” or “personal and advertising injury” to be covered. The insurer says no occurrence and none of the three qualifying injuries are alleged in the complaint.

More than two dozen franchisees say the Business Owners Liability Insurance policies they have each held at some point over the past four years with American Family.

The original suit is being heard in Circuit Court, and includes 40 current and former McDonald’s employees of 33 different franchisees, 26 of whom are named in the American Family suit. Plaintiffs in the original suit allege both the usual failure to meet BIPA’s informed consent requirements, but also that the defendants disclosed biometric information from thousands of workers to others in an internal system, in violation of the act.

BIPA coverage disputes are a growing trend which is expected to continue through 2020, attorney told Law360.

Bimbo Bakeries, which makes Sara Lee and other products, has had a motion to dismiss a BIPA suit against it denied by a District Court judge, on grounds that a collective bargaining agreement (CBA) that may exclude it from wrongdoing went into effect after the alleged violations began, according to Top Class Actions.

An employee filed the suit alleging the company failed to inform employees that their data would be shared with a third-party vendor hosting the database, and to provide the necessary data retention and deletion policy. The CBA went into effect in 2018, and requires employees to “exhaust administrative remedies” before taking the employer to court, and Judge Sara Ellis ruled that any alleged violations occurring after that point are invalid. The plaintiff had argued that the consent required by BIPA could only be given by her, not the union.

Bimbo Bakeries had also argued unsuccessfully that the Illinois Workers Compensation Act and the National Labor Relations Act exempted it from the charges brought by the defendant.

Collective labor agreements have previously been found to pre-empt BIPA claims.

Great Wolf Lodge is among the latest businesses to be hit with a potential class action BIPA lawsuit over an alleged failure to obtain informed consent from employees for scanning their fingerprints, according to another article from Law360. The suit is being heard in Cook County Circuit Court.

Article Topics

biometric data  |  Biometric Information Privacy Act (BIPA)  |  biometrics  |  data protection  |  lawsuit