A handful of class action lawsuits filed against Facebook in 2015 by Illinois residents began a legal course that will now allow a large number of eligible Illinois Facebook users to obtain a portion of lawsuit settlement money. Facebook’s $650 million settlement in the ‘In re Facebook Biometric Information Privacy LitigIn re Facebook Biometric Information Privacy Litig.’ case came thanks to the company’s violation of a unique Illinois law.
In 2008 the Illinois General Assembly passed the Biometric Information Privacy Act with the intent of guarding against the illegal collection and storing of biometric data (data that measures a user’s physical characteristics.) One of the main provisions of the law is that companies operating in the state of Illinois must gain written consent from users before collecting or disclosing their personal biometric data. When Facebook began collecting biometric data in 2010 for their face-tagging feature there was no effort to acquire written consent from users, and the company only began asking users for opt-in permission in 2019.
File a claim before November 23rd
Last month California Northern District Judge James Donato approved Facebook’s $650 million settlement for the case, and now Illinois users have until November 23, 2020 to submit a claim for a portion of the settlement money either online or by mail. It is estimated that those who have an approved claim will receive between $200-$400, but the exact amount will depend on the number of valid claims filed. In order for a claim to be deemed eligible the applicant must be a Facebook user who has lived in Illinois for at least 183 days, and who has had a face template created and stored by Facebook following June 7, 2011. Claims can be filed online at https://kccsecure.com/facebookbipaclassaction/Claimant
Biometric Information Privacy Act
(740 ILCS 14/15)
Sec. 15. Retention; collection; disclosure; destruction.
(a) A private entity in possession of biometric identifiers or biometric information must develop a written policy, made available to the public, establishing a retention schedule and guidelines for permanently destroying biometric identifiers and biometric information when the initial purpose for collecting or obtaining such identifiers or information has been satisfied or within 3 years of the individual’s last interaction with the private entity, whichever occurs first. Absent a valid warrant or subpoena issued by a court of competent jurisdiction, a private entity in possession of biometric identifiers or biometric information must comply with its established retention schedule and destruction guidelines.
(b) No private entity may collect, capture, purchase, receive through trade, or otherwise obtain a person’s or a customer’s biometric identifier or biometric information, unless it first:
(1) informs the subject or the subject’s legally authorized representative in writing that a biometric identifier or biometric information is being collected or stored;
(2) informs the subject or the subject’s legally authorized representative in writing of the specific purpose and length of term for which a biometric identifier or biometric information is being collected, stored, and used; and
(3) receives a written release executed by the subject of the biometric identifier or biometric information or the subject’s legally authorized representative.