WeWork Among Latest Caught in BIPA Net

Biometrics News - WeWork Among Latest Caught in BIPA Net

A lawsuit has been filed in Illinois against WeWork, global real-estate company and provider of shared office space, alleging the use of facial recognition scans without consent.

The plaintiff in the case, Elliot Osborne, alleges that “When individuals arrive at a WeWork office space, each Defendant requires them to have their facial geometry scanned to enroll them in We Work’s database(s).”

Osborne notes that WeWork collects the biometric data without the informed written consent from the individuals being targeted.

In response to the charges, a company spokesperson for WeWork stated: “WeWork does not use facial recognition technology to monitor people in our locations. We consider privacy to be a fundamental right and we are committed to protecting the privacy of our members. We intend to fight this lawsuit.”

The capturing of an individual’s biometric data without consent in the state of Illinois is a violation of the Illinois Biometric Privacy Act (BIPA), which was passed in 2008. Already this year several high profile cases have been brought forward against corporations for violating BIPA, with Dr. Pepper, Wallgreens, The Home Depot, and Rivers Casino among the defendants.

BIPA allocates $1000 to $5000 in statutory damages per violation, which could be significant for WeWork depending on the size of class and the viability of the claim before the courts.

“Any business operating in Illinois that collects biometric data from its employees, customers, or other third parties risks substantial monetary exposure if it does not comply with the requirements of” BIPA, Phillip Schreiber, privacy partner at Holland and Knight LLP in Chicago, said.

Plaintiffs in BIPA cases don’t need to show that any harm was done by the collection of their biometric data, only that it was collected without their consent. The January ruling of Rosenbach v. Six FlagEntertainment Corp. supports this and could be viewed as a landmark case that may help plaintiffs in cases such as the one filed against WeWork survive early dismissal attempts from the defendants.

However, surviving an early dismissal doesn’t necessarily mean that a plaintiff will win a BIPA case, as there are many open cases questioning what constitutes biometric information under the law.

In addition to challenging the definition of biometric identifiers, defendants in BIPA cases can also challenge the statute of limitations, and whether biometric privacy violations can be remediated.

Source: Bloomberg Law

November 8, 2019 – by Tony Bitzionis