BIPA case against facial recognition software firm can proceed

A federal district court has ruled that a plaintiff can proceed with his putative class-action litigation against a facial recognition software company that he alleges violated the Illinois Biometric Information Privacy Act.

Fredy Sosa, a member of Bellevue, Washington-based OfferUp Inc., an online marketplace that partnered with London-based software company Onfido to verify its users’ identities, said that in April 2020 he verified his identity with OfferUp by using its mobile application to upload photos of his driver’s license and of his face, according to Monday’s ruling by the U.S. District Court in Chicago in Fredy Sosa v. Onfido Inc.

Mr. Sosa said Onfido did not inform him it would collect, store or use his biometric identifiers and that he never signed a written release allowing it to do so, nor was he informed about the company’s biometric data retention policy, in violation of BIPA.

The “dispositive question is whether the information Onfido allegedly obtains plausibly constitutes a scan of face geometry. We conclude that it does,” the ruling said.

“The faceprints extracted by Onfido plausibly constitute scans of face geometry, and therefore, (are) ‘biometric identifiers” under BIPA,  it said, adding, “Onfido’s arguments to the contrary are unavailing.”

The ruling also rejected Onfido’s argument that the information it allegedly obtained cannot be a “scan of face geometry” because it “was not the scan of Plaintiff’s actual face” but rather a “scan of a photograph of his face.”

Attorneys in the case did not respond to requests for comment.

Another district court in Chicago ruled late last month that a Hanover Insurance Group unit must defend an information technology company in two class actions filed under BIPA, concluding that a policy exclusion is ambiguous.