How Google’s Biometrics Lawsuit is Changing the Landscape of Data Privacy

Introduction

In January of 2020, Google faced a class-action lawsuit that claimed the company had violated Illinois’ biometrics privacy law. The case alleged that Google had been collecting facial recognition data from Illinois residents without their explicit consent, and storing it on servers located outside the state. The case, which is still ongoing, has the potential to fundamentally change the way companies collect and use biometric data. In this article, we’ll explore how Google’s biometrics lawsuit is changing the landscape of data privacy.

What is Biometric Data?

Biometric data refers to distinctive physical and behavioral characteristics that can be used to identify an individual. Examples include fingerprints, facial recognition, voiceprints, and DNA. Unlike other forms of personal data, such as names or social security numbers, biometric data is unique to each individual and cannot be changed or replaced. As a result, biometric data is highly sensitive and requires strict protections.

Illinois Biometrics Privacy Law

Illinois is one of the few states in the United States to have enacted a specific law governing the collection, use, and storage of biometric data. The Illinois Biometric Information Privacy Act (BIPA) was passed in 2008 and requires companies to obtain written consent from individuals before collecting and storing their biometric data. BIPA also requires companies to obtain informed consent if they plan to share or sell biometric data with third parties. Companies that violate BIPA can face significant fines and damages.

Google’s Biometrics Lawsuit

Google’s biometrics lawsuit involves allegations that the company violated BIPA by collecting facial recognition data from Illinois residents without properly obtaining their consent. The lawsuit argues that Google’s practice of extracting data from photos uploaded to its Google Photos software constitutes a violation of BIPA. The plaintiffs in the case are seeking damages of up to $5,000 per person for each time Google unlawfully collected and stored their biometric data.

Impact on Data Privacy

Google’s biometrics lawsuit has significant implications for how companies collect and use biometric data. If the lawsuit is successful, it could set a precedent for other states to enact similar laws governing the collection of biometric data. It could also force companies to rethink their data collection and retention practices, particularly for data that is highly sensitive and personal.

Conclusion

In conclusion, Google’s biometrics lawsuit is just one of many examples of how data privacy is becoming an increasingly significant issue for individuals and companies alike. As more personal information becomes digitized and stored online, it’s essential that companies take adequate steps to safeguard this information from unauthorized access and use. Moving forward, it’s likely that we’ll see more regulations and legal actions related to biometric data, as governments and individuals seek to ensure that this data is protected from misuse.