To print this article, all you need is to be registered or login on Mondaq.com.
The Illinois Senate recently passed legislation by a 46-13 vote
that would significantly amend the Illinois Biometric Information
Privacy Act (“BIPA”).1 Senate Bill 2979
(“SB2979′), which Senate President Pro Tempore William
Cunningham introduced, includes a significant benefit to
corporations, employers, and other private entities in Illinois by
clarifying that, in a case where the same violation occurs more
than once, it would constitute only one violation for purposes of
statutory damages.2 Currently, courts have interpreted
BIPA to permit for an accrual of claims for the same violation,
which can lead to catastrophic-like damages. The bill now advances
to the State’s House of Representatives for possible hearings
and a vote.
SB2979 addresses an issue highlighted in Cothron v. White
Castle System, Inc. , 216 N.E.3d 918 (Ill.
2023). There, the Illinois Supreme
Court noted that BIPA’s liquidated damages scheme exposed
private entities to ‘ruinous’ damages which could result in
the financial destruction of businesses operating in Illinois.
Currently, a business that allegedly violates BIPA faces potential
liquidated damages of $1,000 to $5,000 per biometric scan
regardless of actual damages. The weight of risk has negatively
impacted employers—big and small—operating in Illinois.
For instance, employers using timekeeping systems incorporating
scanning technology often face massive potential liability as under
the Cothron ruling violations occurred each time an
employee clocked in and out, or interacted with the system for
security authentication purposes.3 Those timekeeping
systems often advertised themselves as not collecting biometrics at
all, but, based on BIPA’s wording, even information “based
on” biometrics could trigger liability. While the Court upheld
BIPA as-drafted, it suggested that legislators review the damages
provision.
Whether SB2979, if enacted, will be applied retroactively
remains to be seen.
Footnotes
1. See our previous reporting on the amendment’s
proposal at BIPA Update: Another Amendment Attempt for
Illinois Privacy Law (thompsoncoburn.com).
2. The proposed amendment can be read in full at Illinois-2023-SB2979-Introduced
(legiscan.com).
3. The defendant in Cothron faced over $17
billion in damages based on a 9,500 class size. See BIPA litigation update: Cothron’s
impact and employer BIPA defense affirmed
(thompsoncoburn.com).
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Privacy from United States
#BIPA #Update #Illinois #Step #Closer #Amending #Damages #Accrue #BIPA #Data #Protection
