Judge keeps biometric data privacy lawsuit against Jumio alive ‘for now’
A U.S. district court judge has declined to dismiss a biometric data privacy lawsuit against Jumio, but acknowledged that the arguments brought by the company may be sufficient to defeat the claims against it at a later stage in the proceedings.
Jumio provides biometric identity verification for Binance as part of its onboarding procedure for crypto-trading customers.
The plaintiff claims Jumio violated Illinois’ Biometric Information Privacy Act by not collecting his informed consent prior to capturing his biometrics.
Jumio argued that the claims by Illinois resident Cory Davis fail because BIPA does not apply to financial institutions, which include Binance, or to businesses that operate extraterritorially. The plaintiff does not allege any relevant activity by Jumio within Illinois, the company says.
Judge Andrew R. Wood writes in her decision (via Bloomberg Law) that while Binance may be a financial institution, the fact must be established, which Binance’s own claim and registration with regulator FinCEN do not on their own do. If a “cryptocurrency marketplace” counts as a “financial institution,” however, the case against Jumio is doomed.
“That is a determination more appropriately made with the benefit of discovery at the summary judgment stage of the proceedings,” writes Wood.
Similarly, allegations by the plaintiff, plus additional facts submitted afterword, make it plausible that Jumio was conducting business transactions in the state, when viewed “in the light most favorable to Davis.”
“The Court acknowledges that discovery may reveal that the connection to Illinois is sufficiently tenuous as to warrant revisiting the matter at the summary judgment stage of the proceedings,” Wood writes. “But for now, Davis’s claim survives.”