Big court date coming up fast for a BIPA case involving statute of limitations

That those opposed to the U.S. state of Illinois’ biometric privacy law are placing so much importance on secondary provisions in legislation and not the principle of that law says a lot.
It says that defendants, largely Illinois employers with some notable multinationals doing business in the state, are fighting to limit their blood loss rather than disarming their adversaries — plaintiffs and their lawyers.
The next important court date in this campaign is September 22 and involves Tims vs. Black Horse Carriers case (No. 127801). The case cannot bring down the Biometric Information Privacy Act, but regardless of its outcome, it will be important.
BIPA mandates that those collecting biometric data first get the informed consent of the owners of the data sought and that they be told how the information will be managed.
BIPA provides up to $5,000 per violation, which means some secondary provisions of the law can be expensive for losing defendants. At issue in Tims vs. Black Horse is whether the statute of limitations for filing a complaint under BIPA is one year or five.
The lead plaintiffs in this proposed class action are two drivers who were required by their suburban Chicago employer, Black Horse (since purchased by Penske Logistics), to digitally submit fingerprints as part of their regular workday.
A longer period means more potential violations. A shorter one could mean defendants have less incentive to follow the rules that give individuals some measure of control over their data.
The plaintiffs’ original argument, of course, is that contrary to BIPA, they were not asked for their consent and were not told how the biometric data would be managed.
A list of briefs in the case can be found here, and is noteworthy for two amicus briefs, one filed by the Illinois Chamber of Commerce supporting Black Horse and the other filed by trial and employment attorneys supporting the plaintiffs.
The chamber complains of the “onslaught of Privacy Act litigation,” that is hurting businesses. Curbing the statute of limitations would right that wrong.
The attorneys make a more technical argument, first saying that although no statute of limitations is stated in BIPA, that this is a common legislative occurrence, and that it is equally common to apply a five-year statute in such cases.
They also take issue with the defendant’s tying a loss of privacy to a publication of personal data. In this case, they say, data is being transferred to a third party, not the general public. The attorneys say publication is not as relevant here as is the loss of control of personal data and the threat that poses.
Article Topics
biometric data | Biometric Information Privacy Act (BIPA) | biometrics | data protection | lawsuits | legislation | time and attendance

Comments