Fashion house Christian Dior’s attempt to quell the proliferation of class actions citing Illinois’ biometric privacy law has been rejected by a federal judge in Chicago.
Dior had asked the judge to order the plaintiffs in a dismissed Biometric Information Privacy Act (BIPA) case to pay its lawyers’ fees and costs, aiming to deter what it considered “abuses” by plaintiffs’ lawyers overloading dockets with privacy class actions. However, the judge rejected Dior’s motion, stating that even if fee-shifting was available under BIPA, defendants would have to show that plaintiffs acted in bad faith when asserting claims.
The ruling is another setback for BIPA defendants, as it follows the Illinois Supreme Court’s recent ruling allowing plaintiffs to seek statutory damages for every violation of the law.
The rejected bid stems from Dior’s effort to defend itself against a class action that alleged the illegal collection of biometric data from online shoppers who used a virtual try-on tool to see how Dior’s non-prescription sunglasses would look on their faces. The judge concluded that the plaintiffs’ lawyers were not acting in bad faith when bringing the class action and that exposing them to attorneys’ fees would undermine the enforcement mechanism of a law intended to protect critical privacy interests.
This comes after the Illinois Supreme Court’s decision in Cothrun v. White Castle System Inc., which exposed the fast-food chain to over $17 billion in damages for allegedly scanning employees’ fingerprints without consent.
The rejection highlights the challenges faced by companies dealing with BIPA cases, as the potential damages have raised concerns among businesses operating in Illinois. While trial courts have discretion over damages, companies still face uncertainty and exposure to potentially exorbitant damages.
The BIPA law has created what some observers call a “cottage industry” of cases targeting businesses of all sizes. Recent cases include a mass arbitration effort against video game maker EA Sports for its ‘Game Face’ feature, a class action lawsuit against Facebook, and a dismissed class action against a third-party vendor under BIPA.
The BIPA cases have raised questions about how companies handle biometric data and whether they comply with the law’s consent and disclosure requirements. Companies like Sysco, Pandora, and DePaul University have faced allegations of improper biometric data collection and have either settled or secured exemptions. While BIPA offers consumers strong protections, businesses have expressed concerns about the potential catastrophic damages they could face.
As more cases emerge and courts grapple with the legal nuances, the landscape surrounding BIPA lawsuits remains dynamic, and businesses operating in Illinois need to carefully navigate the complex web of biometric privacy laws and regulations.
August 1, 2023 – by the FindBiometrics Editorial Team