New Media and Technology Law Blog

Category Archives: Privacy

Subscribe to Privacy RSS Feed

Apple X’s Face ID Feature Places Spotlight on Facial Recognition Technology, Raising Numerous Mobile Privacy and Data Usage Issues

This week’s Apple X announcement was not more than a few hours old, and the questions began to come in. Apple’s introduction of Face ID facial recognition on its new phone – although already available in some form on several Android phones – generated curiosity, concerns and creativity.  Unfortunately, the details about specifically how the … Continue Reading

Washington Enacts a Biometric Privacy Statute in a Departure from the Existing Standard

We have been writing about the biometric privacy legal landscape, which has thus far been dominated by the Illinois Biometric Information Privacy Act (BIPA).  While there are a number of states that are considering bills modeled after BIPA, Washington has enacted a bill that takes a dramatically different approach.   On May 16, 2017, HB 1493 … Continue Reading

Employees Assert Illinois Biometric Privacy Claims against Supermarket over Fingerprint Collection Practices

Even though Washington passed its own biometric privacy law last month (HB 1493), and other states are currently debating their own bills, Illinois’s Biometric Information Privacy Act (BIPA) is still the crux of biometric and facial recognition privacy-related litigation.  Such suits have typically involved social media services, video game makers or businesses that collect biometric … Continue Reading

Court Refuses to Dismiss Biometric Privacy Action over Facial Recognition Technology Used by Google Photos

Update: On March 9, 2016, Google filed a motion requesting the court certify an interlocutory appeal.  In particular, Google contends that the following question satisfies the statutory criteria: whether the term “biometric identifier,” as defined in Illinois Biometric Privacy Act, includes information derived from photographs. We’ve closely followed the numerous biometric privacy disputes and legislative … Continue Reading

A Host of Biometric Privacy/Facial Recognition Bills Currently Circulating in State Legislatures

We’ve written extensively about the numerous lawsuits, dismissals and settlements surrounding the Illinois Biometric Information Privacy Act (BIPA). The statute, generally speaking, prohibits an entity from collecting, capturing, purchasing, or otherwise obtaining a person’s “biometric identifier” or “biometric information,” unless it satisfies certain notice and consent and data retention requirements. The statute contains defined terms … Continue Reading

Biometric Privacy Claims over Facial Recognition Feature in Videogame Dismissed for Lack of Concrete Harm

For the second time in the past six months, a district court has dismissed a lawsuit alleging procedural and technical violations of the Illinois biometric privacy statute for lack of Article III standing.  In Vigil v. Take-Two Interactive Software, Inc., No. 15-8211 (S.D.N.Y. Jan. 27, 2017), the court dismissed Illinois biometric privacy claims against a … Continue Reading

Illinois Biometric Privacy Suit over Collection of Fingerprints Settled

Earlier this month, an Illinois state court approved a $1.5 million settlement in a class action against L.A. Tan Enterprises, Inc., operator (directly and through franchisees) of L.A. Tan tanning salons.  The settlement resolved allegations that L.A. Tan violated the Illinois Biometric Information Privacy Act (BIPA) by collecting Illinois members’ fingerprints for verification during check-in … Continue Reading

Mobile App VPPA Suit Survives Spokeo Standing Challenge

In Yershov v. Gannett Satellite Information Network, Inc., a user of the free USA Today app alleged that each time he viewed a video clip, the app transmitted his mobile Android ID, GPS coordinates and identification of the watched video to a third-party analytics company to create user profiles for the purposes of targeted advertising, in … Continue Reading

No VPPA Liability for Disclosure of Certain Anonymous Digital Identifiers

Another court has contributed to the ongoing debate over the scope of the term “personally identifiable information” under the Video Privacy Protection Act – a statute enacted in 1988 to protect the privacy of consumers’ videotape rental and purchase history but lately applied to the modern age of video streaming services and online video viewing. … Continue Reading

NTIA Multistakeholder Process Finalizes General Privacy Guidelines for Commercial Facial Recognition Use

We’ve previously blogged about the National Telecommunications and Information Administration (NTIA) privacy multistakeholder process to address concerns associated with the emerging commercial use of facial recognition technology. Notably, last year, the self-regulatory initiative hit a stumbling block when nine consumer advocacy groups withdrew from the process due to a lack of consensus on a minimum … Continue Reading

Proposed Amendment to Illinois Law Would Have Changed Shape of Biometric Privacy Litigation

Late last week, the Illinois state senate considered an amendment tacked onto to an unrelated bill that would have revised the Illinois’ Biometric Information Privacy Act, a law that has been the subject of much debate and litigation in the past year.  This amendment had the potential to drastically affect the current litany of lawsuits … Continue Reading

