It’s well-known that Facebook uses an algorithm that can recognize a person based on information in photographs. It’s a little creepy, sure, but is it illegal?
Earlier this week, a court ruled against Facebook in a lawsuit that alleged the company unlawfully collected biometric data pertaining to faces in photos without users’ consent, according to CNET.
The plaintiffs, three people who sued the company separately but were joined into one suit, alleged that under Biometric Information Privacy Act (BIPA), a 2008 Illinois statute, corporations can’t use an individual’s biometric data without the person’s consent. This includes anything from fingerprints to facial geometry, but doesn’t include photographs. However, Judge James Donato ruled that because “Facebook scans user-uploaded photographs to create a ‘unique digital representation of the face . . . based on geometric relationship of their facial features,’” it falls under BIPA.
Facebook also submitted a motion to get the case thrown out based on the fact that any user agreements fell under California law. The judge denied this request.
“The Court accepts as true plaintiffs’ allegations that Facebook’s face recognition technology involves a scan of face geometry that was done without plaintiffs’ consent,” Judge James Donato wrote. “Consequently, they have stated a plausible claim for relief under BIPA.”
Court documents go on to state that Facebook wasn’t transparent about its privacy settings in its user agreement, which is not the first time the company has heard such complaints.
“The use of a single ‘Sign Up’ click to activate an account and accept the terms of service presents a serious question of whether Facebook provided reasonable notice of its agreement terms and whether the user truly manifested assent to them,” Donato wrote.
The matter is set for a case management conference in June.
We’ve reached out to Facebook for comment, and will update if we hear back.