Two more companies are under fire for alleged violations of the Illinois Biometric Information Privacy Act (BIPA).
Loews Hotel in Chicago was recently sued in the Circuit Court of Cook County for allegedly violating BIPA by collecting employees’ biometric information and sharing it with third parties without the employees’ consent.
According to the suit against Loews, which is reaping the benefits of collecting employees’ fingerprints through its timekeeping system and putting the employees’ identities at risk. The named plaintiff alleges that the collection of his fingerprints exposes him to identity theft. He further alleges that Loews is sharing employees’ biometric data with third-party vendors, including its payroll processor.
In another suit recently filed in Illinois, U-Tec Group Inc., a manufacturer of door locks that opens with fingerprints has also been sued with allegations of violations of BIPA.
U-Tec manufactures smart door locks that can be opened with a fingerprint or through a mobile app. The suit alleges that it violated BIPA by failing to inform customers that it would be collecting and storing their biometric information, and how long the fingerprints would be stored. As a result, the customers were unable to make an informed decision on the risks associated with providing their biometric information to U-Tec. Further, the Complaint alleges that U-Tec failed to obtain customers’ written consent to collect the fingerprints and failed to advise them whether the information is being transmitted to third parties.
These cases are instructive for companies doing business in the State of Illinois, and manufacturers of smart technology using biometric information, on procedures to be taken prior to collection, use, storage and disclosure of biometric information to third parties.