FB pixel

Another big win for BIPA plaintiffs: Each biometric scan is actionable

Another big win for BIPA plaintiffs: Each biometric scan is actionable

Every biometric scan performed in Illinois by a private entity counts as a separate illegal act if it does not comply with the U.S. state’s landmark privacy law, according to the Illinois Supreme Court.

Cothron v. White Castle is yet another far-reaching interpretation of the Biometric Information Privacy Act. While it will impact any business scanning biometrics (and insuring them), it will hit hardest businesses that installed scanners on which employees clock in twice a day, every work day.

There is the second significant BIPA decision this month. The Illinois Supreme Court has found in Tims v. Black Horse Carriers that the act is subject to a single, five-year statute of limitations. The defendant has been arguing for one year.

This case (128004), which is about a legal concept known as claim accrual, alleges the fast-food merchant required plaintiff Latrina Cothron to punch in and out with her fingerprints. White Castle allegedly did not get express written permission to make those scans or disclose how the data would be managed until 2018, a decade after the law was enacted.

Cothron reportedly first scanned her prints at White Castle’s direction around 2004 and she filed her putative class action in 2008, the year BIPA was passed.

Oral arguments before the justices can be viewed here.

There is give on either side of this case. There is no reason for the plaintiff to pull back, not given the history of pro-privacy BIPA cases today.

But businessowners maintain that BIPA has the potential to ruin them, even absent anything that would typically be construed in court as “harm.”

Danielle Kays, senior counsel with the Seyfarth law firm, declined to say if she was surprised by the outcome.

“I would say I’m disappointed, but it is consistent with cases,” says Kays. She has defended companies against BIPA class actions since 2018.

Kays says the decisions have been “draconian,” given BIPA’s scope, which keeps expanding.

Asked if businesses should have known about the risk of biometric scans regulated by a law passed in 2008, she says, “The employees also knew they were scanning” their biometrics.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News


Cryptomathic is Belgium’s digital wallet mobile app security provider

Tech from Cryptomathic has been deployed in Belgium’s digital identity wallet, one of the first to go live in the…


Bringing ethics into the discussion on digital identity

A panel at EIC 2024 addresses head-on a topic that lurks around the edges of many discussions of digital ID….


Kantara Initiative launches group devoted to deepfake injection attack threats

“It’s probably not as bad as this makes it seem,” says Andrew Hughes, VP of global standards for FaceTec and…


Seamfix CEO makes case for digital ID as unlocker of Africa’s growth potential

The co-founder and Chief Executive Officer of Seamfix, Chimezie Emewulu, has posited that digital identity and related services have the…


Nigeria’s digital ID authority unveils new measures to uphold data security

The National Identity Management Commission of Nigeria (NIMC) has outlined new measures that align with its push to make data…


Data Zoo, Metalenz, Precise, Token, Tools for Humanity add executives

A handful of biometrics and digital identity providers have announced leadership team updates including new finance and technology executives at…


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events