Ropes & Gray data, privacy & cybersecurity associate Matthew Cin spoke with Law360, about Illinois’s recent amendments to its Biometric Information Privacy Act (BIPA). Ever since it was enacted in 2008, BIPA, which can restrict companies from collecting and sharing biometric data without data subjects’ consent, has been a source of privacy-related litigation and
Biometric Data
Biometric Privacy Update: Illinois Legislature Balances BIPA, but Don’t Mess with Texas
On Friday, August 2, Governor J.B. Pritzker of Illinois signed into law SB2979, an amendment to the state’s landmark biometric privacy law. The amendment offers a welcome step forward to correcting the rapid overexpansion of potential damages associated with violations of the law without curbing any of its privacy protections. The measure amends the state’s Biometric Information Privacy Act (“BIPA”) in two significant ways. First, the law, as amended now expressly includes electronic signatures as a form of “written release.” Second, the amendment limits actions for recovery to a maximum of one violation per plaintiff, rather than one violation per instance of collection or transmission of biometric information. This post examines the amendment and its impacts on businesses collecting biometric information in the state. We also highlight notable biometric privacy developments in Texas.Continue Reading Biometric Privacy Update: Illinois Legislature Balances BIPA, but Don’t Mess with Texas
ICO Publishes Biometric Data Guidance
On 5 March 2024, the UK data protection regulator (ICO) published guidance on biometric recognition (the Guidance), following a consultation with stakeholders in October 2023. The Guidance clarifies the concept and properties of biometric data and provides practical considerations for organisations contemplating or using biometric recognition systems.Continue Reading ICO Publishes Biometric Data Guidance
Employee Monitoring Technologies – Key Takeaways from Recent UK and EU Enforcement Decisions
Employee monitoring isn’t new, but its extent and how it has been conducted has seen significant changes in the last few decades; we have come a long way from the punch cards of the 1900s to the current use of video surveillance, e-comms monitoring and AI, among other monitoring tools.
Part of this comes from…
Ninth Circuit Affirms Ruling that Plaintiffs Have Article III Standing in Illinois Biometric Privacy Class Action
On August 8, 2019, a panel of the Ninth Circuit Court of Appeals affirmed a California district court’s decision allowing plaintiffs to proceed on claims against Facebook under the Illinois Biometric Information Privacy Act (“BIPA”), 740 Ill. Comp. Stat. 14/ (2008). Patel v. Facebook, Inc., 2019 U.S. App. LEXIS 23673. The ruling marks the first federal appellate court decision affirming a broad Article III standing precedent for plaintiffs asserting claims under BIPA – which may impact both BIPA cases as well as data breach cases under the California Consumer Privacy Act (“CCPA”). The appeals court also held that the potential for large statutory damages did not constitute grounds to refuse to certify the proposed class.
Continue Reading Ninth Circuit Affirms Ruling that Plaintiffs Have Article III Standing in Illinois Biometric Privacy Class Action