Tag: damages

Categories
Biometric Privacy Legal Landscape Legislative Developments & Trends

BIPA Amendments + FTC Warns Automakers

Amendments to the Illinois Biometric Information Privacy Act Would Dramatically Affect Accrual of Damages

The Illinois Legislature approved Senate Bill 2979 (“S.B. 2979”) to amend the Biometric Information Privacy Act (“BIPA”). SB 2979 would limit the extent of potential civil penalties awarded under BIPA by clarifying that multiple collections of a person’s biometric identifier or biometric information using the same method of collection is considered a single violation of BIPA. Once signed, S.B. 2979 will overturn the Illinois Supreme Court’s interpretation of accrual of damages under BIPA in Cothron v. White Castle Sys., Inc., which held that separate BIPA claims accrued with each scan or transmission. SB 2979 further provides that BIPA’s “written release” requirement may be met by an electronic signature.

Senators Call on FTC to Investigate Automakers; FTC Issues Warning to Automakers

Senators Ron Wyden and Edward Markey issued a letter to the Federal Trade Commission (“FTC”) Commissioner Lina Khan requesting that the FTC investigate major automakers’ sharing of geolocation data in response to law enforcement requests. The letter follows an inquiry by Senator Wyden’s office, which asked the association representing automakers how their members respond to law enforcement requests for location information collected from vehicles. The letter alleges that several auto manufacturers do not require a warrant or court order to provide geolocation information to law enforcement as required by their pledge under the Consumer Privacy Protection Principles of the Alliance of Automobile Manufacturers and the Association of Global Automakers. Two weeks later, the FTC released a post to its Technology Blog reminding car manufacturers, and all businesses, that the FTC will take action to protect consumers against unfair and deceptive practices with respect to the collection, use, and sharing of data, particularly sensitive personal data such as geolocation and biometric data.

To read more articles from the June 2024 edition of Blank Rome’s BR Privacy & Security Download, please visit our website.

Categories
Biometric Privacy Legal Landscape Case Law Developments

$228M Damages Award Vacated in First BIPA Trial

Karen H. Shin |

The U.S. District Court of the Northern District of Illinois vacated a $228 million damages award in Rogers v. BNSF Railway Co., the first case tried to a verdict under the Illinois Biometric Information Privacy Act (“BIPA”). In Rogers v. BNSF Railway Co., rail workers alleged that BNSF Railway Co. (“BNSF”) collected their biometric information without informed consent. The jury found that BNSF had recklessly or intentionally violated BIPA 45,600 times (one violation per class member). BIPA provides that intentional or reckless violations of BIPA may result in liquidated damages of $5,000 or actual damages, whichever is greater.

The prior award resulted from multiplying the number of BIPA violations by $5,000 to arrive at $228 million. While the court upheld the verdict that the company violated the BIPA, it held that damages were discretionary under BIPA (due to the term “may”) and ordered a new trial limited to the question of damages.

To read more articles from the August 2023 edition of Blank Rome’s BR Privacy & Security Download, please visit our website.

Categories
Biometric Privacy Compliance Tips Biometric Privacy Legal Landscape Case Law Developments

Illinois Supreme Court Dramatically Expands Liability by Ruling Each Scan of a Biometric Identifier Is a Separate Violation

Amanda M. Noonan |

In a 4-3 split, the Illinois Supreme Court ruled earlier this month that claims under Sections 15(b) and 15(d) of the Illinois Biometric Information Privacy Act (“BIPA”) accrue each time a private entity scans a person’s biometric identifier and/or submits such scan to a third party—rather than only upon first collection. Cothron v. White Castle System, Inc., 2023 IL 128004 (Feb. 17, 2023). This decision—which dramatically expands the scope of potential liability for BIPA defendants—comes just weeks after the Illinois Supreme Court held a five-year statute of limitations applies to all BIPA causes of action in Tims v. Blackhorse Carriers, Inc., 2023 IL 127801 (Feb. 2, 2023).

The impact of Cothron on claim accrual, coupled with Tims’ resolution of the statute of limitations, will have an immense and immediate impact on BIPA class-action lawsuits—many of which had been stayed pending these decisions.

For many businesses that implement biometric time clocks, which scan biometric identifiers to track employee time/attendance, this means each time an employee scans in-and-out of work, a new BIPA violation accrues. Together with the five-year statute of limitations period, BIPA defendants may now be facing hundreds—if not thousands—of independent BIPA violations for a single complainant.

Continue reading “Illinois Supreme Court Dramatically Expands Liability by Ruling Each Scan of a Biometric Identifier Is a Separate Violation”
Exit mobile version