Biometric Data Privacy Class Actions

This page is provided for informational purposes only, and is not the official settlement page.

Biometric Data Privacy Class Actions

Class Action Lawsuits alleging violations of consumers Biometric Data privacy rights are on the rise. Several such class actions have been filed in the past few years alleging serious breach of consumers’ biometric data. The class actions alleged collection and sharing of such data without users’ consent and knowledge.

Illinois’ Biometric Information Privacy Act (BIPA) allows for consumers to sue for illegal breach of one’s biometric information. It also allows consumers to recover statutory damages for the breach of privacy.

BIPA is aimed at protecting the privacy of consumers’ biometric data. It states that a user’s biometric data can only be collected, stored or used with their prior written consent. Any use of such information without the user’s prior consent could be a violation of BIPA. Illinois residents could recover up to $5,000 for each such violation.


It’s high time to get careful about your Biometric Information

Modern technology has made large scale collection of biometric information much easier than we could have ever imagined a few decades ago. Most of us own multiple mobile devices and they are now capable of collecting our biometric information on the go. Consequently, concerns about the privacy and security of biometric data collected by devices like fingerprint and facial scanners have also been growning among consumers.

In 2008, Illinois introduced the Biometric Information Privacy Act (BIPA) to address such privacy concerns. BIPA seeks to protect the privacy of consumers’ biometric information. Additionally, it also allows consumers to bring class actions for any unauthorized use of their biometric.

The biometric data protected by BIPA includes any biometric information which is sufficient to uniquely identify the individual. For instance, fingerprint scan, facial geometry scan, voice print, etc.


Several companies agreed to settle BIPA Class Actions alleging serious violations of consumers’ Biometric Data Privacy en masse

A Recent BIPA Class Action alleged Snapchat was collecting users’ biometric data without due consent. The complaint alleged that filters and lenses on the Snapchat app were gathering biometric facial information of users. Snapchat agreed to pay $35 millions to settle the BIPA class action lawsuit.

Google agreed to pay $100 million to settle a BIPA class action and TikTok settled another for $92 millions. Facebook’s $650 millions settlement is the largest among these recent BIPA class actions.

Recently, the Illinois Norther District Court approved a $6.8 million class action settlement. This one alleged a vending machine system company of collecting users’ fingerprint data without consent.

Many businesses, like grocery store chains, use biometric time clocks to maintain the timesheets of their employees. They make each new employee share their fingerprint scan into their biometric timekeeping systems. Then each time an employee checks in, or checks out, they scan their fingerprint allowing the electronic system to recognize them. Recently filed BIPA class actions for this violation include cases against Food 4 Less, a subsidiary of Kroger Co., and another against Roundy’s Supermarkets, Inc.

One such BIPA Class Action against a railway company settled for $228 millions. Where an employee of the BNSF Railway Company had accused the company of collecting their fingerprints without proper consent.

Newer BIPA Class Actions allege a variety of violations of consumers’ biometric data privacy.


“Virtual Try-On” features on apps or websites, under the BIPA scanner

To provide a more personalized and in-store like experience to consumers, web based businesses now use the “virtual try-on” features on their website and mobile apps. Basically it allows the consumers to use their camera to virtually try-on various products from a website and get a sense of how it would look on them. Several class actions alleged that businesses use consumers’ biometric facial data without due consent, thus violating BIPA.

Some popular businesses sued for using “Virtual try-on” features in violation of BIPA include:

  • Skincare and cosmetic product companies including Giorgio Armani, L’Oréal USA, M.A.C. Cosmetics, Decorté, Estée Lauder Companies, etc.
  • Eyewear companies including Frames of America, Inc., Louis Vuitton, Bose, etc.

Advanced surveillance cameras are capable of capturing facial biometric data

Multiple cameras are capturing our faces anytime we are out in any public space. Undeniably these images and videos contain facial biometric data of all the people in them. Extracting facial geometry and other identifying biometric information from high-quality images and videos is now a breeze thanks to the advanced facial recognition technology.

BIPA Class Actions alleged businesses are collecting, storing and using consumers’ biometric data captured from security cameras without consent. For instance:

  • Walmart
  • HomeDepot
  • Kohl’s
  • Best Buy

Automated Voice Ordering used by various fast-food businesses may be violating BIPA

Evidently, many fast-food companies are using Automated Voice Ordering (AVO) systems for automating the process of placing an order. These systems utilise voice recognition technology to identify users’ responses to their voice prompts. Generally this involves capturing and using users’ biometric voice prints. BIPA Class Actions alleging use of consumers’ biometric voice prints without their consent have been against multiple businesses. Including:

  • Popular fast-food chains like McDonald’s, Applebees, Chipotle, Red Lobserts, etc.

BIPA is inspiring other States to adopt similar laws protecting the Biometric Data Privacy of their residents

California has their own privacy laws which protect consumers from similar violations. Namely, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

Among others, Texas has a law very similar to BIPA. New Hampshire, Alaska, Washington, and Montana are in the process of enacting similar laws to safeguard their residents’ biometric data privacy as well.


Biometric Data Privacy laws on many more grounds are in the waiting

More lawsuits are going to be filed as more consumers learn about these biometric data privacy violations. BIPA, CPRA and other such privacy laws provide strict penalties and allow consumers to recover damages for the violations suffered. That provides a huge incentive for consumers to come forward and file such lawsuits.

If you suspect your biometric data privacy may be at risk too, please contact us and our experts will investigate your claims. We’ll assist you in securing the best remedy available to you. You could also be eligible to recover money for the damages you may have suffered for any breach of your biometric data privacy.

You can read more about interesting class actions, including other cases under the Video Privacy Protection Act in our News section on ClassActionNews.

Join our weekly Newsletter to stay informed about the latest Class Action Settlements. You may be eligible to receive money from a settlement too.


Leave a Reply

Your email address will not be published. Required fields are marked *