Lawsuit abuse watchdog urges Illinois to fix the state’s biometric
privacy law
Send a link to a friend
[October 20, 2023]
By Kevin Bessler | The Center Square
(The Center Square) – With the fall veto session approaching, a lawsuit
abuse watchdog is urging Illinois lawmakers to use the time to fix the
state's Biometric Information Privacy Act, or BIPA.
In February, the Illinois Supreme Court ruled in a case involving White
Castle that a legal claim accrues each time a private entity scans a
person’s biometric identifier without their consent. Each day, White
Castle required its employees to scan their fingerprints to clock in and
access their computers. To authorize each employee's access, a
third-party vendor would verify each scan. In doing so, however, White
Castle neglected to acquire their employees' consent, a violation under
current BIPA law.
In its ruling, the court also acknowledged that the current law is a
potential business killer and it is up to the Illinois General Assembly
to "review these policy concerns about potentially excessive damage
awards" and "make clear its intent."
White Castle filed a petition for rehearing, arguing that the high court
incorrectly interpreted the law. In July, the court denied the petition
for rehearing and upheld the standard that BIPA claims accrue upon each
scan or transmission.
Phil Melin, executive director of Illinois Citizens Against Lawsuit
Abuse, said lawmakers should put politics aside and do the right thing.
[to top of second column]
|
“What we think needs to happen is basically the Illinois legislature
should follow the recommendations of the Illinois Supreme Court in their
decision on the White Castle case and they should remove the per-instant
requirement every time somebody checks in and out with their biometric
information,” Melin told The Center Square.
Melin points to a story shared by a small McHenry County company being
sued under BIPA.
“The owner told me his insurance coverage doesn’t cover BIPA exposure
and that his business may have to agree to a massive settlement just to
survive. He said the fingerprint information collected was always secure
and never shared outside the firm, but he faces a $5,000 penalty for
every instance one of his employees checked in and out of work," Melin
said.
Illinois business, health care and technology groups have been outspoken
in their opposition to the law, including proposed changes during the
spring session of the General Assembly. One proposed change included a
50% increase in the minimum penalty businesses face for violating BIPA
that could be awarded in future cases, but that measure stalled in
committee.
Melin said if the law isn’t addressed during the fall veto session,
Illinois businesses will suffer.
“I think we are just going to see a continued explosion of BIPA
lawsuits, with the possibility of insurance companies being savvy to it
and not covering it,” said Melin. “You’re going to see some real carnage
out there.”
The fall veto session begins Tuesday, Oct. 24th.
|