Major Retail Chain Hit With Lawsuit For Collecting Personal Data of Shoppers Without Consent

An Illinois woman has taken legal action against Target. She claims the retail chain illegally collected her biometric data, including facial and fingerprint scans, without permission. This breach of privacy is the basis of a class action lawsuit aimed to protect the rights of state residents.

Arnetta Dean filed the lawsuit in Cook County last month. She alleges that Target's use of surveillance technology in their Illinois stores violates state law by secretly gathering customers' biometric data without their consent.

The lawsuit specifically points to cameras equipped with facial recognition technology that capture this data covertly. "Target does not notify customers of this fact prior to store entry, nor does it obtain consent prior to collecting its customers’ Biometric Data," the document states.

Target is accused of breaching Illinois' Biometric Information Privacy Act (BIPA). This law requires explicit consent and full disclosure from companies before collecting biometric information. The lawsuit claims Target failed to provide this to their customers.

BIPA, established in 2008, mandates that Illinois companies must inform and obtain consent from individuals before collecting their biometric data. They must also outline how long the information will be stored and the exact purpose of its collection.

The lawsuit emphasizes the unique risks associated with biometric data. Unlike other identifiers like social security numbers, biometric data is inherently personal and irreplaceable, increasing the risk of identity theft if compromised.

Target's sophisticated surveillance system is also under scrutiny. It includes multiple investigation centers and labs designed to enhance video footage and analyze fingerprints, primarily to detect shoplifting. However, it captures more than just potential criminals.

The law provides for significant penalties under BIPA—up to $5,000 per violation for intentional breaches, along with potential legal fees. Dean is pursuing these damages, aiming for the maximum penalty for what the lawsuit describes as reckless violations.

This case against Target is part of a broader trend. Several major companies, including Facebook, Google, Snapchat, and TikTok, have faced similar lawsuits under BIPA. In 2022, Facebook settled a BIPA lawsuit for $650 million, with affected users receiving significant payouts.