Three plaintiffs have filed a putative class-action lawsuit in Delaware federal court against Amazon Web Services, Inc. (AWS) and Pindrop Security, Inc., alleging that the companies illegally collected their biometric voiceprints when they telephoned a financial institution’s call center. Monday’s filing comes several weeks after a similar suit was dismissed for want of personal jurisdiction. That 2019 suit was filed against AWS and Pindrop by the same plaintiffs and some of the same counsel for alleged Illinois Biometric Information Privacy Act (BIPA) violations stemming from voiceprint collection practices.
The plaintiffs in both suits are Illinois residents who claim that they made calls to John Hancock Life Insurance Company call centers. When they did so, information including their phone numbers and unique voiceprints were allegedly recorded.
According to the complaint, John Hancock makes use of AWS’s call center services branded under the name “Amazon Connect,” which, in conjunction with Pindrop’s voice analytic technology, uses call center customers’ voiceprints to confirm their identity over the phone. Pindrop offers several technologies including its “Deep Voice” product uses that biometric information to identify repeat callers. Ultimately, the AWS-Pindrop system works to “match callers, based on their voice biometrics, with other personally identifiable information, including location,” the complaint explains.
The plaintiffs claimed that when they called John Hancock, their calls were recorded and sent to Pindrop for processing. The “output” of that processing was allegedly returned to AWS servers. AWS then stored their “biometric templates on its servers” as part of the companies’ arrangement.
The complaint contended that these practices violate BIPA because the companies failed to obtain the plaintiffs’ consent, failed to destroy biometric data, have disclosed that data, and have profited from its use. The plaintiffs sought to represent a class consisting of “Illinois citizens who placed one or more phone calls to, or received one or more phone calls from, an entity using Amazon Connect and Pindrop’s voice authentication and/or fraud detection technology, from December 17, 2014 until present.”
For the alleged harm, the plaintiffs requested that the court certify the proposed class, award actual and statutory damages, enjoin the defendants from further violating BIPA, and reimburse them their attorneys’ fees and litigation costs, among other things.