Showing 9 posts by Joseph L. Kish.
In August, Senators Bernie Sanders (I-VT.) and Jeff Merkley (D-OR.) introduced the National Biometric Information Privacy Act of 2020 (NBIPA), which serves to regulate the collection, retention, disclosure and destruction of biometric information. While NBIPA is awaiting Congressional consideration, its potential effects and nationwide extension make it noteworthy.
As currently drafted, NBIPA limits the collection of personal information to valid business purposes, prohibits the inclusion of written releases in employment contracts, and builds on the Illinois Biometric Information Privacy Act in two major ways. First, NBIPA requires all businesses, regardless of size, to obtain consumers’ opt-in consent before collecting, sharing or using their biometric data, inform consumers of the use and length of term of biometric data, develop and publish a data retention schedule and guidelines for destroying biometric data, and obligates businesses to store, transmit, and protect biometric data in the same or in a more stringent manner as is done for other confidential and sensitive information. Second, NBIPA not only creates enforcement by state attorneys but also creates a private right of action for individuals even if the injury is only a technical violation that does not result in actual damages. More »
CYBER RISK CLIENT ALERT: Facebook Settles Its BIPA Suit for $550 Million While Damage and Jurisdiction Issues Remain
All eyes are on the recent settlement in Patel v. Facebook, Inc., 932 F.3d 1264 (9th Cir. 2019), where a group of class-action plaintiffs (“Class”) alleged that Facebook violated Illinois’ Biometric Information Privacy Act (“BIPA”). Patel had already received a lot of attention primarily because the Ninth Circuit found Article III standing in the absence of actual harm.
Patel settled for a massive $550 million. This is the largest cash settlement seen in a privacy-related suit according to the parties, which is creating a lot of new-found interest in BIPA with speculation on how the settlement amount will impact future claims. More »
There has been no shortage of litigation since the passage of the Illinois Biometric Information Policy Act, commonly known as BIPA, especially since the Illinois Supreme Court’s recent decision in Rosenbach v Six Flags Entm’t Corp., 2019 WL 323902 (Ill 2019) that an individual does not need to allege actual damages to have standing. We have already circulated two articles discussing the [Southwest] and [Hotel Management] lawsuits. In response, defendants have been swift and creative in their defense. Most recently, a major grocery chain argued before an Illinois state court judge the unconstitutionality of BIPA. More »
Recently, the Ninth Circuit Court of Appeals issued an opinion in the case of Patel v. Facebook, Inc., 2019 WL 3727424 (9th Circ. 2019), allowing a class-action lawsuit filed in the Northern District of California to proceed. The Court held that the plaintiffs have Article III standing to bring the suit because Facebook’s alleged violations of Illinois’s Biometric Information Privacy Act (“BIPA”) constitute a sufficiently concrete injury-in-fact. The Court also upheld the district court’s grant of the plaintiffs’ motion for class certification, finding that the Federal Rules of Civil Procedure’s predominance and superiority requirements were met. Patel represents a continued expansion of the law in favor of plaintiffs bringing suits under BIPA. More »
In response to the Illinois Supreme Court’s ruling in Rosenbach v. Six Flags Entertainment Corp., 2019 IL 123186 (actual harm is not required for standing under the Illinois Biometric Information Privacy Act), the Illinois legislature is now considering amending the statute, in part, by removing its private right of action.
Illinois was the leader in enacting privacy protections for biometric data. Illinois is still one of only a few states to have such protections in place (along with Texas and Washington). Arizona, Florida, and Massachusetts have proposed regulations to protect biometric identification, and California will have its biometric protections take effect on January 1, 2020. More »
CYBER RISK CLIENT ALERT: Supreme Court Remands Google Settlement - Might Resolve Existing Circuit Splits On Proving Actual Harm
On March 19, 2019, the United States Supreme Court remanded a privacy class action settlement back to the Ninth Circuit Court of Appeals to address whether the class members can plausibly claim to have suffered concrete harm. This ruling serves as the latest hurdle for plaintiffs in cybersecurity litigation to establish standing to sue companies for data breaches and unauthorized data sharing. More »
Recently, the Illinois Supreme Court resolved contradictory rulings from lower courts regarding standing under the Illinois Biometric Information Privacy Act (“BIPA”), 740 ILCS § 14/5 (West 2016). The likely result of this ruling was that there will be increased litigation under BIPA.
In Rosenbach v. Six Flags Entertainment Corp., 2017 IL App (2d) 170317, the Illinois Supreme Court held that an individual is not required to show actual harm; establishing a technical violation of under BIPA is sufficient to be “aggrieved” and allow a plaintiff to seek remedial measures. More »
Illinois Appellate Court Concludes that Actual Harm is not Required under Biometric Information Privacy Act
An Illinois appellate court’s recent opinion may very well open the flood gates for litigation arising out of alleged violations of the Illinois Biometric Information Privacy Act (“BIPA”) by eliminating the need to allege actual harm to have standing to sue. Sekura v. Krishna Schaumburg Tan, Inc., 2018 IL App (1st) 180175. More »
On September 26, 2018, Uber Technologies, Inc. (Uber) reached a joint settlement with all 50 states and Washington, D.C.’s attorney generals to pay a record breaking $148 million for its 2016 data breach and subsequent cover-up. More »
- Now That Vaccine Distribution Has Begun, What Issues Do Employers Face?
- Immunity From Liability For Healthcare Facilities and Healthcare Professionals in the Continuing Battle Against the Covid-19 Pandemic
- A National Approach to Biometric Privacy
- Illinois Appellate Court Says the Learned Intermediary Doctrine Does Not Shield a Device Manufacturer from Liability When a Doctor is Deceived About a Device’s Prior Testing and Suitability
- Remote Jury Selection by Video Conferencing
- Illinois Appellate Court Eliminates Key Defense to BIPA Claims
- What is Amy Coney Barrett’s Record on Federal Preemption and What Does it Mean for Future SCOTUS Rulings in Drug and Medical Device Litigation?
- COVID Delivers Fraud to the Trucking Industry
- The Application of the Doctrine of Collateral Estoppel to Bar Legal Malpractice Claims Following Allegations of Ineffective Assistance of Counsel
- Prefabricated Construction Liability
- Professional Liability
- Class Action
- Complex Commercial Litigation
- Insurance Coverage
- Insurance & Reinsurance Litigation & Counseling
- Cyber Risk & Liability
- Toxic Tort
- Professional Development
- Social Media & Privacy
- Employment Litigation & Counseling
- Construction Litigation & Counseling
- Workers' Compensation
- Product Liability
- Discrimination, Harassment & Hostile Workplace Claims
- Pharmaceutical & Medical Device Litigation
- Medical Negligence & Healthcare Liability