A federal appeals court has given the go-ahead to a class action lawsuit that claims Facebook face recognition for photos is illegal in Illinois…

NordVPN

Facebook applies face recognition to uploaded photos in order to suggest friends to tag. When you tag someone in one or more photos, Facebook will attempt to recognize that face in other photos to offer tag suggestions.

A group of Facebook users from Illinois claimed as long ago as 2015 that this was illegal in the state, violating the Biometric Information Privacy Act. Progress since then has been slow. It took until 2018 to get the case certified as a class action suit, but Facebook appealed, claiming that each case was unique and must be heard individually.

Reuters reports that Facebook’s argument has now been dismissed, allowing the class action suit to proceed.

A federal appeals court on Thursday rejected Facebook Inc’s effort to undo a class action lawsuit claiming that it illegally collected and stored biometric data for millions of users without their consent.

The 3-0 decision from the 9th U.S. Circuit Court of Appeals in San Francisco over Facebook’s facial recognition technology exposes the company to billions of dollars in potential damages to the Illinois users who brought the case […]

“This biometric data is so sensitive that if it is compromised, there is simply no recourse,” Shawn Williams, a lawyer for plaintiffs in the class action, said in an interview. “It’s not like a Social Security card or credit card number where you can change the number. You can’t change your face.”

Facebook had also argued that it had no case to answer.

We have always disclosed our use of face recognition technology and that people can turn it on or off at any time.

But Circuit Judge Sandra Ikuta ruled that it should proceed.

She also said the 2008 Illinois law was intended to protect individuals’ “concrete interests in privacy,” and Facebook’s alleged unauthorized use of a face template “invades an individual’s private affairs and concrete interests.”

The court returned the case to US District Judge James Donato in San Francisco, who had certified a class action in April 2018, for a possible trial.

Illinois’ biometric privacy law provides for damages of $1,000 for each negligent violation and $5,000 for each intentional or reckless violation.

Although the law allows for relatively small amounts of damages, these would apply for every single tag suggestion, so the potential total sum could run into billions of dollars.

Facebook was recently fined a record $5 billion by the US Federal Trade Commission for the Cambridge Analytica scandal and other privacy breaches — a sum equivalent to around 9% of the company’s 2018 revenue.

FTC: We use income earning auto affiliate links. More.

Photo: Shutterstock


Check out 9to5Mac on YouTube for more Apple news:

About the Author

Ben Lovejoy's favorite gear