Biometric data is a digital translation of self which endures in its accuracy for one’s entire lifespan. As integral elements of modern life continue to transition their operations exclusively online, the verifiable “digital self” has become indispensable. The immutable and sensitive nature of biometric data makes it peculiarly vulnerable to misappropriation and abuse. Yet the most frightening is the unknown. For an individual who has had their digital extension-of-self covertly stolen or leaked, the dangers that lie in the technology of the future are innumerable. The Illinois legislature recognized the danger associated with the cavalier collection and handling of biometric data in 2008, passing the Biometric Information Privacy Act (BIPA) to facilitate a higher standard for consumer protection. BIPA’s key feature is a private right of action awarding not less than $1,000 for each instance of non-compliance with certain enumerated data collection and handling procedures. In the years since its enactment, classes of Illinois plaintiffs have successfully won multimillion-dollar judgments in state court. However, when an out-of-state defendant removes to federal court, Article III standing often proves to be an insurmountable threshold for the plaintiff class. This issue delays the plaintiff class’s relief and undermines the goal of the Illinois legislature. This Comment summarizes the state of legal protection of biometric data in the United States. It then explains the development of Article III standing doctrine as it pertains to statutorily prescribed privacy harms. Next, this Comment reviews Article III standing in the context of BIPA litigation specifically. Finally, it recommends an articulation of the injury at the heart of BIPA likely to confer Article III standing to assist plaintiff’s counsel in evading the quagmire. It is a call to attention and a call to arms; biometric data handling requires the same care as the handling of the physical body.

First Page