A class action lawsuit has been filed against car-sharing company Getaround, alleging violations of the Illinois Biometric Information Privacy Act (BIPA). The plaintiff claims that Getaround collected, stored, and disseminated biometric information without obtaining informed written consent from users, specifically regarding facial geometry scans used during the account opening process.
Under BIPA, private entities are required to inform individuals in writing that their biometric identifiers or information are being collected or stored. They must also disclose the specific purpose and duration for which the data will be used and obtain a written release from the individual. The lawsuit asserts that Getaround did not provide such notifications or obtain the necessary consent from the plaintiff and other class members.
The complaint further alleges that Getaround unlawfully disclosed or disseminated biometric information to third parties, including service providers, contractors, business partners, and collection agencies, without the individuals’ consent. This action is claimed to be in direct violation of BIPA’s stipulations against sharing biometric data without explicit permission.
The plaintiff is seeking statutory damages of $5,000 for each intentional or reckless violation of BIPA, or alternatively, $1,000 for each negligent violation. The lawsuit also requests an injunction requiring Getaround to comply with BIPA regulations moving forward.
This is the latest in a recent flood of BIPA lawsuits concerning the use of facial recognition in vehicles.
Earlier this week, ID Tech reported that a class-action lawsuit has been filed against Penske Logistics by former employee Jeremy Ratliff, alleging that the company violated BIPA by using AI-powered cameras to monitor drivers’ behavior without obtaining proper consent. That lawsuit claims the cameras scanned drivers’ facial geometry to track behaviors like “distracted driving,” and that Penske failed to inform drivers or secure written consent.
Additionally, it alleges that Penske shared biometric data with third parties without authorization. Ratliff seeks $5,000 for each willful violation and an injunction mandating Penske’s compliance with the law. The lawsuit also mirrors a similar case against Omnitracs, LLC, which faces allegations of biometric data collection without disclosure or consent.
A recent BIPA amendment, which reduces financial risk by treating multiple collections of the same data as a single violation, could impact these cases.
To get more insight into the impact of BIPA and other identity legislation, ID Tech recently had a chance to sit down with IDVerse’s VP and Head of Legal and Compliance, Terry Brenner on the ID Talk podcast.
Source: Bloomberg Law
–
October 8, 2024 – by Tony Bitzionis
Follow Us