(The Center Square) – Illinois has some of the strictest biometric privacy laws in the country, but one group is calling for changes following a high court ruling.
The case involved White Castle and its practice of scanning fingerprints to check in workers, a violation of the Biometric Information Privacy Act in Illinois. BIPA requires informed consent before collection or disclosure of an individual’s biometric information.
The Illinois Supreme Court Court ruled 4 to 3 Friday that a separate claim could be made for every single finger scan. The court noted in the dissent that the decision could have a “crippling” impact on Illinois businesses.
“It will lead to consequences that the legislature could not have intended,” Justice David Overstreet argued.
Violations can come with $1,000 fines, and for intentional or reckless violations, the penalties are $5,000 each. White Castle has nearly 10,000 employees, so the fine would be massive.
“Seventeen billion dollars for statutory violations,” Phil Melin, executive director of Citizens Against Lawsuit Abuse-Illinois, told The Center Square. “That is going to kill businesses, and the Supreme Court said as much in their decision, I mean literally, White Castle won’t be able to pay that much money.”
White Castle contended alleged claims can accrue only once when the biometric data is initially collected, but the court disagreed.
“The minority reasoning on that case said, ‘listen, you only took their bio information once and each time they checked in that wasn’t recollecting fingerprint data because they already had it’,” Melin said.
Other companies have been hauled into court after claims they violated BIPA, including Google, SnapChat and Facebook. Last year, more than one million Facebook users in Illinois received checks following a $650 million settlement in a class-action lawsuit alleging the social media company violated residents’ rights by collecting and storing scans of their faces without permission.
As for the latest ruling by the high court, Melin said Illinois lawmakers need to tweak the law.
“The Illinois’ Biometric Information Privacy Act is a poorly drafted law that allows trial attorneys to obtain ludicrously excessive damage amounts that are far out of proportion with any sane estimation of harm,” Melin said. “The ramifications of this decision will extend beyond the financial destruction of one beloved 102-year-old Midwest restaurant chain, as the shock waves of this decision ripple through the Illinois economy.”