Limit to accrual of biometric data privacy violation penalties a step away in Illinois

Illinois legislators have approved amendments to the state’s notorious Biometric Information Privacy Act to limit the definition of violations under the act to only the first biometric scan, rather than damages accruing with each subsequent scan under the same conditions.

The Illinois House of Representatives approved Senate Bill 2979 by an 81-30 margin, the Cook County Record reports, with a handful of Republicans joining the Democratic supermajority. The State Senate passed the bill by a 46-13 bi-partisan vote in April.

Unless Governor JB Pritzker, a Democrat, refuses to sign it, the bill will soon become law.

The Illinois Chamber of Commerce has estimated that BIPA so far resulted in average legal fees of $11.5 million per lawsuit. Further, attorneys have received nearly 40 percent of the proceeds won through the courts and in settlements. The Chamber and other business groups in the state are happy with the change, but want more. Their further demands include retroactive application of the new definition of violations under BIPA, and a carve-out for biometrics use for security purposes, which would follow the lead of Washington’s state biometric data privacy legislation.

White Castle’s recent settlement of a BIPA lawsuit for $9.4 million was based on the definition of violation provided by the amendment.

The bill’s supporters say the amendment will protect small businesses against the threat of ruinous litigation, particularly in cases where no harm that would be recognized outside of the context of BIPA has occurred.

Article Topics

biometric data  |  Biometric Information Privacy Act (BIPA)  |  biometrics  |  data privacy  |  lawsuits  |  legislation