Hyatt Corp. was hit with a class action suit this week for allegedly violating the Illinois Biometric Information Privacy Act (BIPA) by collecting and storing employees’ fingerprints. This is the latest in a string of suits over the same complaint—employers using employees’ fingerprints for time clock systems without their written consent.

The named plaintiff alleges that she has to clock in and out of work using a fingerprint scanner. She alleges that Hyatt never obtained her written consent to collect her fingerprint, which is a violation of BIPA, nor did it inform her of how her fingerprints would be used, how they would be stored and for how long, and when they would be destroyed.

She alleges that Hyatt is putting her at risk of identity theft in the event that there is a data breach and her fingerprints—her biometric information—is exposed.

Bob Evans was also sued this week in Illinois state court by a proposed class of employees who allege that it violated BIPA by requiring workers to provide their fingerprints and then scan them into a point of sale system. The named plaintiff alleges that Bob Evans is allowing her fingerprints to be stored by a third-party, and that obtaining her fingerprints were a condition of her employment. She alleges that Bob Evans failed to provide her with any information about how her fingerprints would be retained, destroyed, used or disseminated.