Seyfarth Synopsis: The plaintiffs’ bar has recently brought a flurry of class action lawsuits against businesses under the Illinois Biometric Information Privacy Act, commonly known as “BIPA.”  In this Vlog, Seyfarth Shaw Associate Alex Karasik sits down with esteemed class action litigator, Partner Jerry Maatman, to discuss this emerging legal trend, and to provide employers guidance on how to prevent and defend against BIPA class actions.

Background

Unique to the state of Illinois, the Biometric Information Privacy Act was the first of its kind enacted by a state legislature.  In light of the technological advancements of the past decade, the Illinois legislature enacted this law to protect the “biometric data” of individuals, including their fingerprints, retinal scans, and facial recognition.  Since BIPA’s passage in 2008, a number of states have followed suit and added “biometric data” to their privacy laws. 

Implications For Employers

Recently, there has been a major uptick in ligation across the country involving biometric technology, and there are no signs of this trend slowing down.  In terms of preventive measures, business should establish sound protocols for the handling and dissemination of biometrics.  This is important because, in this day and age, biometric data can be used to access sensitive personal information.  Businesses should thus be cognizant of the biometric data laws in the states where they operate and closely examine whether their own policies and procedures are compliant.

Businesses must also be prepared to defend against a potential lawsuit under a biometric privacy statute.  Following the U.S. Supreme Court’s decision in Spokeo, Inc. v. Robins 136 S. Ct. 1540 (2016), the concept of “standing” has become highly relevant in employment law.  As such, when confronted with a BIPA suit, businesses should focus on whether the plaintiffs suffered a traceable harm stemming from the actions taken on their biometric data.