Artikel: Biometric Information Privacy Act GudangMovies21 Rebahinxxi

    • Source: Biometric Information Privacy Act

      • The Biometric Information Privacy Act (BIPA) is a law set forth on October 3, 2008 in the U.S. state of Illinois, in an effort to regulate the collection, use, and handling of biometric identifiers and information by private entities. Notably, the Act does not apply to government entities. While Texas and Washington are the only other states that implemented similar biometric protections, BIPA is the most stringent. The Act prescribes $1,000 per violation, and $5,000 per violation if the violation is intentional or reckless. Because of this damages provision, the BIPA has spawned several class action lawsuits.


      Provisions


      The BIPA requires companies doing business in Illinois to comply with a number of requirements pertaining to the collection and storage of biometric information. These include a requirement that companies:

      Obtain consent from individuals if the company intends to collect or disclose their personal biometric identifiers.
      Destroy biometric identifiers in a timely manner.
      Securely store biometric identifiers.
      A key area of focus is that an entity must use a "reasonable standard of care" in managing biometric information and identifiers.


      Standing


      BIPA is the only law in the U.S. that provides a private right of action to any individual who is aggrieved by a violation. However, in order to litigate a BIPA action in federal court, the aggrieved person must have federal constitutional standing otherwise known as Article III standing. Generally, Article III standing requires that a plaintiff suffer an injury to a legally protected interest that is causally connected to the defendant's conduct and such injury will likely be addressed by a court's decision.


      Legislative history


      Senate Bill 2400, which eventually became the Biometric Information Privacy Act, was introduced by State Senator Terry Link on February 14, 2008; it passed both Houses of the Illinois General Assembly on July 10, 2008, and was approved by then-Governor Rod Blagojevich on October 3, 2008. The purpose of the Act was to establish standards of conduct for private entities that collect or possess biometric information. In 2016, Senator Link proposed and later withdrew an amendment to the Act that would have limited the Act's application to biometrics collected in public.


      = Proposed Federal Regulation

      =


      The National Biometric Information Privacy Act


      On August 3, 2020, Senator Jeff Merkley introduced the National Biometric Information Privacy Act of 2020 (Senate Bill 4400). While the Act contains provisions similar to BIPA it is more expansive than BIPA. If passed, the Bill would be the first of its kind to regulate biometric information on a national scale.


      Notable cases


      As biometric technology advances, there have been a number of lawsuits related to data collection methods, as well as various levels of protection over data. Using fingerprints as ways of clocking in and clocking out of work is an example of a technology that fights what is known as "buddy punching" or the practice of using somebody else to clock in for another worker at a job. In Illinois, the Biometric Information Protection Act law allows people to sue employers for mishandling biometric data. According to the Cook County Record, "In Illinois, both the parent company of Mariano's supermarkets and the Intercontinental Hotel Group have been hit with class action lawsuits alleging they improperly collected and stored employee fingerprints and other biometric data."


      = Federal court cases

      =
      In re Facebook Biometric Info. Privacy Litig., 185 F. Supp. 3d 1155 (N.D. Cal. 2016)

      Illinois Facebook users alleged that the social media platform violated the BIPA when it scanned images of their faces, without consent, in order to run its Tag Suggestions feature; a California federal court certified the class in 2018.
      Monroy v. Shutterfly, Inc., No. 16 C 10984, 2017 WL 4099846 (N.D. Ill. Sept. 15, 2017)

      Shutterfly users claimed that the company violated the BIPA when it scanned uploaded digital photos using facial recognition software. On September 15, 2017, Northern Illinois District Court Judge Joan B. Gottschall denied a motion to dismiss the lawsuit.
      Rivera v. Google, Inc., 238 F. Supp. 3d 1088 (N.D. Ill. 2017)

      Google users sued the company for violating the BIPA, alleging that it created and stored scans of users' faces on its Google Photos service, without user consent. On February 27, 2017, Northern Illinois District Court Judge Edmond E. Chang denied a motion to dismiss the lawsuit but on December 29, 2018, the lawsuit was dismissed for lack of standing.
      McDonald v. Symphony Bronzeville Park LLC, N.E.3d (Ill. App. Ct. Sept. 18, 2020).

      A nursing home violated BIPA when it collected an employee's biometric data for time tracking purposes without disclosing or obtaining consent from the employee. The Illinois Supreme Court will determine whether the Worker's Compensation Act provides employers with a defense against BIPA claims by their employees.


      = State court cases

      =
      Rosenbach v. Six Flags Entm't Corp., 2019 IL 123186

      Six Flags was sued for collecting park-goers thumbprints without informed consent. The Illinois Court of Appeals ruled that a mere technical violation of the BIPA was insufficient to maintain an action, because it did not necessarily mean a party was "aggrieved," as required by the statute. This was reversed by the Illinois Supreme Court which ruled that users do not need to prove an injury (such as identity fraud or physical harm) in order to sue; the mere violation of the act was sufficient to collect damages.
      Additionally, an employee of the NorthShore University HealthSystem has sued the company for allegedly collecting worker fingerprints without their consent, in violation of the Illinois Biometric Information Privacy Act. In Cook County Circuit Court, the employee alleged "that the defendant scanned and digitally collected his fingerprints without consent, for use with a biometric employee punch clock."


