Biometric data privacy claims are getting intense. Ask White Castle and Amazon

Two new proposals to remove the most important biometric privacy law at the state level in the United States have been launched.

The law is Illinois’ biometric information privacy law, and the aggrieved parties are regional hamburger chain White Castle and increasingly petulant Amazon Web Services.

White Castle lawyers went to the Illinois Supreme Court this week to argue that if each use of biometrics constitutes a separate violation of BIPA, the companies could be driven out of business as the law allows for damages $1,000 to $5,000 per violation.

White Castle used biometric fingerprint systems to verify the arrival and departure of hourly employees, including longtime employee and Illinois resident Latrina Cothron.

Cothron sued in 2019 because, contrary to BIPA provisions, the channel did not obtain his explicit consent to collect his biometric identifiers. The law had been in effect since 2008. White Castle argues that the allegation describes only one “injury” under the law, when Cothron’s biometric data was originally collected, stored and used.

Privacy advocates say the penalty matches the offense because unlike any other type of ID, biometrics are forever unique and cannot be changed if stolen and misused. Theft could be a major and permanent problem.

Analyze the issues, legal news publisher Law360, says employers have fundamental questions about the law. Do they have to get express consent every time they request a biometric ID and share it with an algorithm provider?

According to White Castle, piling up penalties is wrong because employees can refuse to comply, “and that power can only be lost once.”

While this unfolds, Amazon Web Services has decided to dismiss and strike a plaintiff’s class action lawsuit, which its attorneys say is a “brazen attempt” to expand liability under BIPA. according to to market the Law Street publication.

Amazon reportedly collects biometric data from users of the company’s facial recognition service, Rekognition.

Closed last year, the case involves a student using ProctorU, software that monitors applicants remotely for suspicious behavior. Complainant Jacinda Dorian complaints that his uploaded image was ultimately stored on Amazon Web Services servers without his consent.

Amazon almost calls Dorian a gold digger, for suing Amazon and not her university, which required her to register biometrically. (ProctorU was prosecuted separately in 2021 for breaching biometrics after his databases were breached.)

And it goes further, citing the Dormant Commerce Clause of the US Constitution, which Law Street says would not allow a lawsuit based on Amazon’s “totally out-of-state conduct.”

Article topics

Amazon | biometric data | biometric identifiers | biometrics | BIPA | data privacy | data protection | trial | remote monitoring | time and presence

About Andrew Estofan

Check Also

Small Business Debt Limit Raised, Crypto Exec Can’t Drop Case

By Vince Sullivan (June 14, 2022, 6:17 p.m. EDT) – Congress has moved to permanently …