Open 24/7 for a FREE Consultation

Trial Attorneys
Illinois Privacy and Biometric Protection Act Attorney

No Legal Fee Until You Settle or Win

Illinois Privacy and Biometric Protection Act Attorney

biometric information privacy act lawyer

As information technology advances, the amount of personal data that big tech companies, government agencies, and employers collect increases in scope and importance. Public and private entities are gathering more biometric data for identity verification. The collection of this information increases the chances that employees and consumers fall victim to the misuse of their biometric data.

If reckless violations of biometric data have compromised your privacy and security, hire a biometric protection lawyer to hold the responsible parties accountable. At Nessler & Associates, our biometric privacy attorneys are well versed in this complex field, protecting your biometric privacy rights and seeking the compensation you deserve.


What is Considered Biometric Data?

Biometric data can be used to identify a unique individual by using their body parts. Organizations use it for everything from identity verification to security systems. Collecting this data includes processes regarding physical characteristics like fingerprint scans, retina scans, iris scans, and biological samples.

It also includes collecting data on behavioral traits like typing rhythm and gait. A person’s gait can identify their unique biomechanics. For example, the way a person walks or the specific way they sit in a chair can act as a biometric identifier.


Facts and Statistics on Biometric Data

In recent years, biometric data has become increasingly important. With worldwide security spending on identity access management currently at $42.9 billion, most experts expect the industry to reach $99.63 billion by 2027.

Approximately 65% of Americans know of biometrics, whether for a facial scan, hand geometry authentication, or signature dynamics. A common example is using a fingerprint or face identification on your smartphone.

Financial institutions, healthcare, defense, and law enforcement are the top fields adopting biometrics, and other industries are following suit. Many of these organizations use fingerprinting and face recognition software to allow people to enter a building or access internal software programs.


Why Do Workplaces Collect Biometric Data?

Facial recognition scans and other biometric data have become more common in workplaces in recent years. While some employers view this ‌to improve security, others continue to raise concerns about potential privacy issues.

Workplaces collect biometrics for these reasons:

  • Facial recognition can improve security by deterring and detecting crime.
  • Identity theft and fraud can be prevented with the help of biometrics.
  • A facial recognition system can track employee attendance and performance.
  • Employers can comply with government regulations through the use of biometrics.

Biometric data is also used to reduce human error. Additionally, biometrics reduces paperwork and speeds up many business processes. By using an employee’s unique biometric identification, keys and passes are rendered obsolete, as they cannot fall into the wrong hands.

Collecting biometric data also brings forward risks. It also poses several privacy concerns, as malicious actors can use it for tracking purposes. As a result, there is a growing debate over how organizations should use biometric data and how the government should regulate the space.


Why is Protecting Biometric Data Important?

As employers and companies adopt the technology for their benefit, it’s more important than ever to protect biometric data. Unlike other forms of personal information, such as your name or Social Security number, you cannot change your biometric data if it is compromised.

Biometric data is often seen as an easy opportunity for hackers and cybercriminals. If such data falls into the wrong hands, malicious actors can use it for identity theft, fraud, or physical theft. As a result, businesses and individuals must take steps to protect their biometric data.

Businesses must provide customers with information about how their biometric data will be used and stored. In addition, biometric data is typically subject to stricter security requirements than other data types. This may include storing data in a secure location, encrypting it with a strong password, or using a biometric authentication system.

Businesses that collect biometric data must ensure that it is kept secure and confidential. Failure to comply with biometric privacy laws can result in significant penalties, including fines and civil liability. By taking these precautions, employers and service providers can help ensure that employee and consumer information remains safe and secure.


Biometric Protection in the Healthcare Setting

Healthcare administrators and stakeholders benefit from the convenience and economies of scale that biometrics offer. However, the risk of exposing patients’ health care treatment and other sensitive data in the event of a data breach can prove harmful to patients and hospitals alike.

Although biometrics provide a modicum of security over conventional technologies, data breaches are not rare in the healthcare industry. Nearly 22.6 million patients saw their data fall into the hands of bad actors in 2021.

Biometrics in healthcare promise to eliminate medical errors, such as treating the wrong patient or failing to consider a patient’s recorded underlying health condition in their diagnosis.

What happens when there is a data breach in healthcare

As with any field in which biometrics are applied, a data breach can render patients incapable of using their identity safely subsequently to the breach. In the medical file of such a patient, through their biometric identity, their physical characteristics are linked to their medical history, such as their retina and facial structure.

A data breach is like losing the key to an unreplaceable lock, where the lock is a patient’s health records.

One of the major concerns is that biometric data could be used to ‌commit identity theft in connection with a patient’s hospitalization or medical treatment. If a hacker gains access to a database of biometric data, they can easily impersonate a patient or medical provider in order to gain access to sensitive records.

There is a risk that biometric data could discriminate against certain groups of people. For example, if insurance companies can gain access to biometric data, they might use it to deny coverage to people with certain pre-existing conditions.

Although the Cambridge Analytica scandal did not involve biometric data but ‌social media data, it shows how far some companies will go to secure user information. As biometrics in healthcare become more widespread, it is important to be aware of the potential risks and take steps to protect against them. It is also vital to pursue legal action against all parties that violate patient trust.


