Background
Plaintiffs, Illinois citizens, alleged that Amazon Web Services and Pindrop Security violated the Illinois Biometric Information Privacy Act by collecting voiceprints without consent during calls to John Hancock. The case underwent multiple procedural stages, including dismissals for lack of jurisdiction and extraterritoriality, before the district court granted summary judgment and judgment on the pleadings in favor of the defendants.
The court’s reasoning
The court affirmed the district court on five grounds. First, Pindrop is exempt under the financial-institution exemption because it authenticates identities for financial transactions, which the Federal Reserve Board deems closely related to banking. Second, the district court did not abuse its discretion in denying discovery extensions or voluntary dismissal motions. Third, the extraterritoriality doctrine bars BIPA claims against Amazon because the relevant activities, including server storage and processing, occurred outside Illinois. Fourth, the district court correctly granted judgment on the pleadings for the renewed Section fifteen-d claim.
What it means going forward
The ruling clarifies that technology providers authenticating financial transactions are exempt from Illinois biometric privacy laws and reinforces that state biometric statutes generally do not apply to conduct occurring primarily outside the state.
Podcast (federal-narrative-summaries): Play in new window | Download
