A class-action lawsuit filed last month in Macoupin County Circuit Court claiming that the owners of Shay Coal Mine No. 1, located between Gillespie and Carlinville, and Deer Run Mine near Hillsboro violated provisions of the state’s biometric information privacy act (BIPA) when it required miners to clock in and clock out of their shifts using time clocks that captured images of their hands could generate damages in the hundreds of thousands of dollars if plaintiffs’ attorneys are successful in pressing the claim.
The suit, filed Aug. 16, in Macoupin County Circuit Court by St. Louis attorneys Brandon Wise and Paul A. Lesko, claims the defendants—Macoupin Energy and Maryan Mining, both based in rural Carlinville, and Hillsboro Energy and Patton Mining, both based in Hillsboro—violated miners’ rights when they allegedly began using handprints for miners to clock in and clock out. Primary plaintiffs are Robert Yeske, a Montgomery County man who worked at the Shay No. 1 Mine from 2011 to December 2016, Dan Hopley, a Cass County man who worked as a miner at the Deer Run Mine from 2010 to August 2015, and Ronald Stout, a Madison County man who was a miner at Deer Run from May 2012 to late 2014. In addition, the suit identifies a “class” of plaintiffs similarly situated as the primary plaintiffs. The size of the class is not known, according to the suit, and will be determined from records the defendants are expected to produce for the court. The suit speculates, however, that the class of plaintiffs—including former and current miners—may exceed 200. Some of those plaintiffs are included, the suit says, because they may have been precluded from filing suit on their own because of fear of reprisals from the companies for which they work.
BIPA specifies damages for violations of the act in the amount of $1,000 per incident or actual damages, whichever is greater. With each employee clocking in and clocking out once each day they worked, the amount of the damages sought could amount to $2,000 per day for each day each of the more than 200 employees used the biometric time clocks to clock in and out of their shifts.
The amount of the damages sought could amount to $2,000 per day for each day each of the more than 200 employees used the biometric time clocks to clock in and out of their shifts.
In addition to a monetary judgment, the suit seeks an injunctive order requiring the defendants to comply with provisions of BIPA if they are found to be in violation of the law.
The suit demands a jury trial.
The Illinois General Assembly passed BIPA in 2008, but the Macoupin County lawsuit appears to be one of only a handful of suits filed statewide to define the limits of the relatively new law. In essence, BIPA precludes private entities from collecting and storing biometric data without getting advance permission in writing. The law defines biometric data as such things as handprints, fingerprints and retina scans—biological attributes that are specific to particular individuals. Preventing the misuse of biometric data is important to lawmakers and individuals because biometrics are increasingly being used to confirm identity in financial transactions and because of the potential for biometric data to be used to facilitate identity theft if it falls into the wrong hands. Among other things, the legislation attempts to control the potential for private parties who collect biometric data from selling that data to third parties.
In the past, social security numbers have been vulnerable to identity theft, but in the event a social security number is compromised there are remedies to correct the situation, according to the suit. “A person can obtain a new social security number, but not a new hand, which makes the protection and control over biometric data particularly important,” the lawsuit argues.
According to the suit, BIPA requires private parties who intend to collect biometric data to obtain a written release from the subjects of such collection prior to initiating the practice. It also requires the entities to disclose in writing the purpose of collecting the data, how it will be used, how long it will be stored and how long it will be kept once the need for it has expired. The law precludes private parties from coercing or forcing individuals to consent to the collection of biometric data and requires the collectors of biometric data to disclose who has access to the information.
The suit demands a jury trial.
The suit alleges the defendants “captured, collected, stored and recorded biometric information of their Illinois employees without properly obtaining a written executed release and without making required disclosures concerning the collection, storage, use or destruction of the information.”
The plaintiffs’ attorneys argue that they want to use the court to determine on behalf of the primary plaintiffs and the class whether the defendants’ conduct has violated BIPA, whether the conduct was negligent, reckless or willful, and whether the plaintiffs are entitled to damages and injunctive relief. Further, the suit seeks to clarify whether the defendants obtained written executed releases from its employees before capturing biometric information, whether the defendants disclosed in writing the length of time biometric data would be stored and used, whether a written release from employees was a condition of their employment, and whether the defendants disclosed a written policy for destroying biometric data when the initial purpose for collecting it has been satisfied or within three years of the individual last interaction with the entity collecting the data.
While the suit was filed about a month ago, it only recently became available for public review. The file was temporarily held by Circuit Judge Kenneth R. Deihl pending an order to grant the use of a special process server to serve summons of the suit on the defendants. That order was signed Aug. 28 and the case was returned to the general file.