This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Insights Insights
| 1 minute read

Illinois Employee Biometric Suit Could Help Shape Privacy Consent Requirements in Workplace

The Illinois privacy law covering "biometric" information has been a subject of intense litigation between employees and employers for several years. A pending case may offer some guidance to employers on how their compliance and consent plans should be structured.  

At issue is a fingerprint scan system, commonly used by employers for either timekeeping or workplace access. One issue currently before the court is whether the employer violated an employee's privacy rights by not getting her consent every time she scanned (rather than only getting it before her first scan).

Why It Matters

Any employer with a fingerprint or retinal scan system is likely to view a "consent every time" requirement as extremely burdensome for a technology that is supposed to make certain administrative procedures more routine and efficient. Although any ruling on the issue will affect only employers with employees in Illinois, the precedent of "consent every time" would be a troublesome one in the privacy setting; after all, most websites do not operate that way. (Think of the cookie banners that let you accept or reject cookies, which banners you never see after your first visit to a site.) In addition, many states now have privacy laws on the books, and more are expected.  If one state adopts a "consent every time" model regarding either employee data or biometric data, other states may reasonably be expected to copycat that standard.  For employers especially, this could mean big compliance hurdles in certain states as they roll out employee authentication systems.  

Employers today are unsure, for example, whether they should receive consent each and every time their employees scan a fingerprint to clock in and out for shifts and breaks, or just the first time they collect those workers' personal identifying information and share that data with third parties such as payroll servicers.


hill_mitzi, insights, data security and privacy