The State of Texas and Meta Platforms Inc. (“Meta”) have agreed to a $1.4 billion settlement, to be paid out over five years, to resolve claims relating to Meta’s alleged use of facial recognition technology without user consent. This settlement marks the largest privacy settlement obtained by a single state and is the first one obtained under the Texas Capture or Use of Biometric Identifier Act (“CUBI”).
Meta’s subsidiary, Facebook, launched its facial recognition technology around 2010, allowing users to tag others in photos and videos. Texas alleged Meta used the collected biometric data to train and enhance its facial recognition technology. Facebook discontinued the technology in November 2021 after Facebook entered a $650 million settlement in a lawsuit that alleged the technology violated the Illinois Biometric Information Privacy Act (“BIPA”).
Texas brought this suit shortly thereafter—in February 2022—alleging that Facebook violated CUBI by capturing and disclosing Facebook users’ and non-users’ biometric identifiers for a commercial purpose without their consent through its now-discontinued facial recognition technology. Texas also alleged that Facebook violated CUBI by failing to destroy the collected biometric data within a reasonable time.
While Illinois has been the focus of compliance due to BIPA’s private right of action, this settlement may indicate that Texas will become increasingly active in enforcement—for both CUBI and its new comprehensive privacy law that went into effect on July 1. Companies should take notice.