Biometric Information Privacy Act Lawsuits

Biometrics such as fingerprints, retina scans, voice recognition and facial imaging are biologically unique to each individual; therefore, once compromised, an individual has no recourse and is at a heightened risk for identity theft.  This exposes employees and consumers to serious and irreversible privacy risks.

For example, if a fingerprint database is hacked, breached, or otherwise exposed in the same manner as the recent Equifax breach, employees have no means to prevent the misappropriation and theft of their own biometric makeup.  Unlike social security numbers or other financial information, biometric data is part of Plaintiffs’ physical being and cannot be changed.

Recognizing these risks, Illinois has enacted the Biometric Information Privacy Act “BIPA” – one of the strongest state laws protecting individuals’ biometric data.

BIPA achieves its goal by making it unlawful for business to, among other things, “collect, capture, purchase, receive through trade, or otherwise obtain a person’s or a customer’s biometric identifiers or biometric information, unless it first:

  • Informs the subject in writing that a biometric identifier or biometric information is being collected or stored;
  • Informs the subject in writing of the specific purpose and length of term for which a biometric identifier or biometric information is being collected, stored, and used; and
  • Receives a written release executed by the subject of the biometric identifier or biometric information.”

BIPA also establishes standards for how employers must handle Illinois citizens’ biometric identifiers and biometric information.  For example, BIPA prohibits businesses from disclosing a person’s or customer’s biometric identifier or biometric information without first obtaining consent for that disclosures.

BIPA also prohibits selling, leasing, trading, or otherwise profiting from a person’s biometric identifiers or biometric information (740 ILCS 14/15(c)) and requires private entities to develop and comply with a written policy – made available to the public – establishing a retention schedule and guidelines for permanently destroying biometric identifiers and biometric information when the initial purpose for collecting such identifiers or information has been satisfied or within three years of the individual’s last interaction with the private entity, whichever occurs first.

Finally, BIPA provides for statutory damages of $5,000 for each willful and/or reckless violation of BIPA or, in the alternative, statutory damages of $1,000 for each negligent violation.

Our firm is at the forefront of BIPA litigation to protect people’s biometric data and privacy.

We have brought cases against employers and other retail business who have collected individual’s biometric data without properly safeguarding it.  Some of our cases include businesses failing to comply with BIPA regarding employee thumb scans used for timekeeping purposes and/or companies alleging violations related to their facial recognition payment system.

We represent employees and consumers in complaints filed against:

  • Abra Auto Body & Glass
  • Albertsons Companies
  • Applied Acoustics
  • Brown v. WeatherTech
  • Caputo’s
  • Chicago Lakeshore Hospital
  • Con Tech Lighting
  • Cothron v. White Castle
  • DPI
  • East Side Child Development Center
  • Four Seasons Hotels
  • Elite Labor Services
  • Figueroa v. Tony’s Fresh Market
  • Figueroa v. Kronos
  • Finkl Steel
  • Hegewisch Development Corp.
  • Hooters
  • Ingalls Hospital
  • Kronos
  • Mariano’s
  • Near the Pier Development Center
  • Nemera
  • NFI
  • Northshore University Health System
  • Northwestern Lake Forest Hospital
  • Pill Hill Development Center
  • Polartech
  • Power Solutions International
  • Rich Products
  • Smith Senior Living
  • Southwest Airlines
  • Speedway Gas Stations
  • St. Anthony
  • St. Bernard Hospital
  • Tony’s Fresh Market
  • WeatherTech
  • West Austin Development Center
  • White Castle
  • Wow Bao

Most recently in a unanimous opinion, the Illinois Supreme Court held – as Stephan Zouras, LLP has always maintained – that individuals need not allege “actual injury” to recover damages for the unlawful procurement of biometric data, including through fingerprint scans in the workplace.

In the wake of the Illinois Supreme Court ruling, Stephan Zouras, LLP will resume litigation in over 45 pending class actions under BIPA.

If you believe your biometric data has not been properly safeguarded by your employer or other business or has been compromised and/or want more information on your rights, please contact us.

← Back to Cases

How can we help you?

Contact Us