The Senate Democratic proposal that the business groups opposed, according to Harmon, is "very friendly to the business community that has been asking for these changes."
Biometric Information Privacy Act (BIPA)
Companies these days regularly collect biometric data, like facial recognition and fingerprint scans. However, in Illinois, it has been made illegal for companies to obtain any such data unless they obtain informed consent.
The Biometric Information Privacy Act was implemented on October 3, 2008, which regulates private entities may acquire, utilize, and handle biometric identifiers and information. Notably, government organizations are not covered by the Act. The only other states with comparable biometric safeguards are Texas and Washington, but BIPA is the strictest. According to the Act, a violation is punishable by a $1,000 or $5,000 fine if it is willful or reckless. This BIPA's damages clause has given rise to numerous class action lawsuits.
Privacy Issues
In regards to the privacy issues concerning the collection of biometric data, many lawsuits have been filed so far, as a result of which many companies want relief.
The Illinois Supreme Court pleaded with the General Assembly earlier this spring to rethink the law in its ruling against the White Castle company. The burger chain's eventual cost for obtaining employee fingerprint scans might reach $17 billion as a result of that decision.
Near the originally scheduled conclusion of the spring legislative session, the Illinois Retail Merchants Association, the Illinois Manufacturers' Association, and the Illinois Chamber of Commerce held a press conference with other business leaders to vehemently oppose the Senate Democrats' proposal.
In the press conference, Illinois Manufacturers' Association President and CEO Mark Denzler, argued the measure would exacerbate the issue. However, Denzler is not exactly known for his hostility. The legislation, according to Denzler, “will only increase abuse of this law by trial attorneys” who have made thousands of claims under the law.
However, the three business groups either refused to respond to Harmon’s comments or, did not respond at all.
In response, the Supreme Court claims that the legislative intent of BIPA was to penalize every single acquisition of employee biometric data. "That's how we ended up with a $17 billion" fine, claimed Senate President Pro Tempore Bill Cunningham since a significant number of White Castle employees were subjected to multiple daily scans for five years. According to the Democratic plan, the law would have been altered specifically to base the fine on the number of employees rather than the number of scans. However, they also doubled the fine from $1,000 to $1,500, which was also criticized by the business associations.
The original state statute, according to BIPA law opponents, has very little to do with reality. The purpose of the law is to safeguard individuals from having their biometric information kept, shared, or otherwise used without their knowledge or consent. After all, people can alter their computer passwords to hide their identities, but could not simply alter their fingerprints.
Cunningham on the other hand claims to have heard a theory by a Republican lawmaker that the corporate defense bar has confirmed to the business groups that they can get the state law overturned by the U.S. Supreme Court, leaving no reason to compromise at the state level. “I have no idea if that's true or not[…]But it's a better explanation that I can come up with,” he says.