Advocates seek higher biometric data privacy damages as settlement millions add up
The scope and impact of biometric data privacy lawsuits is coming into sharper focus, as a court considers whether claims under Illinois law accumulate. In related news, claimants say their standing in allegations against Clearview does not need to be reviewed, while Facebook has succeeded in having claims against Instagram arbitrated, a new complaint was filed and another settled.
The issue is mostly playing out based on state-level regulation, though the chair of the U.S. Federal Trade Commission says the body will consider ways to curtail abuse or negligence with customers’ personal information, Law360 writes (subscription required).
Lina Kahn also said at an International Association of Privacy Professionals event in Washington, D.C. that the market conditions could make the notice and consent approach to data use permissions obsolete. Kahn also noted that federal legislation could help deal with excessive data collection by businesses.
EPIC argues for claim accumulation
The scope of claims under Illinois’ biometric data protection law should include all instances of violation, not just the first one, according to an amicus brief filed by the Electronic Privacy Information Center (EPIC) in a case being heard by the Supreme Court of Illinois.
The dispute between Cothron v. White Castle under the state’s Biometric Information Privacy Act (BIPA) was sent to the State Supreme Court to decide if potentially ruinous penalties should be levied based on repeat violations.
EPIC argues in the brief that the State Supreme Court ruling in Rosenbach v. Six Flags clarifies that each violation causes injury, leading to the rejection of White Castle’s arguments by district and appeals courts. The organization also suggests that a finding for White Castle would allow employers to secretly collect biometrics from employees, “wait out the statute of limitations,” and then use it with impunity.
Plaintiffs suing Clearview AI are arguing that a judgment not to dismiss the suit on grounds of legal standing was sound, and does not need to be reconsidered, counter to what the company argues, reports Bloomberg Law.
Meanwhile, a proposed class-action lawsuit has been filed against eyewear vendor LVMH in federal court alleging violations of BIPA’s informed consent requirements with its Virtual Try-On tool, according to The Business Times.
Instagram wins case-by-case arbitration
Instagram parent company Facebook has been granted a motion to move claims against it for alleged biometric data privacy violations to an arbitrator to be heard on an individual bases, Bloomberg Law writes.
The federal court ruling sides with the social media platform in finding that users agreed to arbitration clauses as part of its terms of service. The document setting out his reasoning, however, has not been released to the public, however, possibly due to the inclusion of proprietary information.
The plaintiffs had alleged that the company used their face biometrics as training data.
3.3M settlement reached
Human resources technology provider UKG will pay more than $3.3 million to settle the case brought against it by people who used its biometric scanners for time and attendance tracking, Top Class Actions reports. That amounts to an estimated award of between $200 and $400 per claimant.
The company also agreed to publicly post its biometric data policies and encourage BIPA-compliant deployments by its clients.
UKG is also the parent company of biometric workforce management device-maker Kronos.