Amendments to limit biometric data privacy damages advance in Illinois’ House

A bill to amend America’s most punitive biometric data privacy law is advancing in the Illinois legislature.

As the bill to state that claims under the Biometric Information Privacy Act do not accrue with each individual scan passed from the state Senate to the House, support for it has become a partisan issue. Democrats on the House Judiciary-Civil Committee approved the amendment, and all Republicans voted in opposition, local outlet WGEM reports.

House sponsor Rep. Ann Williams says the bill will maintain BIPA privacy protections while addressing a prohibitive liability burden, which could see small businesses hit with millions of dollars in damages for procedural violations.

Illinois’ Senate passed the bill with a bipartisan vote last month. Damages would be capped at $1,000 per person for negligent violations, and $5,000 for malicious ones, rather than accumulating with each scan, for instance clocking in and out from work each day.

WGEN quotes a small business owner saying BIPA is outdated, and reports that opponents say the amendment should also include retroactive liability protections. Senate sponsor Sen. Bill Cunningham says the amendments give courts leeway to determine liability.

A second reading and short debate have been placed on the House calendar.

Biometrics vendor decision fallout

Anviz Global is the latest biometrics provider being sued under BIPA, with allegations that it failed to comply with informed consent obligations before processing the biometrics of an employee of a company that uses its technology for time and attendance tracking. Anviz is also accused of failing to provide a data retention schedule.

Plaintiff Keesha Steptour worked for All Fleet, which used face biometrics from Anviz for timekeeping, for less than a year. During that time, she performed four facial scans per day, according to a court filing hosted by Bloomberg. The filing suggests Steptour could represent a class of hundreds of thousands of Illinois residents.

A federal court decided last year that third-party biometrics vendors can be liable under BIPA.

Article Topics

Anviz Global  |  biometric data  |  Biometric Information Privacy Act (BIPA)  |  biometrics  |  data protection  |  lawsuits