Amazon Web Services Inc. (AWS) faces an Illinois Biometric Information Privacy Act (BIPA) suit after Monday’s complaint volleyed allegations that it surreptitiously collects, uses, and stores Illinois residents’ biometric data.
The complaint specifies that AWS provides a facial recognition service called Amazon Rekognition. According to the complaint it “uses machine vision and algorithmic classification techniques to map human facial geometry and analyze the resulting data to, for example, check whether two photographs depict the same individual.”
The filing further explains that thousands of companies use Rekognition to identify individuals by their facial geometry, and in those circumstances, an individuals’ biometric data is stored not only by Rekognition customers on the cloud, but also by AWS on its servers.
Yet, consumers are largely ignorant of AWS’s Rekognition owing to the fact that it is a “behind-the-scenes service,” the complaint says. In fact, when consumers use mobile apps or online services that use facial recognition to verify their identity, AWS is purportedly collecting and storing their biometric data.
The plaintiff alleges her information was captured by the defendant when she signed in to use examine software made by AWS client ProctorU to take college exams in Chicago, Ill.
The complaint fingers AWS for disregarding rights set forth by BIPA that protect individuals’ privacy. The two claims for relief correspond to BIPA provisions requiring the disclosure of certain biometric data collection practices, including information destruction practices, as well as instances mandating user consent.
The Seattle, Washington-filed complaint seeks injunctive relief halting the allegedly illegal practices as well as statutory damages of up to $5,000 per intentional/reckless violation and up to $1,000 per negligent violation of BIPA for the plaintiff and putative class. They are represented by Carson Noel PLLC, Edelson PC, Bursor & Fisher P.A., and Carney Bates and Pulliam PLLC.