Federal Judge allows class action lawsuit against Facebook to proceed
Fresh from being grilled for two days in Congressional hearings about unethical privacy policies, U.S. magistrate judge, James Donato ruled that a 2015 class action lawsuit against Facebook’s collection of biometric data of Illinois residents held enough merit to go to trial.
The class action lawsuit says Facebook collected and stored data of users based in Illinois through its facial recognition app after June 7, 2011, the day the company launched a feature that allowed the “tagging” of people after a picture of them was posted.
Two claims Facebook stated in the case was that “servers aren’t in Illinois, so Illinois law doesn’t apply” and the tagged photos used in its facial recognition app were “scans of printed photographs instead of natively digital shots,” according to Donato’s written ruling.
In Donato’s order, he says that there is a “total lack of evidence presented by Facebook” to show that its facial recognition app did not directly harm users from Illinois.
In 2016, Donato threw out Facebook’s motion to dismiss the case.
In company statement, Facebook said, “We continue to believe the case has no merit and will defend ourselves vigorously.”
Privacy in Illinois
A 2008 Illinois law called Biometric Information Privacy Act (BIPA) makes it illegal for companies to use technology to collect data by using biometric identifiers such as “retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry.”
The legislation stated that major corporations chose Chicago as a location for pilot testing “new applications of biometric-facilitated financial transactions, including finger-scan technologies at grocery stores, gas stations, and school cafeterias.”
Commercially, biometric identifiers are used in financial transactions or methods to locate individuals.
To dissuade the tests, the law states that gathering biological information proved to be a “heightened risk for identity theft” and a process that was too new to understand the larger ramifications if individuals’ identities were compromised.
For years, privacy advocates argue that facial recognition compromises identity and removes an individual’s control to their privacy.
Professor and executive director of the Center for Privacy & Technology at Georgetown Law School, Alvaro Bedoya said in an RT America interview, “Think about a world where a stranger can look at you and take of photo of you on the street and figure out who you are, where you live and where your family lives. That’s not a world we want to live in.”
Bedoya says that in 2014, the National Telecommunications & Information Administration asked major companies in entertainment and technology to work on privacy policies. They all refused. “Facebook for example explicitly rejected to do this opt out [option for its users],” said Bedoya.
Facebook is not the only company alleged to have violated BIPA. Shutterfly and Alphabet Inc.’s Google are under fire. In a 2017 lawsuit, Shutterfly is said to have collected and scanned face geometry in photos without the consent of non-users.
As well, employers like American Airlines and United Airlines use of biometric identifiers were hit with class action lawsuits with tactics such as using fingerprinting as a way to timestamp employees.
According to Tech Crunch, since the Illinois law passed, Facebook has been actively attempting to get the law amended.
Facebook’s current trouble hasn’t stopped it’s pursuit of using the facial recognition software. According to BBC, Facebook has started asking European and Canadian users to let it use facial recognition technology to identify them in photos and videos.