Fingerprint collection – What could possibly go wrong?
Chicago, ILFamily Dollar collected Mantrise Herron’s fingerprints without her permission in apparent violation of Illinois’ Biometric Information Privacy Act (BIPA). BIPA is a privacy-protection law, and Herron v. Family Dollar Inc.is a class action privacy protection lawsuit. But privacy is increasingly a luxury for the well-heeled and well-informed. The rubber hits the road when privacy concerns become unpaid wages claims or employment discrimination lawsuits. This is where many workers begin. Let us also begin at the beginning….
Clock in, clock out
From January 2017 to June 2017, Ms. Herron worked as an hourly employee at a Family Dollar store in Chicago Heights. Throughout her employment, Family Dollar required her to submit her finger scans to participate in the payroll/timekeeping/employment system.
Bottom line: No fingerprints, no check.
Her fingers were scanned four times per workday: clock in, clock out for lunch or break, clock in after lunch or break, and clock out. Family Dollar did not tell her why or for how long it was collecting, storing, and using her data.
Ms. Herron did not consent in writing to the collection, storage, use, sale, lease, dissemination, disclosure, redisclosure, or trade of her biometrics, and does not know what Family Dollar did with the information.
BIPA
Illinois enacted BIPA in 2008 to address the “very serious need [for] protections for the citizens of Illinois when it [comes to their] biometric information.” The text of the statute, itself, notes that an “overwhelming majority of members of the public are weary of the use of biometrics when such information is tied to finances and other personal information.”
BIPA ensures that individuals can control their own biometric data and prohibits private companies, including employers, from collecting it unless the enterprise:
informs the person in writing of what data is being collected or stored. This would include fingerprints stored when using TouchID to log into bank account app on a phone;
informs the person in writing of the specific purpose and length of time the for which the data will be collected, stored and used; and
obtains the person’s written consent. For example, a user might be asked to sign his or her name before sharing a fingerprint.
Biometric information includes retina or iris scans, fingerprints, voiceprints, hand scans, facial recognition data, DNA, drug test results and other unique biological information. As well as requiring consent, the law also prohibits any company from selling or otherwise profiting from an individual’s biometric information. BIPA provides a private right of action against a private entity that negligently or intentionally violates the law, allowing for liquidated damages of $1,000 to $5,000, plus reasonable attorneys’ fees and costs.
The other side
Here is the argument that employers offer:
The use of biometric-enabled devices is normal and common. Biometric time clocks offer employers an accurate and reliable way to track employees’ hours, while increasing accountability. Biometric locks are often ideal for employers protecting sensitive information or valuable property, as biometric authentication reduces the risk of information (i.e., passwords or combinations) or physical tokens (keys or RFID badges) being inadvertently passed on to unauthorized users.
The basic assumption of this policy is that employees will try to steal things.
Then there is the Covid-19 rationale which suggests that in the “COVID-19 era, biometric kiosks even offer employers a streamlined method of ensuring employees do not have an elevated body temperature. The benefits of biometric systems are undeniable.”
The basic assumption of this policy is that employees are diseased.
Shopping at Family Dollar
If you have shopped at Family Dollar or Dollar Tree, you might have noticed several things. The prices are low, the quantities are small, everyone seems to know each other and there are folks scratching for change to buy Ramen noodles. The cashier may be the first cousin of the shopper. EBT accepted.
The air smells of dignified poverty. So why is this happening? Data collection is certainly not the whole answer, but it may be a symptom of the issues that non-unionized hourly workers face.
A wider context
Biometrics are being used in a growing number of areas, including employment, law enforcement and health care, as well as for physical access to buildings and consumer identification. Perhaps the most powerful argument for privacy protection laws like BIPA is that biometric information, unlike a phone number, address or electronic mail account, cannot be changed. Electronic records can also, at least in theory, last forever.
A number of states, including California, New York and Texas have also enacted biometric privacy protection laws. The EU’s General Data Protection Regulation impacts the collection, storage, sale and the personal right to delete information from internet users by private entities.
If you or a loved one have suffered losses in this case, please click the link below and your complaint will be sent to an employment law lawyer who may evaluate your Unpaid Wages claim at no cost or obligation.