SIA says biometric data privacy claim against Meta ‘does not qualify’

The Security Industry Association has weighed in on a biometric privacy lawsuit that claims Meta broke the law with a discontinued face-scanning app.

SIA members say if the proposed class action filed under Illinois’ Biometric Information Privacy Act is successful, it would depart from the intentions of the legislation by making biometric access control products illegal in the state.

In Zellmer vs. Facebook (18-cv-01880), the plaintiff accuses Meta with capturing, scanning and possessing photos of his face in the app, Tag Suggestions. Through the app, a Facebook subscriber could upload personal images to their account at which point Tag Suggestions would scan and make templates of faces.

The app would prompt the subscriber to identify any templated faces. The plaintiff, who reportedly has never been a member of Facebook, alleges that the social media company’s collection and analysis occurred without his consent and occurred without explanation of the company’s biometric data policies.

SIA members in a friend-of-the-court brief say the case implies that organizations that merely capture a biometric, doing nothing else with the data beyond possibly deleting it, violate BIPA.

They say it would make it impossible for an organization to, for example, automatically match the face of someone who requests entry at a security camera because a template (temporary or not) could not be made for comparison to faces of authorized people. In other words, a person could trigger a biometric data privacy complaint simply by using a scanner for a biometric system to which they have not been enrolled.

“A biometric scan that the biometric application cannot associate with personal data stored by the application — such as an apartment building’s security system — does not qualify,” the organization argues.

The case is long in the tooth, and its outcome is not easy to predict.

Article Topics

biometric identifiers  |  Biometric Information Privacy Act (BIPA)  |  biometrics  |  data collection  |  data protection  |  lawsuits  |  Meta  |  Security Industry Association (SIA)