March 31, 2023

Volume XIII, Number 90
Advertisement

76

New Articles
Bottom Row Image
Advertisement

March 31, 2023

Subscribe to Latest Legal News and Analysis

March 30, 2023

Subscribe to Latest Legal News and Analysis

March 29, 2023

Subscribe to Latest Legal News and Analysis

March 28, 2023

Subscribe to Latest Legal News and Analysis

Article By

Hunton Andrews Kurth’s Privacy and Cybersecurity

Hunton Andrews Kurth
Privacy and Information Security Law Blog-Hunton Andrews Kurth

Related Practices & Jurisdictions
Advertisement

Five Guys Hit with BIPA Class Action

Tuesday, January 3, 2023

On December 20, 2022, a former employee in Illinois brought a class action suit against Five Guys Enterprises, LLC (“Five Guys”), a burger chain, alleging that Five Guys violated the Illinois Biometric Information Privacy Act (“BIPA”). 

According to the complaint filed in the Northern District of Illinois Eastern Division, Five Guys utilizes a time clock system that require employees to scan and input their fingerprints or thumbprints to log in and out of the time clock system. The suit was brought by a former shift manager and the proposed class includes all current and former employees of Five Guys in Illinois, who had their biometric information or biometric identifiers collected, captured and otherwise obtained by Five Guys’ fingerprint or thumbprint based time clock technology within the last five years.  

Five Guys allegedly failed to obtain informed written consent from its employees prior to the collection of their biometric identifiers or biometric information in violation of BIPA. The complaint further alleges that Five Guys failed to develop and publish written policies regarding the retention and destruction of biometric identifiers and biometric information, as is required by BIPA. In addition, the complaint alleges that Five Guys does not destroy biometric identifiers or biometric information after the “initial purpose for collecting or obtaining such identifiers or information has been satisfied,” as required by BIPA. In effect, Five Guys’ failure to comply with BIPA has allegedly resulted in the unlawful retention of the plaintiff and proposed class members’ biometric identifiers and biometric information and resulted in harm to such individuals. 

Under BIPA, a prevailing party may recover liquidated damages of $1,000 or actual damages, whichever is greater, against an entity that negligently violates the law. If the entity intentionally or recklessly violates BIPA, the prevailing party may recover liquidated damages of $5,000 or actual damages, whichever is greater. The complaint states, “[g]iven the length of the plaintiff’s employment with [Five Guys], and the number of times plaintiff’s biometric information was used by [Five Guys’] biometric time clock system, the plaintiff could recover more than $75,000 in statutory damages by merely using [Five Guys’] technology a minimum of seventy-five (75) times.”

Copyright © 2023, Hunton Andrews Kurth LLP. All Rights Reserved.National Law Review, Volume XIII, Number 3
Advertisement
Advertisement
Advertisement

About this Author

Hunton Andrews Kurth’s Privacy and Cybersecurity

In today’s digital economy, companies face unprecedented challenges in managing privacy and cybersecurity risks associated with the collection, use and disclosure of personal information about their customers and employees. The complex framework of global legal requirements impacting the collection, use and disclosure of personal information makes it imperative that modern businesses have a sophisticated understanding of the issues if they want to effectively compete in today’s economy.

Hunton Andrews Kurth LLP’s privacy and cybersecurity practice helps companies manage data and...

[email protected]
212 309 1223 direct
www.huntonak.com