      Settlements


      On December 1, 2016, the first settlement involving the BIPA was approved by a judge in Cook County, Illinois. The class action lawsuit was against L.A. Tan Enterprises, Inc. and settled for $1.5 million, which included between $125 and $150 for each class member who filed a claim.
      In February 2021, Judge James Donato approved a $650 million settlement in the federal In re Facebook Biometric Info. Privacy Litig. case, praising the settlement as "a major win for consumers in the hotly contested area of digital privacy." Two class members have appealed the settlement to the United States Court of Appeals for the Ninth Circuit.


      Challenges


      There was a bill (SB3053) pending before the Illinois legislature to amend the BIPA. The bill proposed to exempt private entities from the BIPAs requirements under a number of circumstances, including (1) if the biometric information is used "exclusively for employment, human resources, fraud prevention, or security purposes", (2) if the company "does not sell, lease, trade or similarly profit" from the biometric information, or (3) if the company protects biometric information at least as securely as it secures other sensitive information. The bill never got out of committee, and expired 2019.
      SB3053 was viewed by privacy advocates as an attempt to entirely gut the BIPA. It received significant opposition from many groups that advocate for digital privacy rights, including the Electronic Frontier Foundation.
      During Facebook founder Mark Zuckerberg's testimony before Congress on April 10, 2018, in the aftermath of Facebook's scandal with Cambridge Analytica, Senator Dick Durbin questioned Zuckerberg about Facebook's support for SB3053.


      Related state-level bills and laws


      There are a number of similar bills that have been introduced in states across the country. These include:

      Michigan, 2017 Bill Text MI H.B. 5019
      New Hampshire, 2017 Bill Text NH H.B. 523 (amended and passed in 2018 as NH H.B. 523)
      Alaska, 2017 Bill Text AK H.B. 72
      Montana, 2017 Bill Text MT H.B. 518
      New York, 2021 Assembly Bill 27 & Senate Bill 1933.


      Foreign equivalents


      On May 25, 2018, the EU effectuated the General Data Protection Regulation (GDPR), one of the world's strongest data protection regulations to date.


      References




      External links


      Biometric Information Privacy Act (740 ILCS 14)

    Kata Kunci Pencarian:

    biometric information privacy actbiometric information privacy act illinoisbiometric information privacy act canadabiometric information privacy act australiabiometric information privacy act bipa illinoisbiometric information privacy act 740 ilcs 14biometric information privacy act newsbiometric information privacy act statesbiometric information privacy act californiabiometric information privacy act exclusionSearch Results

    Artikel Terkait "biometric information privacy act"

    740 ILCS 14/ - Biometric Information Privacy Act. :: 2023 Illinois ...

    03 Okt 2008 · "Biometric information" means any information, regardless of how it is captured, converted, stored, or shared, based on an individual's biometric identifier used to identify an individual.

    Biometric Information Privacy Act - Wikipedia

    The Biometric Information Privacy Act (BIPA) is a law set forth on October 3, 2008 in the U.S. state of Illinois, in an effort to regulate the collection, use, and handling of biometric identifiers and information by private entities. [1]

    S.4400 - National Biometric Information Privacy Act of 2020

    03 Agu 2020 · To regulate the collection, retention, disclosure, and destruction of biometric information, and for other purposes. Mr. Merkley (for himself and Mr. Sanders) introduced the following bill; which was read twice and referred to the Committee on the Judiciary.

    740 ILCS 14/1 - Illinois General Assembly

    Biometric information does not include information derived from items or procedures excluded under the definition of biometric identifiers. "Confidential and sensitive information" means personal information that can be used to uniquely identify …

    Biometric Information Privacy Act (BIPA) - ACLU of Illinois

    WHAT DOES BIPA DO? BIPA establishes standards for how companies must handle Illinois consumers’ biometric information. In addition to its notice and consent requirement, the law prohibits any company from selling or otherwise profiting from consumers’ biometric information.

    The Biometric Information Privacy Act - American Bar Association

    18 Nov 2024 · In 2008, the Illinois legislature passed the Illinois Biometric Information Protection Act (BIPA). The act regulates the “collection, use, safeguarding, handling, storage, retention and destruction of biometric identifiers and information.”

    Illinois General Assembly - Full Text of Public Act 095-0994

    Biometric Information Privacy Act. Section 5. Legislative findings; intent. The General . financial transactions and security screenings. stores, gas stations, and school cafeterias. used to …

    BIPA Update: Illinois Limits Liability and ... - Greenberg Traurig

    14 Agu 2024 · Illinois legislature amends Illinois Biometric Information Privacy Act (BIPA or the Act) to provide that a company which collects the same biometrics multiple times from the same individual in violation of the law is liable only for a single violation.

    Illinois changes biometric privacy law to help corporations avoid …

    06 Agu 2024 · Illinois has changed its Biometric Information Privacy Act (BIPA) to dramatically limit the financial penalties faced by companies that illegally obtain or sell biometric identifiers such as eye...

    Is Biometric Information Protected by Privacy Laws?

    20 Jun 2024 · In 2008, Illinois became the first state to enact a biometric data privacy law. The law requires entities that use and store biometric identifiers to comply with certain requirements and provides a private right of action for recovering statutory damages when they do not.