What Businesses Need to Know about the Illinois’ Biometric Information Privacy Act

Biometric Update

This is the first article in a two-part series examining Illinois’ Biometric Information Privacy Act (BIPA) and the recent flood of class action lawsuits alleging biometric privacy law violations. This article explains the legal requirements of BIPA, and the impact of the Illinois Supreme Court’s January 2019 Rosenbach v. Six Flags Entertainment Corp. decision, which opened the gates for individuals to sue businesses utilizing biometric data for mere technical or procedural violations. The second article provides tips and strategies for corporate defendants to effectively defend against BIPA class action suits.

Overview of biometric data use.

Biometric data generally encompasses unique, measurable human biological or behavioral characteristics—including fingerprints, voiceprints, and scans of the hand or face geometry—for identification and authentication purposes. Indeed, finger and facial recognition has become so commonplace most would not think twice before using biometrics to login to their smartphone; take and organize pictures in their mobile photo app; or authenticate credit card transactions. Biometric data is also widely used by employers to provide secure building access; tracking employee time and attendance; and authenticating users’ identities for increased computer and mobile device login security.

To read the full article, please click here.

“What Businesses Need to Know about the Illinois’ Biometric Information Privacy Act,” by Ana Tagvoryan, Jeffrey N. Rosenthal, and David J. Oberly was published in Biometric Update on October 1, 2019. Reprinted with permission.