On August 2, 2024, Governor J.B. Pritzker signed into law an amendment to the Biometric Information Privacy Act (BIPA). This amendment is intended to address concerns about potentially crippling damages that could be awarded under BIPA following a 2023 Illinois Supreme Court decision in a case brought by White Castle restaurant workers against the fast food franchise. In that case, the Court ruled that an individual claim may be brought under the Act each and every time a private entity unlawfully scans or transmits an individual’s biometric information –the company required employees to scan their fingerprints to access pay stubs and restaurant computers and would then transmit the data to a third party for verification –meaning that every time an employee clocked in and out for the day, or even in and out for a break, another claim accrued. The ruling inevitably led to a profusion of very expensive lawsuits and settlements.
Now, thanks to the amendment, private entities are finally receiving some protection from the ruling. Under the new law, when a private entity unlawfully obtains an individual’s biometric information, only a single claim can be brought when the identifier or information was collected from the same person using the same method of collection. The same single claim verbiage was also applied to the section of BIPA relating to unlawful disclosure of biometric information.
The amendment provides much-needed protection for private entities facing excessive claims under BIPA – but only against future claims. Unfortunately, it does not apply retroactively.
Thus, though the likely impact of a BIPA lawsuit has been diminished due to the amendment, these claims are still subject to being brought as class actions with the potential for significant damages awards. As such, it remains imperative that your business comply with the Biometric Information Privacy Act.
We’re here to help. If you have concerns, please contact Charles Valente or Heather Kuhn O’Toole at MPS Law so that we can help you quickly comply with BIPA and minimize any existing risks.