Non-Facebook Users Sue Meta Over Facial Data Privacy

Meta agreed last year to a $650 million settlement to resolve claims that Facebook illegally collected and stored users’ facial data without their consent in violation of the Illinois Biometric Information Privacy Act (BIPA). Meta is now being sued for violating the same privacy law for collecting and storing the faces of non-Facebook users.

This past March, U.S. District Judge James Donato sided with Meta, saying that it wouldn’t be reasonable to interpret BIPA to mean that Facebook was required to notify and get consent from millions of people who appeared in photos but were not Facebook users. 

However, the judge found Meta could still be held liable for violating a provision of the law that requires companies taking people’s biometric data to have written policies explaining how the data will be used and how long it will be kept. Meta says that claim should also be thrown out because it did not apply facial recognition technology to the photos of non-Facebook users. To win their case, the Illinois non-Facebook users must prove Meta did scan and map their faces in uploaded photos. “These are quintessential disputes of material facts that will require a trial to resolve,” Donato wrote.