What You Need to Know About Biometric Laws

As biometric technology becomes more common, many states are enacting biometric privacy statutes. The Illinois Biometric Information Privacy Act (BIPA) was enacted in 2008 to protect the biometric information of Illinois residents.

The law regulates the collection, handling, storing, retaining, destroying, and safeguarding of biometric information gathered from individuals. Businesses must perform the following security measures for their employees and customers:

  • Show a detailed policy defining the processes for collection, storage, and use of biometric data and the specified timeframes for when it must be destroyed.
  • Provide information to employees and customers about how their biometric data will be used and stored
  • Obtain written consent from an individual before collecting, storing, or using their biometric information

BIPA also gives individuals the right to privacy. People can file a lawsuit if their biometric information is mishandled. As a result of BIPA, Illinois has emerged as a leader in protecting the privacy of its residents.

In addition, biometric data is typically subject to stricter security requirements than other data types. As a result, businesses that collect biometric data must ensure that it is kept secure and confidential. Failure to comply with Illinois’ biometric privacy laws can result in significant penalties, including fines and civil liability.

When is an Employer Liable for Violating BIPA?

If an employer collects, uses, stores, or destroys an employee’s biometric information without first obtaining written consent from the employee and complying with other statutory requirements, the employer may be liable for damages under BIPA.

Illinois courts have held that employers can be liable by an employee for the unauthorized collection or disclosure of an employee’s biometric information. According to the Illinois Supreme Court, an employer’s use of fingerprint scanners to clock employees in and out was liable for damages with the case of Marquita McDonald v Symphony Bronzeville LLC.


How Do You Sue for Damages Under BIPA?

If you have had your biometric information collected without your consent, or if it has been used in a way that violates the Illinois Biometric Information Privacy Act (BIPA), you may ‌sue for damages. Under BIPA, a negligent violation can result in damages $1,000, while an intentional violation can result in statutory damages of up to $5,000.

To sue for damages under BIPA, you will need to show that you have suffered some type of harm because of the negligent violation or an intentional violation. This could include financial damages, emotional distress, or any other type of harm and non-economic damages that can be proven. If you are successful in your suit, you can recover statutory or actual damages, as well as attorneys’ fees and costs.

bipa illinois attorneys


Contact a Biometric Data Privacy Protection Lawyer Today

Many companies collecting biometric data in Illinois are held to BIPA’s standards regarding compliance. Your biometric data deserves the protection that the BIPA affords. If a company fails to provide data security for all its employees and customers, it may be liable for financial and non-economic damages.

If you are the victim of privacy and biometric protection violations, call our law firm at (800) 727-8010 to arrange a free, confidential consultation. Our biometric privacy lawyers can examine your case and gather evidence to prove the intentional violation of your biometric privacy.

Illinois Privacy and Biometric Protection Act Attorney Near You

Have You Been Injured?

Learn more about the legal services our team of injury lawyers provides.

The first step is to either call our office or submit a form.

We are standing by and ready to help.


First Name(Required)
Last Name(Required)

We've Secured Million Dollar Results

$3.5Million Awarded

in this medical negligence/ educational negligence action involving a 76 year-old victim of medical malpractice. The victim suffered severe a neurological and neuro-systemic injury after the radiologist implemented an incorrect contrast medium during myelogram.

$2.1Million Awarded

in a case where a bicyclist was struck by a state vehicle. The driver of the state vehicle had negligently taken his eyes off of the roadway to retrieve an object from the vehicle’s floor.

"A few years ago a drunk driver hit me so hard it flipped the car and broke my elbow. So I called the lawyers here and they got me the money I needed to get the surgery I needed to save my arm. Faster than thought was possible. I may not be able to move it today without their help."

- Matt

"Nessler & Associates are fair, honest and excellent at what they do to help people. I highly recommend them."

- Walt

$1.7Million Awarded

in a product liability case which involved a defectively designed seat belt in a vehicle. The victim suffered partial paralysis.

$1Million Awarded

in a slip and fall on ice outside a restaurant in Springfield, Illinois. The ice accumulated by reason of negligently routing water from a downspout.

$15 Million Collected

in a catastrophic injury case involving a 13 year-old plaintiff who suffered permanent brain injury in a rollover crash. There were negligent acts alleged of several Defendants.

$1.1 Million Awarded

in a case stemming from the death of a minor who fell into a mobile home park’s sewage treatment lagoon. An offer of $50,000 was made prior to trial.

$3.5 Million Awarded

in a medical negligence case due to the failure to appropriately diagnose stroke symptoms, resulting in severe and permanent disability.

$3.1 Million Awarded

in aggregate, to childhood victims of sexual abuse by a member of the Clergy.

$3.5 Million Awarded

in aggregate, to victims of childhood sexual abuse by Catholic priests.

$1 Million Awarded

to minor victims of sexual abuse by a daycare worker. The daycare was charged with negligent hiring and retention of an employee.

$1.65 Million Awarded

in a medical negligence case due to a birth trauma, to a baby in delivery, resulting in significant cerebral palsy.


illinois state
av preeminent
Call Now Button