Months after settling a class action lawsuit with its workers, hotel chain Hyatt remains locked in a related action over who should pay the settlement bill, as Hyatt seeks a court order forcing human resources tech vendor Kronos to shoulder at least a portion of the blame and the cost for allegedly improperly compelling workers to scan their fingerprints when punching the clock at work.
In January, a Cook County judge granted final approval to a $1.1 million deal between Hyatt and a class of about 1,200 hotel workers. The settlement would end a class action lawsuit brought on behalf of the workers, which had continued in court since 2017.
The lawsuit, which was filed by attorneys with the firms of McGuire PC, the Khowaja Law Firm and the Law Office of James X. Bormes, all of Chicago, representing named plaintiff Robin Rapai.
Lisa Handler Ackerman
| wilsonelser.com
The lawsuit accused Hyatt of violating the Illinois Biometric Information Privacy Act by requiring workers to scan their fingerprints to verify their identity when punching in and out of work shifts, but without first obtaining the workers’ written consent, and without first disclosing to workers how their so-called biometric data would be collected, used and ultimately destroyed.
They asserted the company was required to abide by such notice and consent requirements under the BIPA law.
In recent years, those firms and a growing cadre of other class action plaintiffs lawyers have launched a blitz of class action suits against employers, tech companies and a wide variety of other businesses, of many different types and sizes. While supporters of the Illinois biometric law said it was intended to protect Illinois residents from identity theft, critics say the law’s provision allowing private people to bring lawsuits for even technical violations of the law have transformed the BIPA law into a “gotcha” statute, leaving businesses targeted by such lawsuits little option but to shell out millions of dollars to end the suits, rather than risk an even bigger loss at trial.
The law allows plaintiffs to demand damages of $1,000 or $5,000 per violation, depending on the severity. To this point, defendants have feared the law could be interpreted to define an individual violation as each time a company scans someone’s biometrics without first abiding by the notice and consent provisions.
The Illinois Supreme Court is expected to soon weigh in on that question.
However, for now, employers, in particular, have expressed concern that the law could leave them on the hook for ruinous financial damages, for inflicting no real harm on anyone.
In the Hyatt case, the hotel chain agreed to pay $1.1 million. Under the settlement, plaintiffs lawyers would get 40%, or about $427,000. The settlement would then pay about $1,500 to each of the 1,187 Hyatt hotel workers included in the class action.
However, before that settlement was reached, Hyatt filed a suit against Kronos. In that so-called third party action, Hyatt asserted Kronos, as the supplier of the hotel’s biometric timeclocks, should bear at least part of the liability for the alleged BIPA violations.
Hyatt claimed it was the Lowell, Massachusetts-based Kronos that actually collected, stored and transmitted the fingerprint scans for Hyatt employees.
For its part, Kronos also has been targeted by BIPA class actions, as well, either directly or as a co-defendant in lawsuits brought against employers to whom Kronos supplied timeclocks.
In February 2022, Kronos agreed to pay $15 million to settle a large number of those class actions. Lawyers, from the firms of Edelson PC and Stephan Zouras, of Chicago, would receive $5 million of that settlement fund, while 172,000 class members would get about $300-$500 each.
However, despite those settlements, the legal tiff between Hyatt and Kronos has continued.
In March, Kronos asked Cook County Judge Anna Helen Demacopoulos to dismiss Hyatt’s claim. In its motion to dismiss, Kronos claimed neither its contract with Hyatt nor the BIPA law should allow Hyatt to force Kronos to aid Hyatt.
“Kronos did not agree to undertake compliance on Hyatt’s behalf or otherwise indemnify Hyatt against its own negligent failure to comply with BIPA when using the time clocks,” Kronos wrote in its motion. “Hyatt alone is responsible for its own duties under BIPA.”
Kronos asserted this understanding is supported by numerous BIPA-related court decisions issued in the past few years.
“… Hyatt’s payments to the settlement class in the Rapai Lawsuit are for Hyatt’s separate and distinct alleged improper collection and use biometric data,” Kronos wrote. “Not for any actions or activities of Kronos.”
In a response filed May 17, Hyatt said Kronos has misinterpreted its obligations under the contract.
Regardless of the text of BIPA, Hyatt said Kronos, in its contract, agreed to “process (Hyatt’s) personnel information in compliance with applicable laws and not obtaining all necessary consents for its activity.”
“Put another way, Kronos has liability for its Products or Services that do not comply with its obligations to perform its duties lawfully and without obtaining necessary consents,” Hyatt wrote in its reply.
Further, Hyatt argued Kronos has improperly attempted to define its “contractual obligations” as “legal compliance services,” which would allow it to avoid Hyatt’s claims.
“Fatal to Kronos’ argument is that there is no support in its Contract, or in the text of BIPA, to label its contractual obligation (or breaches thereof) as legal compliance services,” Hyatt wrote.
“… The Contract is clear – Kronos agreed to Process Personnel Information in compliance with applicable laws and obtain necessary consents to conduct its activities,” Hyatt wrote. “The Amended Third-Party Complaint alleges that Kronos was the only party with access to this data, and that it failed to meet the foregoing obligations.”
Kronos has until June 15 to reply to Hyatt’s response. The judge’s ruling on Kronos’ dismissal request would follow at some point after.
Hyatt is represented in the action by attorney Lisa Handler Ackerman, of the firm of Wilson, Elser, Moskowitz, Edelman & Dicker, of Chicago.
Kronos is represented by attorneys Erin Bolan Hines, Melissa A. Siebert and Maveric Ray Searle, of Shook Hardy & Bacon, of Chicago.