Court decisions lay out path to biometric coveragePosted On: Oct. 25, 2021 7:00 AM CST
An Illinois federal district court ruling last week that held a policyholder is owed coverage under an employment practices liability policy for litigation filed under Illinois’ landmark biometrics law is one among several cases decided or pending that are shaping the law’s parameters.
While last week’s ruling in Twin City Fire Insurance Co. v. Vonachen Services Inc. et. al could set a precedent for employment practices liability coverage, earlier rulings have established that general liability coverage applies to some cases involving breaches of the law.
Other cases, which are yet to be decided, include allegations against an online eyeglass company and a university that tests students remotely.
All of the cases involve alleged violations of the 2008 Illinois Biometric Information Privacy Act, which requires businesses that store biometric information to inform the subject in writing that the data is being collected or stored and the purpose and duration for which it is being collected. It also requires that businesses receive the subject’s written consent.
In last week’s ruling, a U.S. District Court in Peoria, Illinois, cited language in Vonachen Services Inc.’s handbook in holding Hartford unit Twin City Fire Insurance Co. must defend the Peoria-based janitorial services company in two putative class-action lawsuits that charge it with violating BIPA, according to the ruling.
This is the first Illinois court to rule on whether EPLI policies are applicable in cases involving the law, according to the plaintiffs attorney in the case, John S. Vishneski III, a partner with Reed Smith LLP in Chicago.
“As litigation continues, we’re going to see more and more derivative litigation in such insurance disputes like this one,” said Gregory P. Abrams, a partner with Faegre Drinker Biddle & Reath LLP in Chicago, who represents employers.
Mr. Vishneski said most or all of the reported decisions on the issue “are in the CGL context,” including last year’s Illinois Supreme Court ruling in West Bend Insurance Co. v. Krishna Schaumburg Tan Inc. and Klaudia Sekura. In that case, the high court unanimously agreed with earlier rulings by a trial court and an appeals court that West Bend, a Wisconsin-based insurer was obliged to defend Schaumburg, Illinois-based Krishna Schaumburg Tan Inc., which was charged with violating the Illinois Biometric Information Act.
The Twin City ruling has significant implications for employers and insurers and highlights the need to review employee handbooks, said Fredric D. Bellamy, a member of Dickinson Wright PLLC in Phoenix, who was not involved in the case.
Is a “well thought-out and carefully analyzed decision, and I think this will be very important going forward,” he said.
Observers say that while other states have comparable laws, Illinois remains the only state that permits individuals to pursue litigation under a private right of action, although New York City has enacted such legislation.
In 2019, the Illinois Supreme Court held in Rosenbach v. Six Flags that individuals need not allege injury or an adverse effect to successfully assert a violation of the act. A settlement of the case was announced in June.
The state’s high court is also set to decide in McDonald v. Symphony Bronzeville Park LLC whether the Illinois Workers Compensation Statute’s exclusive remedy provision bars claims for statutory damages under BIPA, if an employee alleges that an employer violated the employee’s statutory privacy rights under the law.
In September 2020, a state appeals court unanimously held a class of workers could proceed with the case.
Other recent significant BIPA decisions in Illinois include Tims v. Black Horse Carriers Inc. In its complex Sept. 17 ruling, a state appeals court held that a one-year limitation period applies to privacy claims and a five-year period applies to other civil actions.
Among pending decisions, the 7th U.S. Circuit Court of Appeals in Chicago will rule in Cothron v. White Castle Systems Inc. on whether violations accrue each time an illegal biometric scan is performed.
An attorney who asked not to be identified said the number of BIPA cases filed in Illinois declined to three or four a week last year from five to 10 a week “just because every major company that could be sued has been sued.”
Cases involving consumers and students have also been filed. For instance, a lawsuit filed in U.S. District Court in Springfield, Illinois, in Sherry Cruz v. Ditto Technologies Inc. charges a California online eyeglass company that features virtual try-on technology with violating BIPA.
In addition, a putative class-action lawsuit filed in U.S. District Court in Peoria, Illinois, charges that Bradley University violated BIPA in its collection of biometric data in its use of an online remote proctoring tool, according to the April 7 amended complaint in Thomas Duerr and Gabriel Foley v. Bradley University.