Illinois

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

CPW’s Shea Leitch and Kyle Dull to Speak at ACC South Florida’s 12th Annual CLE Conference

CPW’s David Oberly

By now, most CPW readers are very familiar with the term “BIPA”—the acronym used for Illinois’s game-changing biometric privacy law, which has led to a barrage of class action litigation pursued against companies that use biometric data in their commercial operations. BIPA is not, however, the only biometric privacy law on the books that presents

This week a federal judge in Illinois granted final approval to a $92 million settlement to resolve TikTok privacy multidistrict litigation.  In Re: Tiktok, Inc., Consumer Privacy Litigation (Case: 1:20-cv-04699).  This case is notable for both its large class size and resolution of two dozen privacy litigations which had been previously filed against TikTok and

Earlier this month, a federal court in Illinois dismissed a BIPA fingerprint timekeeping class action that had been pending for over three years, finding that Plaintiff failed to adequately allege a claim under Section 15(b) of the Illinois Biometric Information Privacy Act. Stauffer v. Innovative Heights Fairview Heights, LLC, 2022 U.S. Dist. LEXIS 140010 (S.D. Ill. Aug. 5, 2022). This ruling was based on the Court’s primary conclusion that:

Nowhere in her complaint does Plaintiff allege that [Defendant] itself stored biometric information on its own computers or servers, or that [Defendant] used the biometric information for its own purposes. In fact, Plaintiff does not allege that [Defendant] actually accessed this information. Plaintiff” allegations are simply that [Defendant] could access the biometric information one day. But equally as plausible as [Defendant] accessing the information one day is that [Defendant] never accessed the information.

As reported earlier in CPW’s 2022 Q1 AI/Biometric Litigation Trends by Kristin BryanDavid Oberly and Christina Lamoureux, the majority of BIPA cases filed thus far in 2022 arise under the circumstances analogous to the Stauffer litigation in the timekeeping context. As such, the Court’s ruling in this case is anticipated to bear upon other pending and future filed cases.  

In this instance, the Court rejected the Plaintiff’s allegations that the use of a uniform franchise agreement which (i) required franchisees adopt a common timekeeping system (“POS System”) that “collect[ed] employee fingerprints and information used to identify such employees based on their fingerprints” and (ii) and gave the Defendant “the right to have independent access to all information or data” on the POS System used by franchisees sufficient for purposes of a pleading a cognizable Section 15(b) BIPA claim.

Read on to learn more about the particular facts of this case and the Court’s analysis.

Continue Reading Federal Court Rejects Terms in Franchise Agreement Retaining Data Access Rights As Sufficient to Plead Section 15(b) BIPA Claim

One of today’s most pressing topics in Illinois Biometric Information Privacy Act (“BIPA”) class action litigation is the Illinois Supreme Court’s much-anticipated opinion in Cothron v. White Castle Sys. (covered extensively by SPB team member Kristin Bryan in CPW articles here, here, here, and here, and discussed in SPB’s 2022 Q2

Welcome to the 2022 Q2 edition of the SPB Artificial Intelligence & Biometric Privacy Quarterly Review Newsletter, your go-to source for keeping you in the know on all recent major artificial intelligence (“AI”) and biometric privacy developments that have taken place over the course of the last three months. We invite you to share this resource with your colleagues and visit Squire Patton Boggs’ Data Privacy, Cybersecurity & Digital Assets and Privacy & Data Breach Litigation homepages for more information about our capabilities and team. 


Q2 did not disappoint in the AI and biometric privacy space, with a number of noteworthy litigation, legislative, and regulatory developments having taken place in these two rapidly developing areas of law. Read on to see what has transpired over the last quarter and what you should keep your eyes on as we head into the second half of 2022.

Continue Reading SPB 2022 Q2 Artificial Intelligence & Biometric Privacy Quarterly Review Newsletter

In a record-setting proposed settlement filed last week, T-Mobile has agreed to pay $350 million and boost its data security by $150 million over the next two years to resolve multidistrict litigation brought by T-Mobile customers whose data was allegedly exposed in a 2021 data breach.  Read on for the terms of the settlement, which may serve as a model in other high stakes data security cases going forward.

Recall that in August 2021, T-Mobile disclosed that it had been the victim of a cyberattack that resulted in the compromise of some current, former and prospective customers’ SSN, name, address, date of birth and driver’s license/ID information the “Data Event”).  By T-Mobile’s account, no “customer financial information, credit card information, debit or other payment information” was exposed in the attack.  Nevertheless, over 40 putative class action claims were filed seeking damages for the improper disclosure of Plaintiffs’ personal information.  In December 2021, the Judicial Panel on Multidistrict Litigation transferred and centralized the putative class actions into the MDL standing before the Western District of Missouri.

Continue Reading T-Mobile Agrees in MDL to Record Setting $350 Million Data Breach Settlement to Resolve CCPA and Other Privacy Claims

Special thanks to our Summer Associate, Nyet Abraha, for her work on this blog.

Carnival Cruise Line, one of the largest international cruise lines, has agreed to pay $6 million to resolve claims brought by state attorneys general in response to a 2019 data breach. In March 2020, Carnival reported a data breach that compromised

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Online Safety in Digital Markets Needs a Joined Up Approach with Competition Law in the UK

China’s Didi Fined

In case you missed it, below are recent posts from Consumer Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Federal Court Dismisses Colonial Pipeline Cybersecurity Litigation

Federal Court Refuses to Dismiss Biometric Claims Brought by Trucker Against Facial