How the Illinois Biometric Information Privacy Act Impacts Your Company


Does your company have operations in Illinois and one of the following? 

  • A biometric time clock?
  • Doors that require a fingerprint to open?
  • Any facial recognition software?

If you answered yes to any of those questions, you need to be aware of the Illinois Biometric Information Privacy Act (“BIPA”), which regulates private entities’ collection, storage, use, and transmission of biometric identifiers and biometric information. Biometric information includes, for example, fingerprints or retina, voice, or face scans. BIPA requires anyone who collects, captures, purchases, obtains, shares, or discloses biometric information – including employers – to first inform the person, disclose the purpose and duration of the storage, and obtain informed written consent.

BIPA violations can result in a $1,000 penalty for each negligent violation, a $5,000 penalty for each willful or reckless violation, and the payment of an opponent’s attorneys’ fees and litigation costs. While two other states have implemented similar laws, Illinois is currently the only state to provide a private right of action, and many BIPA lawsuits are being filed in Illinois.

Be Proactive and  Assess Compliance Risks

  • Determine whether your company collects or uses any of the following, either internally or in client services or products:
    • retina or iris scans
    • fingerprints
    • voiceprints
    • scans of hand or face geometry
  • If your business collects or uses any of the above, BIPA’s notice, consent, and data retention requirements may apply to you.

Reach Out to Learn More

If you are concerned that BIPA’s reach could impact your business and you would like assistance in reviewing your BIPA exposure, implementing a compliance plan, or determining your insurance coverage, please contact a Honigman Cybersecurity and Privacy attorney.

Related Professionals

Media Contact

To request an interview or find a speaker, please contact:

Jump to Page

Necessary Cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Analytical Cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.