This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Insights Insights
| 1 minute read

Biometric Suit in Illinois Time-keeping Case Settles for $3.4M

A franchise owner must pay $3.5M to settle employee claims in Illinois that it collected biometric information without appropriate consent and disclosure. The employer used a timeclock system that relied on fingerprint scans to authenticate the employee. Employees claimed that the employer had violated the state biometric privacy law (BIPA).  

Why It Matters

BIPA is one of the first biometric privacy laws in the US, although more are passed every year. The point of these laws is to ensure that unique information tied to an individual's physical or other indelible characteristics is treated with sensitivity in the digital age. Such laws commonly cover markers like fingerprints and facial recognition scans; and they may be broader than that. They may require extra work in terms of disclosing your privacy practices, changing how (or how long) you store data, seeking consent, or otherwise.  

Illinois has seen a cottage industry of employment biometric privacy claims spring up in the last five years, based on common practices such as fingerprint scans to log into time-keeping systems at work or used as a physical security mechanism to access certain premises.  Anyone with business operations in Illinois, and increasingly in other states, who collects or uses biometric information or data to manage their workforce is advised to take note.  

Redmond initially filed suit in Illinois state court, but the company had the case removed to federal court the following month. He alleges KBP Foods failed to tell him and other employees that their biometric information was being collected, to inform them of the specific purpose and length of time their fingerprints were being stored and used, to get written releases for capturing that data, and to make publicly available a data retention schedule or guidelines for permanently destroying their fingerprint information.


data security and privacy, hill_mitzi, insights, franchising