FB pixel

US courts training plaintiffs and defendants on repurposing biometric data

Photobucket sued for attempt to monetize, Google beats half of BIPA complaint
US courts training plaintiffs and defendants on repurposing biometric data
 

A potential class action alleging biometric data privacy violations has been filed against photo storage site Photobucket. The twist is that unlike the litany of lawsuits under Illinois’ Biometric Information Privacy Act, Photobucket is alleged to have violated statutes in several different states.

Photobucket recently changed its privacy policy so that it could sell the images stored in dormant accounts, and the face and iris biometric data they contain, as training data for generative artificial intelligence (genAI) models, Ars Technica reports.

The story is essentially one of a company with a dwindling business finding a new way to monetize data it has collected.

The complaint cites BIPA, but also similar laws in New York, California and Virginia, along with consumer protection laws in states like Colorado.

Photobucket sent emails to users with dormant accounts, instructing them to consent to the use of their biometric data or face its deletion, the plaintiffs say, which does not qualify as informed consent. Plaintiffs call the emails “fraudulent and coercive,” and say they presented links to delete information that instead led to pages for accepting the new terms. Those who ignored the email were considered to have opted in after 45 days, the allege.

More than 100 million users could be eligible for damages. At least one Illinois user has been told by Photobucket that his biometric data may have already been sold.

The companies that bought the data, though yet unnamed, are also targeted by the lawsuit.

Repurposing images that contain biometric data has proven thorny legal ground, but the courts are recognizing a difference between doing so by selling them and by using them for algorithm training.

Diversity in rulings for and against Google

Google has partially succeeded in getting claims of biometric data privacy violations against it due to its use of IBM’s Diversity in Faces dataset thrown out.

A California federal judge struck down plaintiffs’ claim under BIPA Section 15(c) and of relief for unjust enrichment in the form of “restitution and disgorgement,” meaning money. The motions to dismiss a relief from unjust enrichment claim in the form of an injunction, however, was denied, along with the claim under BIPA Section 15(b).

Section 15(b) forbids the collection of biometric data without informed written consent. Section 15(c) stipulates that businesses cannot sell or “otherwise profit from” sharing or disseminating people’s biometrics.

Google argued that, as ruled in a similar case against Microsoft, the way it allegedly profited from the data, in this case by using them to train an algorithm, is not covered under 15(c), and that the collection of biometric data did not occur in Illinois, so BIPA has no jurisdiction. Further, no evidence was presented that plaintiff’s Pixel phones were improved with the data in question.

District Judge Beth Labson Freeman ruled (via Law360) that the alleged violations could be inferred to have occurred “primarily and substantially” in Illinois, keeping the 15(b) claim alive, and that plaintiffs can pursue an injunction to prevent future harms under on grounds of unjust enrichment.

Plaintiff Tim Janecyk has been pursuing damages related to the Diversity in Faces dataset since the beginning of 2020, when he filed suit against IBM. He was joined that year by Steven Vance, the other named plaintiff in the suit against Google.

Related Posts

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Liquid identity verifications surge past 60M as Japan leans into chip-scanning

Liquid has reached the 60 million digital identity verification milestone with its online KYC service, with a surge in verifications…

 

Car dealerships rev up digital ID verification to counter rise in identity fraud

Whether it’s a fake credit history, a phony license or a test driver with a stolen identity who makes tracks…

 

GovTech to deliver $10 trillion in value by 2034, says WEF

At the meeting of the World Economic Forum (WEF) in Davos this week, tech is front and center – and…

 

Davos discusses digital wallets, AI economy

This year’s Davos World Economic Forum (WEF) is bringing not only tense trade talks between the U.S. and Europe but…

 

ASEAN updates guidance on deepfakes

The threat of deepfakes is entering high-level discussions from Southeast Asia to Davos. The Association of Southeast Asian Nations (ASEAN)…

 

Philippines faces 36 million backlog in ID cards

The Philippines are still facing a 36 million backlog in distributing the country’s national ID cards which will need additional…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events