A $6.8 million settlement could end an Illinois biometrics privacy lawsuit targeting a North Carolina operator of vending machines that utilize fingerprint scanners to process transactions.
On Oct. 28, attorneys from the firm of Werman Salas, of Chicago, filed a motion asking a federal judge to grant preliminary approval of a settlement with Compass Group.
Attorneys have yet to file a motion for fees. But in the motion for approval, Werman Salas said it will request up to one third of the $6.8 million settlement fund, or more than $2.2 million, in fees.
Up to $10,000 could go to named plaintiff Christine Bryant as class representative. The settlement administrator would be paid $90,000.
The remainder would be prorated to class members who submit valid claim forms.
According to the motion, if 12.5% of class members submit successful claims, class members could expect to receive "over $500" each. The lawyers said that class claims rate has been established as a sound estimate in other similar BIPA settlements
The Werman Salas laywers, representing a class of plaintiffs led by Bryant, sued Compass Group in 2019, alleging Compass violated the Illinois Biometric Information Privacy Act by failing to secure authorization from customers before requiring them to scan a fingerprint when using their vending machines.
According to the complaint, Bryant used the vending machines in the cafeteria of her employer, a Rockford call center. Bryant said her employer told her during hiring to establish a Compass account.
The case to this point has produced significant decisions, which have influenced the direction and outcome of many other class actions brought under the BIPA law.
The BIPA law has been used by a growing number of class action plaintiffs' firms to bring thousands of lawsuits in the past six years against all manner of businesses operating in Illinois. Many of the lawsuits have particularly been used to target employers of all types and sizes, which require workers to scan fingerprints or other so-called biometric identifiers to verify their identity when punching the clock or accessing secure areas in the workplace.
However, a number of such class actions have also targeted businesses, like Compass Group, which either require or encourage customers to scan their fingerprints or other biometrics to make purchases or access services, like rewards programs.
Such class actions typically accuse businesses of failing to obtain consent or provide certain notices to people before scanning and storing their fingerprints or other biometrics.
Whether plaintiffs are employees or customers, businesses targeted by BIPA class actions face potentially staggering losses, should the case go to trial. Under the BIPA law, plaintiffs can demand damages of $1,000-$5,000 per violation. Individual violations have been defined by courts to include each time a person scans a biometric, which could leave businesses on the hook for millions or even billions of dollars in potential damages, depending on the nature of their work and how many employees or customers they may have.
At the same time, courts have routinely denied businesses nearly all avenues of defense deployed thus far against such lawsuits, particularly in state court. This has led many businesses sued under the BIPA law to settle, typically paying settlements ranging from hundreds of thousands of dollars up to $25 million to end the lawsuits.
In the Compass Group case, a federal appeals court in Chicago used Bryant's action in May 2020 to rule on the question of whether such BIPA class actions over fingerprint scans can even be heard in federal court.
Bryant originally filed the class action lawsuit against Compass Group in Cook County Circuit Court. Compass, however, wanted it removed to federal court in an attempt to limit is liability exposure.
However, Bryant challenged that strategy, arguing she didn’t intend to claim legal harm under BIPA. Under the U.S. Supreme Court decision in Spokeo v. Robins, Bryant would have needed to prove she suffered “concrete” injury to allow the lawsuit to proceed in federal court. Bryant wanted the case to remain in state court, where an Illinois Supreme Court decision in Rosenbach v. Six Flags established plaintiffs need only show a defendant violated the technical notice and authorization procedures to bring their lawsuit and cash in on a potential large judgment or settlement.
Although U.S. District Judge Virginia Kendall agreed with Bryant and sent the case back to Cook County court, the Seventh Circuit panel said Bryant alleged Compass, by failing to provide the notices BIPA requires, deprived her of the choice to provide informed consent for collection of fingerprint data. That deprivation counts as a concrete injury suitable for litigation in federal court, the appeals panel ruled.
Then in November, Kendall rejected Compass’ attempt to end the lawsuit by targeting BIPA as unconstitutional. Compass argued BIPA conflicts with the state constitution’s prohibition on so-called “special legislation” because the law exempts state and local governments, as well as banks and other financial institutions, from legal liability. Kendall said lawmakers excluded banks from BIPA because federal laws control their privacy obligations, while government units have sovereign immunity.
Plaintiffs are represented by attorneys Douglas M. Werman and Zachary C. Flowerree, of Werman Salas.
Compass Group has been represented by attorneys Molly K. McGinley and Joseph C. Wylie II, of K&L Gates LLP, of Chicago.
Jonathan Bilyk contributed to this report.