On April 9, 2019, an appellate court in Illinois held in Liu v. Four Seasons Hotel, Ltd.[1] that an employee’s allegations of violations of the state’s Biometric Information Privacy Act (“BIPA” or the “Act”) do not constitute allegations of “a wage or hour violation,” even where collection of biometric data is being used to monitor hours worked. Coming on the heels of the Illinois Supreme Court’s decision in Rosenbach v. Six Flags Entertainment Corporation,[2] which held that plaintiffs are not required to allege harm beyond a “technical” violation of the Act in order to bring an action under BIPA, Liu demonstrates a developing pattern of recognition of broad privacy rights in Illinois courts.
Background
It was uncontested in Liu that the Four Seasons hotel in downtown Chicago (“Four Seasons Chicago”) collects employee fingerprints for purposes of tracking hours worked. The plaintiffs brought a class action lawsuit on behalf of current and former employees, alleging that the Four Seasons Chicago violated BIPA by, among other things, failing to inform employees that it discloses such fingerprint data to out-of-state third party vendors or to provide its employees with written explanations of the purposes and length of time their fingerprints were being collected, stored, and used. The suit sought statutory damages and injunctive relief.
Seeking to compel arbitration, Four Seasons Chicago argued that plaintiffs had waived their rights to litigate their claims based on language in their employment agreement that required mandatory arbitration of disputes “based on . . . a wage or hour violation.” Given that “the sole purpose” of collecting and using fingerprint data was for “monitor[ing] the hours worked,” Four Seasons Chicago asserted that plaintiffs’ BIPA claims were necessarily “a wage or hour” claim. The trial court rejected that argument and denied the motion to compel.
The appellate court accepted interlocutory appeal on the question of whether the BIPA claims constitute “wage or hour violation[s]” under the “plain and ordinary meaning” of the arbitration clause. In rejecting Four Seasons Chicago’s argument, the court characterized Illinois statutes addressing wage violations as generally involving the wrongful withholding of compensation or failure to comply with wage or hour laws and distinguished BIPA as “a privacy rights law that applies inside and outside the workplace.” Accordingly, the court held that Four Seasons Chicago’s use of biometric data for timekeeping purposes did not transform a privacy right claim into a wage or hour claim.
Takeaways
Although the court took pains to clarify that it was only deciding a “narrow issue,” the Liu decision contributes to the Illinois courts’ emergent approach to privacy rights under BIPA. Together, Rosenbach and Liu illustrate that individual privacy rights are being interpreted as standalone rights which can be independently violated even where the underlying actions occur in the workplace context and result in no additional actual harm. Thus, allegations of privacy violations may fall outside of the scope of traditional employment arbitration clauses absent explicit references to privacy claims. Thus, businesses seeking to manage privacy risks would do well to consider whether existing waivers and arbitration agreements cover future privacy disputes and review their disclosures relating to the use of biometric data to ensure compliance with BIPA and other applicable privacy laws.
[1] 2019 IL App (1st) 182645.
[2] 2019 IL 123186 (Jan. 25, 2019).