Without personal data privacy violation class actions, large corporate defendants would be able to cause small amounts of harm over a large group of individuals without any risk of monetary penalty. By holding companies accountable for safely storing your personal information, every consumer will have more control over how their data is used in the future.
Under current privacy law the firm or organization that is storing user data are responsible for data breaches and will pay any fines or damages that are the result of legal action. The actual data holder—an organization that provides cloud storage—is not usually legally implicated or held responsible in litigation.
A recent privacy bill in Maryland proposes that a biometric identifier is defined as “data of an individual generated by automated measurements of an individual’s biological characteristics.” This could include fingerprints, voiceprints, DNA, retina or iris image, or any other unique biological characteristic used to uniquely authenticate an individual’s identity.
Biometric systems of clocking in with fingerprints and facial or retinal scans may be legal, but companies are limited on how they can collect and store this kind of data. Businesses need to understand and adhere to privacy laws and establish biometrics privacy policies.
The majority of BIPA lawsuits are filed against employers who utilize biometric timekeeping systems with fingerprint or facial recognition scans, and collect the employee biometric data.
Motorola, Clearview AI and Vigilant are facing legal action for allegedly collecting mugshots that were used by law enforcement. Microsoft, Amazon, Alphabet, and FaceFirst Inc. are alleged to have violated privacy laws by collecting photos for facial recognition data from the website, Flickr.
A proposed class action alleges Ring, LLC has failed to protect the privacy of its motion-activated cameras and the personal information of its customers. The complaint alleges Ring’s devices are rife with security vulnerabilities, which may compromise the personal data of existing and future customers.
Cyber criminals may have the potential to hack into Ring devices and home networks. The lawsuit aos brings to light the fact that Ring has shared users’ personal identifying information with third parties without first obtaining prior consent. The complaint says the devices are not well-equipped to deal with potential hacks.
Plaintiffs in the case want Ring to take additional security measures to protect the privacy of user accounts and installed devices, as well as stop sharing personal data without clear and informed consent.
Reports have surfaced that several user accounts and devices were hacked, and plaintiffs argue the company was late in addressing security issues.
Beyond the security issues, Ring permits third parties to track users, raising eyebrows from consumer safety and data privacy advocates.
Yes, there are laws that protect consumers and employees from blatant cases of data theft, data breach, and data misuse. If any company has collected data without consent, they may be in violation of the law, and a lawsuit may be filed.
Biometric privacy laws and regulations are created so companies and organizations are aware how they should handle and safeguard personal data. Laws detail the specifics of data collection, retention, and destruction of the data in question.
In 2008, Illinois was the first state to pass a law regulating the collection and subsequent use of biometric personal data. Because the Illinois Biometric Information Privacy Act (BIPA) allows for a private right of action, it has been crucial for past data privacy cases.
Only a few states currently have biometric data privacy laws, though some pending bills are making their way for approval. Illinois, Texas, and Washington currently have biometric privacy laws, with many lawsuits being filed citing violations described in the Illinois statute.
Another biometric privacy bill has been introduced by South Carolina, called the Biometric Data Privacy Act (BDPA). The BDPA incorporates existing biometric privacy statutes along with a broader range of protections. Violations may result in individuals being able to recover $1,000 in statutory damages per negligent violation and $10,000 per intentional or willful violation. The BDPA requires companies to adhere to the following:
The National Biometric Information Privacy Act of (NBIPA) has been pending in the U.S. Senate since August 2020. NBIPA requires informed written consent prior to collecting or capturing biometrics, and also imposes retention, disclosure, and destruction requirements. NBIPA also provides a private right of action for violations, with statutory damages of $1,000 or $5,000.
Lawmakers established the Illinois Biometric Information Privacy Act (BIPA) in 2008 in response to the growing use concern of biometric data misuse. The Act seeks to help regulate the “collection, use, safeguarding, handling, storage, retention, and destruction of biometric identifiers and information.”
According to the BIPA, biometric identifiers may include:
The BIPA addresses the retention, collection, disclosure, and destruction of personal biometric data. Private entities collecting biometric data must inform subjects of the data collection and provide the specific purpose and the length of the collection term. The subject must provide a written release.
Under the BIPA, any person harmed by a privacy violation has a right of legal action. Plaintiffs may recover damages of $1,000, and for intentional or reckless violations, up to $5,000 in liquidated damages or actual damages, whichever is greater.
An invasion of privacy is the unjustifiable intrusion into the personal life of another without proper consent. This is a broad definition that includes a variety of privacy matters, including:
Filing Class Action lawsuits is a complex and serious legal course and can carry monetary sanctions if proper legal course is not followed. The Lyon Firm is dedicated to assisting injured plaintiffs work toward a financial solution to assist in compensating for privacy violations or other damages sustained.
We work with law firms across the country to provide the most resources possible and to build your data privacy case into a valuable settlement. The current legal environment is favorable for workers and consumers involved in data privacy class actions.