Mitek arbitration bid in biometric data privacy lawsuit rejected
A U.S. District Court Judge has ruled that Mitek is not included in the arbitration agreement between its client HyreCar and a customer suing under Illinois biometric data privacy law.
The plaintiff in Joshua Johnson et al. v. Mitek Systems Inc. consented to arbitration to resolve disputes with HyreCar on signing up for its ride-sharing car rental app. When he was redirected to Mitek for identity verification through selfie biometrics, he alleges the company violated the Biometric Information Privacy Act by not gaining the required written consent or satisfying other conditions around data privacy.
Mitek had filed to compel arbitration, arguing that it is a party to the agreement between the plaintiff and HyreCar. As spotted by Bloomberg Law, Chicago Judge Ronald A. Guzmán ruled that Mitek could have been included had the agreement “expressly” said so, but it did not.
The judgement goes into some depth on the treatment of third-party beneficiaries under Illinois law, including a similar lawsuit against Onfido, in which compelled arbitration was likewise denied. A move to dismiss that case, arguing a defense based on the interpretation of data covered by BIPA, was also recently rejected.
Mitek also argued for arbitration on grounds of HyreCar’s reliance on its identity verification services, and the “fundamental fairness” of the complaint dodging the arbitration agreement by not naming HyreCar. Guzmán ruled that the company failed to show either point.