Five Guys Sued in Biometric Privacy Lawsuit
Five Guys Enterprises, LLC is facing a proposed class action lawsuit in Illinois, alleging the restaurant chain violated the state’s Biometric Information Privacy Act (BIPA) by collecting employees’ fingerprints without providing proper notice or obtaining their consent. Jeremiah M. Greenwood, a former shift manager of Five Guys Operations, LLC, is bringing the complaint against the company for allegedly violating their privacy rights as codified by BIPA.
The purpose of BIPA is to preserve an individual’s right to privacy and control over their biometric data. During Greenwood’s employment with Defendant, they used a time clock system that required employees to scan and input their fingerprints or thumbprints to log in and out. According to the Illinois Supreme Court, “When a private entity fails to adhere to the statutory procedures…the right of the individual to maintain his or her biometric privacy vanishes into thin air. The precise harm the Illinois legislature sought to prevent is then realized.”
The plaintiff is alleging that Defendant violated Section 15(b) of BIPA by collecting and storing biometric identifiers and information without first obtaining informed written consent. This is likened to an act of trespass, as it is an invasion of an individual’s private domain. Common questions of law and fact exist, and Plaintiff seeks to represent a class of all current and former employees of Defendant in the State of Illinois who had their biometric information collected without informed written consent.
“When a private entity fails to adhere to the statutory procedures…the right of the individual to maintain his or her biometric privacy vanishes into thin air,” said Illinois Supreme Court. “The precise harm the Illinois legislature sought to prevent is then realized.”
The Court has subject matter jurisdiction over Plaintiff’s claims on the basis of diversity jurisdiction and the Class Action Fairness Act (CAFA). Plaintiff could recover more than $75,000 in statutory damages by utilizing Defendant’s Technology a minimum of seventy-five (75) times. CAFA jurisdiction is satisfied because liability for 5,001 individual violations involving 100 employees would exceed $5,000,000 in damages.
Plaintiff seeks relief in the form of “liquidated damages for negligent violations of Section 15(a)”, “liquidated damages for intentional and/or reckless violations of Section 15(a)”, “reasonable attorney’s fees and costs”, an injunction against Defendant from further violations of Section 15(a), and the certification of a proposed class.
The case is an important reminder of the importance of protecting biometric data and adhering to BIPA’s procedures for obtaining informed written consent before collecting biometric identifiers and biometric information. “The right of the individual to maintain his or her biometric privacy must be respected,” said the Illinois Supreme Court. “The precise harm the Illinois legislature sought to prevent is then realized.”