Companies are increasingly using employee fingerprints, hand scans, retina scans or facial recognition technology for timekeeping, as well as building, computer and smartphone access. In 2008, the Illinois Biometric Information Privacy Act (“BIPA”) was enacted to regulate the use, collection, storage, safeguarding, handling, retention and destruction of an individual’s fingerprints and identifying information from hand, retina and facial scans. BIPA defines these biologically unique traits as biometric identifiers. The individuals covered by BIPA include employees at companies using scanning devices.
In 2019, the Illinois Supreme Court held that employees do not need to demonstrate any actual harm to establish that they were “aggrieved” by their employer’s violations of BIPA. In short, a simple failure to follow BIPA’s requirements is enough to establish an employee’s “harm.” The Court’s decision has resulted in numerous class action lawsuits being filed in Illinois’ courts alleging violations of BIPA. Because BIPA permits monetary recovery for negligent and intentional violations of the Act and for reasonable attorneys’ fees and costs, many plaintiffs’ attorneys are now focused on this statute.
Every company with employees in Illinois (regardless of whether the company is Illinois-based) should (1) determine if any of its timekeeping, building access, computer access, smartphone access, or any other systems use, collect, or store biometric identifiers and (2) take immediate risk reduction and compliance measures to comply with BIPA’s specific requirements.
© 2022 Masuda, Funai, Eifert & Mitchell, Ltd. All rights reserved. 本書は、特定の事実や状況に関する法務アドバイスまたは法的見解に代わるものではありません。本書に含まれる内容は、情報の提供を目的としたものです。かかる情報を利用なさる場合は、弁護士にご相談の上、アドバイスに従ってください。本書は、広告物とみなされることもあります。