In a test of the enforceability of the Illinois Biometric Information Privacy Act, the Illinois Supreme Court ruled that a 14-year-old boy was entitled to statutory damages – between $1,000 to $5,000 – after a Six Flags amusement park issuing a season pass didn’t get his express permission before fingerprinting him.
"The Illinois law does not specify that the individual has to suffer any cognizable harm in order to collect damages,” which has placed it at odds with the U.S. Supreme Court’s Spokeo ruling, said Dorsey & Whitney Partner Robert Cattanach.
In Spokeo the court said “that absent some cognizable harm, individuals complaining of privacy violations had no standing to bring actions against entities alleged to have violated their privacy,” said Cattanach. If the ruling is “allowed to stand – an appeal to the United States Supreme Court would appear to be likely – the Illinois Court’s ruling would signal a significant sea change in how courts allow claims without actual damages to proceed, and open the floodgates to class actions claiming privacy violation seven without any showing of actual harm,"
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.