California Court Refuses to Dismiss Biometric Privacy Suit against Facebook

The District Court for the Northern District of California recently issued what could be a very significant decision on a number of important digital law issues.  These include: the enforceability of “clickwrap” as compared to “web wrap” website terms of use, the enforceability of a choice-of-law provision in such terms of use, and a preliminary … Continue Reading

User of Free App May Be “Consumer” under the Video Privacy Protection Act

This past week, the First Circuit issued a notable opinion concerning the contours of liability under the Video Privacy Protection Act (VPPA) – a decision that stirs up further uncertainty as to where to draw the line regarding VPPA liability when it comes to mobile apps.  (See Yershov v. Gannett Satellite Information Network Inc., No. … Continue Reading

Self-Publishing Platforms Deemed Distributors, Not Publishers in Privacy Suit over Unauthorized Book Cover

We live in a world that has rapidly redefined and blurred the roles of the “creator” of content, as compared to the roles of the “publisher” and “distributor” of such content.  A recent case touches on some of the important legal issues associated with such change.  Among other things, the case illustrates the importance of … Continue Reading

Google Is the Latest Online Provider to Face Class Action over Collection of Faceprints

As we have previously written about, there are several ongoing biometric privacy-related lawsuits alleging that facial recognition-based systems of photo tagging violate the Illinois Biometric Information Privacy Act (BIPA).  Add one more to the list.  A Chicago resident brought a putative class action against Google for allegedly collecting, storing and using, without consent and in … Continue Reading

FTC Releases Big Data Report Outlining Risks, Benefits and Legal Hurdles

The big data revolution is quietly chugging along:  devices, sensors, websites and networks are collecting and producing significant amounts of data, the cost of data storage continues to plummet, public and private sector interest in data mining is growing, data computational and statistical methods have advanced, and more and more data scientists are using new … Continue Reading

Photo Storage Service’s Collection of Faceprints May Violate Illinois Biometric Privacy Statute

As we have previously noted, there are several ongoing privacy-related lawsuits alleging that facial recognition-based systems of photo tagging violate the Illinois Biometric Information Privacy Act (BIPA). The photo storage service Shutterfly and the social network Facebook are both defending putative class action suits that, among other things, allege that such services created and stored … Continue Reading

Facebook Seeks Dismissal in Illinois Facial Recognition Biometric Privacy Suit

As we have previously noted, Facebook has been named as a defendant in a number of lawsuits claiming that its facial recognition-based system of photo tagging violates the Illinois Biometric Information Privacy Act (BIPA).  In a separate putative class action filed in Illinois federal court that involves the tagging of an “unwilling” non-user without his … Continue Reading

Video Privacy Protection Act Narrowed – App’s Transmission of Roku ID Not Disclosure of Personal Information

A New York district court opinion is the latest addition to our watch of ongoing VPPA-related disputes, a notable decision on the issue of what exactly is a disclosure of “personally identifiable information” (PII)  under the VPPA.  Does PII refer to information which must, without more, link an actual person to actual video materials?  Or … Continue Reading

Biometrics: Facebook Files Motion to Dismiss Privacy Suit over Facial Recognition Technology

As discussed in a previous post on facial recognition technology, a putative class action has been filed against Facebook over the collection of “faceprints” for its online photo tagging function, Tag Suggestions.  (See e.g., Licata v. Facebook, Inc., No. 2015CH05427 (Ill. Cir. Ct. Cook Cty. filed Apr. 1, 2015) (the case has been transferred to a … Continue Reading

Important Circuit Court Ruling Limits Scope of VPPA Liability

The Eleventh Circuit issued a notable ruling this week limiting a mobile app’s liability under the Video Privacy Protection Act (VPPA), 18 U.S.C. § 2710, a law enacted in 1988 to preserve “consumer” personal privacy with respect to the rental or purchase of movies on VHS videotape, and which has been regularly applied to streaming … Continue Reading

Facial Recognition Technology: Social Media and Beyond, an Emerging Concern

This week, a major self-regulatory initiative intended to address privacy concerns associated with facial recognition technology hit a significant stumbling block.  Nine consumer advocacy groups withdrew from the National Telecommunications and Information Administration (NTIA)-initiative due to a lack of consensus on a minimum standard of consent.  The NTIA initiative had been ongoing since early 2014.  … Continue Reading

Mobile Alphabet Soup…What Exactly Is an ATDS under the TCPA?

An Important Issue for Text-Message Marketers There has been an uptick in litigation under the federal Telephone Consumer Protection Act (TCPA), 47 U.S.C. § 227 – likely due to the increased use of mobile marketing (not to mention the availability of statutory damages between $500 and $1,500 per violation).  And with the growth of easy … Continue Reading
LexBlog