Breaking Down Biometric Data

Published On November 16, 2017 | By Jon Frankel and Jill Guidera Brown | Practical Advice, Privacy
TwitterLinkedInFacebookRedditCopy LinkEmailPrint

As businesses use biometrics – such as fingerprint, iris, and face scans – in financial transactions, for security and authentication, and in connection with social media, they have been compelled to learn about biometric privacy laws, especially the Illinois Biometric Information Privacy Act (“BIPA”). Indeed, BIPA has become the new darling of creative class action lawyers, who can exploit BIPA’s significant per violation statutory damages of $5,000 to extract large settlements without having to prove that members of the class have suffered any actual harm. As a result, a slew of BIPA class action cases have been filed in the last couple of years, including against social media and tech companies like Google, Facebook and Shutterfly, as well as other businesses, like restaurants, food chains, gas stations, and a day care center.

Biometrics privacy litigation does not appear to be disappearing anytime soon as other states look to follow Illinois’s lead and pass their own laws. In light of the increased focus on biometrics privacy by state legislatures and class action lawyers, many businesses may be struggling to determine whether they are subject to BIPA and, if so, how to comply. Our flowchart below provides some guidance. But, remember our disclaimer – this is not legal advice. If you have any questions about how BIPA applies to your business or how to comply, feel free to contact Jon.

Created using Visme. An easy-to-use Infographic Maker.


About The Authors

Jon Frankel has been advising clients on privacy, data security, e-commerce, intellectual property and litigation matters for more than 15 years. Jon provides practical advice to mitigate privacy and data security risks and helps clients navigate a myriad of complex data collection, use and sharing cases. Jon advises on health and children’s privacy; email, SMS and telemarketing; mobile applications; user generated content; contests, promotions, and sweepstakes, online gaming; and requests from law enforcement. Prior to joining ZwillGen, Jon was a partner in the Washington, D.C. office of Bingham McCutchen, LLP, where he co-chaired the Privacy and Security Group.