Juul Labs Is Facing A BIPA Class Action Lawsuit Over Its Use of Facial Scans to Verify Users
A class action lawsuit alleges Juul Labs’ policy of scanning faces of customers to verify their age is illegal under the Illinois Biometric Information Privacy Act.
Juul Labs is allegedly collecting users’ facial biometric data, without their consent, for verifying their age
According to a complaint filed in Cook County Court, Illinois, Juul implemented “additional layers of security” to its online purchasing system in November 2018. This was done to confirm the ages of customers after the company received backlash for allegedly marketing to minors. Allegedly, users on Juul.com must provide their name, birthdate, permanent address, and the last four digits of their Social Security number to verify their age. Alternative, customers can verify their age by uploading a photo that Juul scans to match to a government-issued ID card. The suit claims Juul enrolls customers in its database only after scanning their facial geometry.
The complaint claims Juul “exposes its customers to serious and irreversible privacy risks” by using, collecting, and storing, their facial biometric data. Notably, these are the very risks which the BIPA seeks to protect Illinois residents from.
BIPA protects the biometric data privacy of Illinois residents
BIPA requires private entities to obtain informed written consent before collecting, using, or storing biometric identifiers. The BIPA protects information sufficient to recognize a person’s face as biometric information.
BIPA makes it compulsory for companies like Juul to inform customers of the “specific purpose and length of term for which such biometric identifiers or information are being collected, stored, and used”. Furthermore, private organizations are also required to publish written retention schedules for securely erasing biometric data in accordance with the BIPA.
Any private entity that violates the BIPA may have to pay Illinois residents up to $5,000 for each such violation. Hence, each time a facial recognition runs on a person’s image may be a separate violation.
The complaint alleges Juul Labs violates BIPA since it neither provides the required information to Illinois consumers, nor takes their consent before using, collecting and storing their biometric information.
The BIPA Class Action seeks to represent all Illinois users who used the age verification feature on Juul’s website
The class action seeks to represent all Illinois residents whose facial geometry was “collected, captured, received, otherwise obtained, maintained, stored, or disclosed,” by Juul Labs.
If you are an Illinois resident and you have verified your age to make an account on Juul’s website, you may be eligible to be a class member too. You may also be eligible to receive money from any future rewards or settlements in this case.
Follow us to make sure you don’t miss out on any payouts that you may be eligible to receive.
Register for the free weekly newsletter from ClassActionNews.com. We’ll keep you posted on the updates in these cases.
BIPA Class Actions throw light on the rising trend of biometric data collection
BIPA Class actions filed over the past few years highlight a variety of threats to your biometric data privacy. The complaints raise serious allegations about modern day biometric data collection practices.
In many BIPA cases, Courts have ordered the Defendants to pay huge compensations to the affected class. While in many others, Defendants have chosen to settle with the class to avoid litigation.
For instance, Snapchat settled a BIPA class action for $35 millions. While Google agreed to a $100 million settlement in a case, and Facebook settled another for $650 millions. TikTok agreed to a $92 millions settlement in another BIPA class action.
Several apps are using users’ facial scans for user verification or authentication. These scans invariably extract and store users facial biometric information. Often companies do not inform the users of the various details around handling such sensitive information. Tinder, a popular dating app, is also facing a similar BIPA class action for collecting users’ biometric data without consent.
Global fast-food giants like McDonald’s, KFC, Taco Bell, Pizza Hut, etc. are also facing BIPA class actions for collecting employees’ fingerprints without consent. Whereas several popular restaurant chains are facing class actions for collecting customers’ voiceprints in violation of BIPA.
Are other businesses also collecting your biometric data, possibly without consent? Read our investigation on how your Biometric Data Privacy might be at risk and how the laws can help you in securing your biometric data privacy.
You can also secure your Biometric Data Privacy
Quite possibly, businesses may be using your facial biometric data without your consent as well. Your biometric privacy may be at risk too. Certainly all of us interact with various businesses which collect and use our biometric information for authentication, or authorization. Many a times even without our knowledge or informed consent.
If you are an Illinois resident, you may be eligible to collect money as a BIPA class member. Or you may even file a class action under the BIPA yourself. Illinois residents can bring actions under the Biometric Information Privacy Act and recover up to $5,000 for each instance of violation they suffered.
Residents of certain other states could also find similar remedies under their state laws. For instance, California’s CCPA and CPRA offer similar protections to Californians. Multiple consumers have filed class actions alleging similar privacy violations under these laws as well.
We can help in investigating your data privacy claims. Please contact us to consult a class action lawyer at ClassActionNews today.
Subscribe to our weekly Newsletter and stand a chance to recover up to $5,000 too.