This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Insights Insights
| 1 minute read

First Biometric Privacy Verdict in Illinois Exceeds $200M

Employers who have personnel in Illinois have been hard hit with class actions in the last few years under the state's biometric data privacy law (BIPA). Until October, none had gone through a full trial to a jury, however. Now, railroad company BNSF has taken a case through trial and lost, to the tune of $228 million in damages. BNSF was sued by a delivery driver who represented a class of 44,000 truck drivers alleging that the rail company illegally scanned their fingerprints (i.e., without proper notice and consent) as part of security measures used when drivers pick up or drop off loads at rail yards. BNSF used a contracted security company to scan and collect fingerprints.  

Why It Matters

The jury took just over an hour to deliver its verdict, signaling strong feelings about the violations at issue.  The jury assessed statutory damages for 45,000+ willful BIPA violations based on the number of drivers at issue. That in itself is alarming from an employer perspective, and merits a close review of the disclosures made and consents obtained from employees and contractors at Illinois facilities that use fingerprint, retina, or facial recognition scans as part of access controls. In addition, the fact that BNSF is being held liable for the omissions of its contractor suggests that employers should vet their contractor practices carefully and review contracts carefully.  

After a five-day trial and just over an hour of deliberation, jurors found in favor of lead plaintiff Richard Rogers, who claimed BNSF unlawfully scanned his and other drivers' fingerprints for identity verification purposes without written, informed permission or notice while he visited BNSF rail yards to pick up and drop off loads.


data security and privacy, hill_mitzi, insights