Court Sends Former Chicago Uber Drivers’ BIPA Claims Against Microsoft Back to State Court

Part of an Illinois Biometric Information Privacy Act (BIPA) case filed by Uber drivers who claimed Microsoft Corporation illegally captured and used their facial biometrics has been returned to state court. Wednesday’s ruling said that the plaintiffs lack constitutional standing to bring two of their BIPA claims, warranting partial remand.

The court explained that when each Illinois driver plaintiff engaged Uber for work, they had to register and submit their name, vehicle information, driver’s license, and a profile picture to Uber through its mobile application. Additionally, and to gain access to Uber’s platform to begin accepting ride calls, each driver had to photograph their face in real time through Uber’s “Real Time ID Check” security feature.

The opinion says that Uber required the plaintiffs to do so without their knowledge that their pictures were transferred to Microsoft’s Face Application Programming Interface, integrated into Uber’s application as a security feature. “Microsoft’s Face API collected and analyzed Plaintiffs’ facial biometrics to create a ‘geographic template’ that it compared to the geographic template from the original profile picture to verify their identities,” the opinion said.

Yet according to the drivers, Microsoft profited from receiving their information but neither obtained their written consent, nor made its public policy available regarding retention and deletion of their biometric information. In June 2021, Microsoft removed the case to federal court. 

This week’s opinion considered the plaintiffs’ challenge to the federal court’s jurisdiction of some of their state law BIPA claims, noting that “[i]n an uncommon twist on a common theme,” the plaintiffs argue that in light of two recent Seventh Circuit cases, they lack Article III standing to pursue their claims under BIPA Sections 15(a) and 15(c) of BIPA in federal court.

Microsoft countered, but the court sided with the plaintiffs, finding that for their privacy policy publication claim, their allegations were insufficient to allege concrete injury.

With regard to their biometric data use and dissemination claim, the court explained that the standing determination turned on a question of state versus federal court authority. Looking at both state and federal precedent as well as the Seventh Circuit’s view of the Erie doctrine, “the answer to that question is no,” the opinion said.

The court noted that should state court precedent change by ruling of the Illinois Supreme Court, Microsoft is free to challenge the remand decision with regard to the BIPA use and dissemination provision claim.

The plaintiffs are represented by McGuire Law P.C. and Microsoft by Bradley Riley Jacobs PC and Orrick, Herrington & Sutcliffe LLP.