Privacy rights advocates have questioned the legality of some biometrics data collection methods of dating sites as more companies use biometric identifiers in their apps, such as fingerprint, face recognition technology, and iris scans.
Despite its potential benefits for online dating, new technology also poses risks to privacy that should be addressed to keep individuals safe from potential misuse, theft, and identity theft of biometric data.
Biometric invasion of privacy laws already exists in a few states, but federal lawmakers have not passed a universal law. American workers, however, have legal protections against many companies that create security and privacy standards that fail to protect them fully.
Under Illinois’ biometrics privacy law, the operators of the dating apps Match and Tinder are now the target of a potentially massive class action, the same law that resulted in hundreds of millions of dollars in settlements against Facebook and Google.
Tinder and Match Illegally Collected Biometric Data
It is alleged that Match and Tinder illegally stored biometric data on their users, resulting in a class action lawsuit in Illinois.
Illinois’ Biometric Information Privacy Act is alleged to be violated by Tinder’s storage of this sensitive data. According to the lawsuit, Tinder’s photo verification features collect data such as physical characteristics and body measurements.
Tinder is being sued for improperly storing and managing this data as well as failing to adequately inform users how it will handle it.
This biometric data could be misused by hackers, as those leading the complaint warn. A biometric is a permanent feature of a person that can never be changed, unlike a password, for example.
Several Illinois residents have filed the lawsuit on behalf of all residents of the state who have shared their biometric information with Tinder. They hope that the court will ensure that biometric data is stored following state law by seeking statutory damages.
What the Lawsuit Entails
According to the lawsuit, Match scans the facial geometry of Tinder users improperly. Using Tinder’s profile verification, users can earn a blue checkmark on their profile, which signifies that their profiles have been “verified.”.
Video selfies are uploaded to Tinder under those processes. After this scan, Tinder confirms that a real person took the video, a live person and that no digital manipulation was involved in the process.
According to the system, it scans other photos Tinder users submit and reads the facial geometries to come up with a facial geometry template or number that is unique for comparing other photos.
Users’ identities can still be verified using facial recognition technology according to the lawsuit. The Tinder verification process has been used by all named plaintiffs since 2020, according to the complaint.
Match and Tinder are accused of failing to obtain written consent from Illinois Tinder users as well as provide certain notices to those users regarding the use, storage, sharing, and destruction of their facial scans, under Illinois BIPA law, according to the lawsuit.
Ultimately, the number of people involved is not estimated in the complaint. Tinder is estimated to be used by 7.8 million Americans per month in the U.S. Chicago is a city with one of the highest percentages of active Tinder users.
Potential Monetary Settlement
Other social media platforms and photo-sharing apps have also been sued over notice and consent requirements for photographic face scans. A $650 million settlement was reached with Facebook, while a $100 million settlement was reached with Google.
In the Facebook settlement, eligible class members received $400 each, and in the Google settlement, eligible class members are slated to receive $150 each. As a result of the Facebook deal, the lawyers who brought the lawsuits received $97 million, and as a result of the Google deal, they will receive $35 million.
Plaintiffs’ attorneys have found that BIPA class actions can still be rewarding, even if the amount is smaller. As of today, the majority of BIPA class actions have targeted employers who failed to provide workers with adequate notice and obtain their consent before demanding fingerprints or other biometric identifiers to verify their identity when punching the clock or entering secure facilities.
For each violation, plaintiffs can claim $1,000-$5,000 in damages. A fingerprint scan or other biometric scan has been interpreted as a violation of the law. Small businesses could be subjected to catastrophic damages worth millions of dollars, even if they’re moderately sized.
The courts have, to this point, generally rejected defendant business attempts to sidestep litigation or at least limit damages. Since most employers have settled class actions targeting their employees to date, settlements have ranged from hundreds of thousands to as much as $50 million. Most settlement funds are claimed by lawyers.