PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

The Trouble with Spokeo: Standing, Privacy Harms, and Biometric Information

Rivera v Google BIPA - Illinois Biometric Information Privacy Act - Facial Recognition - Spokeo

A recent case involving the Illinois Biometric Information Privacy Act (BIPA), Rivera v Google (N.D. Ill. No. 16 C 02714, Dec. 28, 2018), puts the ills of Spokeo Inc. v. Robins on full display.  In Riveraplaintiffs sued Google under BIPA, which prohibits companies from collecting and storing specific types of biometric data without people’s consent.  The plaintiffs alleged that Google collected and used their face-geometry scans through Google Photos without their consent.  Google’s face recognition feature is defaulted to being on unless users opt out.  Instead of addressing the merits of the plaintiffs’ lawsuit under BIPA, the court dismissed the case for lack of standing based on Spokeo, a fairly recent U.S. Supreme Court case on standing.

Spokeo is a terrible decision by the U.S. Supreme Court.  It purports to be an attempt to clarify the test for standing to sue in federal court, but it flunks on clarity and coherence.  I previously wrote an extensive critique of Spokeo when the decision came out in 2016.

Beyond Spokeo‘s incoherent mess, there is another part of the opinion that is far worse — Spokeo authorizes courts to override legislatures in determining whether there’s a cognizable privacy harm under a legislature’s own statute.  This part of Spokeo is a major usurpation of legislative power — it undermines a legislature’s determination about the proper remedies for violations of its own laws.

Continue Reading

The New Identification: The FBI’s Biometric Database

Fingerprint Biometric

From CNN:

The FBI is gearing up to create a massive computer database of people’s physical characteristics, all part of an effort the bureau says to better identify criminals and terrorists.

But it’s an issue that raises major privacy concerns — what one civil liberties expert says should concern all Americans.

The bureau is expected to announce in coming days the awarding of a $1 billion, 10-year contract to help create the database that will compile an array of biometric information — from palm prints to eye scans.

Kimberly Del Greco, the FBI’s Biometric Services section chief, said adding to the database is “important to protect the borders to keep the terrorists out, protect our citizens, our neighbors, our children so they can have good jobs, and have a safe country to live in.”

But it’s unnerving to privacy experts.

“It’s the beginning of the surveillance society where you can be tracked anywhere, any time and all your movements, and eventually all your activities will be tracked and noted and correlated,” said Barry Steinhardt, director of the American Civil Liberties Union’s Technology and Liberty Project.

The FBI already has 55 million sets of fingerprints on file. In coming years, the bureau wants to compare palm prints, scars and tattoos, iris eye patterns, and facial shapes. The idea is to combine various pieces of biometric information to positively identify a potential suspect.

Continue Reading

Biometrics and the “Titanic Phenomenon

Biometric Privacy and the Titanic Phenomenon

Washington Post article discusses the growing use of biometric identification, which involves authenticating identity by using immutable characteristics of the human body.  Some methods include fingerprint readers, iris scanners, and facial recognition systems.  According to the article:

Continue Reading