Postal Service moves to dismiss biometric data privacy suit
The U.S. Postal Service has filed a motion to have a lawsuit alleging it failed to meet its legal obligations when setting up a service utilizing facial recognition thrown out for lack of standing.
The agency told a D.C. federal judge that the suit brought by the Electronic privacy Information Center (EPIC) does not show harm to the organization, and therefore should be thrown out, according to Law360.
EPIC alleges that the Post Office failed to conduct a privacy impact assessment when setting up its Internet Covert Operations Program (iCOP), which supports investigations by the agency’s law enforcement unit. The Post Office is required to under the E-Government Act of 2002, EPIC contends.
The iCOP program uses biometrics as well as a social media surveillance platform called Zignal.
The Post Office counters that not only does EPIC not have standing, the E-Government Act of 2002 does not include a private right of action, and the basis for cause of action under the Administrative Procedure Act does not apply, due to a specific exemption for the agency granted by Congress.
No new privacy impact assessment has been uploaded to the Post Office website since 2010, EPIC says, but the Post Office counters that the passage of the E-Government Act the plaintiff refers to does not oblige it to provide information to the public.
Clearview plaintiffs seek to reverse MDL consolidation
Multi-district litigation against Clearview AI has increased in size, but possibly only temporarily, as four individuals from California and two community organizations have asked a federal court in Illinois to remand their case back to Alameda County Superior Court, Law Street reports.
The Judicial Panel on Multidistrict Litigation (JPML) consolidated the case with ongoing MDL against Clearview alleging privacy violations in the creation of its database of images from the internet earlier in the month. The plaintiffs claim the removal federal court and subsequent consolidation is based on claims Clearview cannot possibly prove, and that even if they could, they still do not constitute a basis for removal.
Apple suit thrown out, but no sanctions for plaintiff’s “egregious misrepresentations”
A suit against Apple over the misidentification and arrest of a man accused of shoplifting at one of its stores, which he claimed was based on a false positive facial recognition match, has been thrown out. The company’s attempt to have sanctions applied against Ousmane Bah for what it calls his “egregious misrepresentations” has been denied by a federal judge, however, Law360 reports.
Bah had claimed that Apple was informed of the mistake by its security contractor, but his case was dismissed after local police discovered a person posing as Bah, who turned out to be a friend of Bah’s. Apple alleges that Bah hid his friendship with the real thief, and knowledge of the thief’s actions.
The plaintiff’s claims that Apple and security contractor SIS were aware that he was not the real thief when he was arrested in Massachusetts because the impersonation had already been found in New York does not follow, the judge ruled, as it is not the duty of a person or business reporting a crime to investigate it before reporting it to authorities.
BIPA updates: Instagram, insurers
Facebook says a minor who is among plaintiffs in a suit against Instagram under Illinois’ Biometric Information Privacy Act (BIPA) signed up for a second account with the social media app, and agreed to arbitration of any claims in doing so, according to Law Street.
The defendant has already sought to have the case removed to arbitration, and it was during the discovery related to that motion that the second account was found. The presiding federal court judge has ruled that the new allegation merits a supplemental briefing from plaintiffs.
Insurers may be liable for some biometric data privacy claims pursued up to five years after the fact, a trio of attorneys from law firm Kennedys write in an expert analysis for Law360.
An appellate court ruled in September that claims under BIPA sections 15(c) and 15(d) have a one-year statute of limitations, while other sections have a five-year limit, in Tims v. Black Horse Carriers, Inc.
Combined with a decision in a separate case earlier in 2021, insurers may be liable for BIPA violations under Coverage B of commercial general liability insurance policies.