Judge James Robart, of the Western District of Washington, has granted Microsoft Corporation’s motion for summary judgment. He found that plaintiffs Steven Vance and Tim Janecyk did not have sufficient evidence to argue that Microsoft used their biometric data within the state of Illinois or enough evidence to argue that Microsoft profited from their biometric data.
At issue in this case is Illinois’ Biometrics Information Privacy Act (BIPA), which prohibits companies from profiting from their users’ biometric information, in this case facial scans from photographs.
Beginning in 2008, the plaintiffs both uploaded photographs including ones of themselves to Flickr, a photo-sharing website. In 2014, Yahoo, Flickr’s then parent company, publicly released a 100 million photo dataset including photos of the plaintiffs. Approximately five years later, researchers at IBM used one million of those photos to create a photo dataset for testing facial recognition software for racial and gender bias. This dataset included annotations noting the biometric face-mapping information of the photographs.
As detailed in the order, two separate researchers obtained this dataset for separate projects within Microsoft. However, neither used face-mapping annotations, nor ended up using the dataset at all in their projects.
Judge Robart ruled in favor of Microsoft on two counts. First, the plaintiffs could not demonstrate that their biometric information was solicited or stored in Illinois, so the dormant Commerce Clause of the Constitution applies. Second, because neither researcher at Microsoft used the biometric information or even the dataset as a whole, Microsoft could not be said to have profited from plaintiffs’ protected information.