Senate Bill 2979, recently approved by the Illinois Legislature, introduces significant amendments to the Biometric Information Privacy Act (BIPA). This legislation aims to revise how damages are calculated under BIPA by clarifying that multiple collections of a person’s biometric data using the same method will be considered a single violation. This change is set to limit the potential civil penalties that can be awarded.
Currently, BIPA allows for separate claims and damages for each instance of biometric data collection or transmission. The Illinois Supreme Court’s interpretation in the case of *Cothron v. White Castle Sys., Inc. held that each scan or transmission constituted a distinct violation, leading to potentially substantial penalties. SB 2979 overturns this interpretation, thereby reducing the cumulative damages companies might face.
Additionally, the bill updates the “written release” requirement under BIPA by allowing electronic signatures to meet this obligation. This change aims to modernize compliance practices and streamline the process for businesses, aligning with current digital practices.
Once signed into law, SB 2979 will impact how businesses manage their biometric data practices and respond to potential violations of BIPA. Companies should prepare for these changes by reviewing their data collection methods and updating their compliance procedures to reflect the new regulations.
Reference:
