Biometric Privacy | Biometric Data Legal Assistance
Biometrics are used quite often as people may use their fingerprints, face scans, or voice prints to unlock their cellphones. Businesses also use biometrics as a security measure to have their employees clock in for work or access secured areas. While biometrics are a good security measure because biological characteristics can’t be replicated, biometric data can be stolen which puts people at risk of experiencing identity theft.
In 2008, Illinois passed the Biometric Information Privacy Act (BIPA), one of the toughest laws protecting biometric data. This act establishes rules for collecting biometric data, such as obtaining consent from the person from whom it is collected and gives those whose data has been compromised the right to take legal action. A breach in biometric data can result in identity theft which is why it is very important for businesses and institutions who collect biometric data to do it safely and with the consent of the individuals submitting the data.
If your biometric data has been breached or collected without your consent, you have the right to bring legal action under the BIPA. Our attorneys at Anderson + Wanca can represent you if you want to file a lawsuit for violations of the BIPA. We can help obtain the compensation you are entitled to under the act.
What is Biometric Data?
Biometric data is the data gathered from the measurement and statistical analysis of physical and behavioral characteristics. The most common use for biometric data is to verify an individual’s identity in a secure manner. Examples of biometric data that is gathered and used include fingerprints, handprints, DNA, face scans, retina scans, voice prints, gestures, and gait.
Biometric data is often collected by businesses from their employees as a way for employees to identify themselves within their system. Employees may use biometric data to clock in with biometric time clocks, access restricted areas or electronic devices, or become enrolled in healthcare plans through their employer. People may also give their biometric data to retailers or various apps to login and access the features of an app.
What is the Illinois Biometric Information Privacy Act (BIPA)?
The Illinois Biometric Information Privacy Act (BIPA) is a law enacted in 2008 that establishes rules for companies that collect biometric data from employees and customers.
The rules established by the BIPA require the following:
- Informed consent must be obtained prior to collecting biometric data
- Biometric data must be protected and retained according to BIPA guidelines
- Profiting from biometric data is prohibited
- Individuals affected by BIPA violations have a private right of action
- Negligent violations have penalties of up to $1000 for each violation and intentional or reckless violations have penalties of up to $5000 per violation
Case law has established that an individual whose biometric data was collected has legal standing to sue an organization if a technical or procedural rule of the BIPA was violated, even if the individual suffered no injury or adverse effect.
This means that if someone’s biometric data is handled improperly, they still have grounds to bring a lawsuit even if no financial harm was done.
How Can Businesses Avoid BIPA Violations?
Not only do businesses collect biometric data from their employees, but they may also collect biometric data for various purposes from their customers.
No matter who is collecting the biometric data, it is important for businesses and organizations doing the collecting to follow BIPA when it comes to collecting, protecting, and retaining this data.
Businesses and organizations need to do the following to avoid BIPA violations:
- Follow BIPA guidelines for record retention and have your policy publicly available
- Provide specific disclosures according to the BIPA to those whose biometric data is collected
- Obtain written consent from those whose biometric data is being collected
- Store biometric data according to BIPA guidelines to keep it secure
- Destroy biometric data according to BIPA guidelines
How to File a Lawsuit for BIPA Violations
Mishandling of biometric data is a serious issue because this can make the data vulnerable to breaches. Biometric data can be used by bad actors for identity theft.
If you believe that your biometric data has been mishandled by your employer or a different business or organization, talk to our attorneys at Anderson + Wanca.
We will review your case and determine if there has been a BIPA violation in the handling of your biometric data. You can file your lawsuit individually, or if the same offender has mishandled the biometric data of many people, your lawsuit can become part of a class action suit. We have experience with lawsuits pertaining to the BIPA and we have secured compensation for our clients.
Related Biometric Privacy Articles