Don’t Run Prints: Illinois’s Biometric Privacy Law Used Against EmployersDoes your company use fingerprinting or some facial recognition scanner as part of its clock-in, clock-out process? If your company has facilities or even some contacts with Illinois (and maybe other states in the future) you should pay heed to Illinois’s Biometric Information Privacy Act (BIPA) that is the subject of a new class action and has been the source of many prior lawsuits.

Illinois’ Biometric Privacy Law

The BIPA states that no private entity may “collect, capture, purchase, receive through trade, or otherwise obtain a person’s or a customer’s biometric identifier or biometric information” unless it first:

  • Informs the subject in writing that a biometric identifier or biometric information is being collected or stored;
  • Informs the subject in writing of the specific purpose and length of term for which a biometric identifier or biometric information is being collected, stored, and used; and
  • Receives a written release executed by the subject or the subject’s representative.

The BIPA also prohibits businesses from disclosing a person’s biometric information without first obtaining consent and  requires businesses to develop and comply with a publicly available written policy for retention and destruction of the information. The BIPA is recognized as one of the strongest state laws protecting individuals’ biometric data and expressly excludes photographs and information from a patient in a health care setting from the definition of biometric identifier.

Family Dollar Class Action

A putative class of employees recently filed a complaint against Family Dollar and Dollar Tree Inc. in Cook County, Illinois alleging violation of the BIPA. Herron, the representative plaintiff, worked as an hourly employee at Family Dollar in 2017 and had to provide finger scans to clock in and out. The complaint alleges that Family Dollar did not inform the employees in writing of the purpose or obtain consent.

Other Lawsuits and Developments

Lawsuits alleging employer violations of BIPA have become commonplace in Illinois in recent years. Walmart recently settled a BIPA employee class action for $10 million. A case currently before the Illinois Supreme Court could decide whether the exclusive remedies under the workers’ compensation law preclude claims for statutory damages under the BIPA where an employee alleges a violation of statutory rights. A defense victory could have a considerable effect on the pending class actions, including the Herron matter.

BIPA critics suggest the law has been abused and leads to frivolous lawsuits. A bill introduced in the Illinois General Assembly would revise and limit the BIPA’s reach.

As of now, the BIPA provides for statutory damages of $5,000 for each willful and/or reckless violation, or $1,000 for each negligent violation. According to the Illinois Supreme Court, an individual need not allege or prove an actual injury to recover damages; the mere violation will create the statutory liability.

While other states have regulated the use of biometric information, Illinois is currently the only one that creates a private right of action. A National Biometric Information Privacy Act of 2020 was introduced in August 2020 and is pending in the Senate now. As drafted, it includes a private right of action.

If You Are in Illinois or Have Illinois Contacts You should …

If you have facilities in Illinois or some contact with Illinois, you should examine and comply with the BIPA’s requirements. Any clock in, clock out procedures should not involve biometric information unless you have met and documented the consent requirements. Lawsuits alleging BIPA violations have been filed outside of Illinois if a company has sufficient contacts, so you need to be careful. State biometric protection laws may become more common, so carefully examine your practices if fingerprint scanners or any type of biometric recognition technology is part of your operations.

Department of Labor Announces Proposed Rulemaking to Raise Minimum Wage for Federal ContractorsOn July 21, the DOL announced a Notice of Proposed Rulemaking to enforce the Biden Administration’s Executive Order raising the minimum wage for workers under federal contracts to $15 per hour. The proposed rule would go into effect on January 30, 2022. This announcement begins a comment period that will end on August 23, 2021. To record a comment, go to www.regulations.gov. The current federal contract minimum wage is $10.95 per hour.

EEOC Locks onto Bostock: New Guidance on Sexual Orientation and Other Gender IssuesYou may recall our blog post last summer recapping the U.S. Supreme Court’s decision in Bostock v. Clayton County, Georgia that held discrimination based on sexual orientation is prohibited by Title VII.  After that decision, we encouraged each of you to update your EEO and harassment policies, update your application forms and websites, train your supervisors and managers, and consider whether to prepare a policy or guidelines for transgender employees who are or will be transitioning.

Now the EEOC — or more specifically the EEOC’s Chair Charlotte Burrows — has published guidance on what may constitute discrimination based on sexual orientation and/or gender identity. There is drama around whether Burrows sought the approval of the other members of the EEOC before issuing the guidance, whether the guidance exceeds the scope of Bostock, and whether the guidance violates employers’ and employees’ religious and speech protections. We will monitor any updates around the issues and let you if anything changes, but as of now we assume that this is the EEOC’s stance on the issues.

The Guidance

The EEOC’s technical assistance document recaps the Bostock decision and provides, in Q&A format, guidance on several issues. Here’s a summary of the guidance:

  • Customer preferences do not trump an employee’s rights. Employers are not allowed to segregate or discriminate against employees based on actual or perceived customer preferences as to sexual orientation or gender identity (or other protected classes).
  • Dress codes are fine, but you must allow a transgender person to dress consistent with his or her identity. Employers may not discriminate against employees based on non-conformity with sex-based stereotypes.
  • Use an employee’s preferred name. Accidental and occasional mistakes are one thing, but severe or pervasive misuse of a transgender employee’s preferred name and pronouns could violate Title VII.
  • Separate, sex-segregated bathrooms and locker rooms are OK, but employers may not preclude transgender men from using the men’s facilities and transgender women from using the women’s facilities. For other materials regarding the bathroom issue and government recommendations regarding transgender employees, see the EEOC’s fact sheet, OSHA’s guide, and the S. Office of Personnel Management’s guide.

The EEOC’s guidance further suggests that whether or not employers know their employee’s sexual orientation or gender identity may be no defense for discrimination. To find the entire technical assistance document, click here.

What Does This Mean?

Like we said last year, update your policies, train your supervisors and managers, consider whether to add a policy for transgender employees who are or will be transitioning, and consider whether unisex bathrooms and locker rooms make more sense for your company. Whatever you do, remember to be sensitive to your employees and reach out to your employment attorneys with the questions that we all know will come up. Together, we can figure out the best next steps for your business.