FB pixel

Macy’s blasts ‘legal gamesmanship’ in biometric data privacy suit, seeks dismissal

Data scraping and limitation of BIPA considered
Macy’s blasts ‘legal gamesmanship’ in biometric data privacy suit, seeks dismissal
 

A lawsuit alleging the use of Clearview AI’s face biometrics service by Macy’s Retail Holdings in violation of the Illinois Biometric Information Privacy Act (BIPA) should be thrown out over “blatant forum-shopping,” plus the plaintiff’s failure to allege that their data was ever collected, accessed or otherwise used by the company, according to a defense motion to dismiss.

Law Street Media reports that the plaintiff had attempted to include Macy’s in the multi-district litigation (MDL) currently underway against Clearview, prompting the retailer to accuse plaintiffs of “legal gamesmanship.”

The motion notes that the case against Macy’s was the only one involving Clearview which was not consolidated with the rest last December. Plaintiff Isela Carmean voluntarily dismissed her complaint just before her opposition brief was due in an initial suit, and has since refiled it as part of the consolidated compliant without requesting the court transfer the original case to the MDL.

Courts have previously determined that an ongoing, underlying case is necessary to add a plaintiff or defendant to an MDL, Macy’s argues in a brief in support of its motion.

Carmean also did not allege that she had visited a Macy’s store, where her biometrics could have been collected, the company says.

Legal status of biometric data scraping uncertain

Experts tell Law360 that using automated software to collect data from websites, as Clearview did to build its biometric database of billions of images, may not fall afoul of GDPR, let alone American data breach laws.

Data scraping incidents involving Facebook and LinkedIn in Ireland and Italy, respectively, are being investigated, but each company says it has not suffered a data breach, and has emphasized that the data harvested was marked ‘public.’

University of Colorado Law School Silicon Flatirons Center Executive Director Amie Stepanovich notes that U.S. data breach laws consider personal data in a fairly limited sense.

“Information that might not seem on its own to be sensitive or worth notifying people over can become sensitive when combined with other data,” Stepanovich tells Law360. “We need to open our thinking as to when people need to be notified when their information is compromised, regardless of whether the compromise stems from a ‘security breach’ or whether that data is ‘publicly available.'”

Facebook says cracking down on data scraping without diminishing the social network’s user experience would be practically impossible.

Kronos stay rejected

A requested stay in the biometric data privacy case against Kronos Inc. pending decisions in a pair of other suits has been denied, according to a separate Law360 article.

Courts are hearing arguments related to BIPA’s statute of limitations in Tims v. Black Horse Carriers Inc. and Cothron v. White Castle, according to Kronos, but an Illinois federal judge rejected the request on grounds that Kronos waited too long to file for the stay.

A decision may come soon in the White Castle case, in which plaintiffs allege that each individual biometric verification counts as a separate violation of BIPA. An amicus brief filed by the Restaurant Law Center and the Retail Litigation Center Inc. argues that such an interpretation overreaches the text of the Act. White Castle has argued the suit was filed after the statute of limitations had already expired.

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

UK government wades into private sector territory with mDL, digital wallet

The UK government has thrown the nation’s digital identity ecosystem into confusion with the revelation that the Gov.uk digital wallet…

 

Trump unveils landmark AI initiative called ‘Stargate’

Coinciding with his repeal of former President Joe Biden’s 2023 AI Executive Order that required AI companies to share safety…

 

Opinion: Mexico’s AI Bill highlights global trends in compliance and fair use

By Tony Porter, Chief Privacy Officer, Corsight AI The global regulatory landscape for AI is evolving at a breakneck pace,…

 

All eyes on AI Act exemptions as ban on high-risk AI systems nears

Despite being celebrated as the world’s first comprehensive AI legislation in the world, the European Union’s AI Act has left…

 

Idemia liveness detection tops DHS evaluation

Idemia Public Security has announced it scored the highest biometric accuracy and fairness in an assessment of its liveness detection…

 

Keyless adds $2M in funding to fuel North American expansion

Keyless has raised $2 million in a selective strategic funding round to support its plans for continued growth in 2025,…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events