Apple bid to dismiss biometric data privacy suits rejected, but 2 of 3 claims have no standing
Two out of three claims against Apple under Illinois’ Biometric Information Privacy Act (BIPA) have been sent back to state court, after Apple removed all three to federal court and then challenged the court’s jurisdiction, Law360 writes.
A trio of plaintiffs are suing the tech giant on grounds that its facial recognition software processed their biometric data without following BIPA’s requirements. It had been removed to federal court for meeting the size threshold, but as two of the three claims allege statutory harm rather than injury in fact, they belong in state court, District Chief Judge Nancy J. Rosenstengel ruled. The judge also noted that it is unusual for defendants to have a case removed to a different court and then challenge that court’s jurisdiction.
The claim that the information was collected without consent will go forward in federal court, while the claims that Apple did not provide a retention and deletion schedule for the data and that Apple profited by including the software on devices it sold will be heard in Illinois state court.
Judge Rosenstengel also ruled against the plaintiffs’ Hazlitt et all’s claim that Apple had harmed them not deleting the data, on grounds that Apple’s obligation to do so only kicks in three years after they last interacted with the company or devices, yet they did not allege that they have stopped using the devices. On the second claim remanded to state court, Judge Rosenstengel ruled that BIPA prohibits selling biometric data, not the technology to use it.
The lack of consent, however, could potentially establish federal standing, Judge Rosenstengel wrote.
Apple’s argument that the claims pertained to photos, which are exempted from the definition of biometric data by BIPA, was rejected as it is the scanning of the photos which is at issue. Also rejected was Apple’s position that it does not collect the biometric data, as it is stored on the devices and the company does not have access to it. The judge ruled that by selling the devices, Apple establishes a direct relationship with customers, which gives the allegations merit, if not the plausibility which will be examined at subsequent stages of the trial.
The judge declined to rule on Apple’s claim that plaintiff’s have not proven any violations were “intentional and reckless,” thus meeting the standard for higher damages, as the matter is only relevant during the recovery or damages phase.
Apple | biometric data | biometrics | BIPA | data collection | data protection | facial recognition | legislation | privacy