In October, we discussed one of the hottest trending class-action claims: the Illinois Biometric Privacy Act (BIPA). In our alert, we noted that it was not clear whether a plaintiff would need to show a concrete injury to be entitled to damages or whether a mere statutory violation would be sufficient to warrant damages.
On November 21, the Second Circuit Court of Appeals issued a decision on this very issue.
In Santana v. Take-Two Interactive Software, Inc., the Second Circuit issued a non-precedential summary decision concluding that a mere statutory or procedural violation was NOT sufficient to bring a claim under BIPA.
- Defendant, a video gaming company, used facial scanning software to create an avatar of the player. The Court ruled that plaintiff’s participation in the facial scanning process was a consensual act.
- The Court concluded that plaintiff did not have standing in any event and that to establish standing a plaintiff would have to show that the “violation, if true, presents a material risk that their biometric data will be misused or disclosed” or “improperly accessed by third parties.”
For employers, Santana is a welcome decision because it creates a much higher bar for plaintiffs to survive a motion to dismiss.
- Notably, this ruling is not binding on other district courts outside the Second Circuit (and, as mentioned, it is a non-precedential decision) nor any Illinois state courts.
- However, we believe Santana puts employers and other defendants in a better position to avoid lengthy litigation and penalties for any BIPA violations.
BOTTOM LINE:
- Even if other courts follow the Second Circuit’s lead, employers would be well-served to adopt a policy and obtain consent of employees among the other taking steps recommended in our earlier alert now to avoid class action liability under BIPA.
For more information on BIPA compliance, contact your Baker McKenzie attorney.