Apple Inc. argues that providing the personal information of Illinois residents with Apple devices and accounts for discovery purposes violates their privacy in a lawsuit alleging its photo app collects and stores biometric identifiers through facial recognition technology.
Attorney Andrew Schlichter of Schlichter Bogard & Denton LLP in St. Louis filed a motion to compel class discovery on April 19 on behalf of the putative class.
Schlichter wrote that “class members are Illinois residents with Apple devices whose biometric information was collected without their consent in violation of the Illinois Biometric Information Privacy Act (BIPA).”
He wrote that the request is “minimally burdensome” for Apple to produce.
Schlichter has asked Apple to produce documents identifying customer with Apple devices containing the Apple photo app at issue and residents who executed end-user-license or other agreements related to the app.
He wrote that Apple responded with “multiple meritless boilerplate objections.” He added that Apple later argued that the identity of class members “is not an appropriate subject of discovery.”
“Because defendant’s position is wholly unfounded and incorrect as a matter of law, plaintiffs respectfully request that the court order defendant … to produce complete information responsive to requests 31 and 32,” Schlichter wrote.
Apple filed a response in opposition to the request on May 3 through attorney Raj Shah of Chicago.
“Contrary to plaintiffs’ opening proclamation in their motion to compel, precertification ‘discovery regarding the identity of putative class members’ is not ‘routine,’” Shah wrote, “nor is the description accurate as to what plaintiffs’ requests No. 31 and 32 in fact seek.”
He explains that plaintiffs seek shipping and billing addresses of residents with Apple IDs, owners of iPhones with Illinois area codes, Apple Pay information, and customer information for purchases through the Apple website or retail stores in Illinois.
Shah adds that “the motion to compel should be denied because invasive precertification discovery of the identifying information of potentially millions of consumers, not class members, is neither relevant nor proportional to the needs of this case.”
Shah argues that the requested information is treated as personal data under the privacy policy and would intrude on their privacy interest if disclosed.
“Plaintiffs, however, do not propose to inform consumers that a disclosure of their information has been requested,” he wrote. “Nor do plaintiffs seek to explain how the information will be used. In other words, if plaintiffs had their way, the consumers would have no choice with respect to their personal information being disclosed.”
Plaintiffs Roslyn Hazlitt, Jane Doe, by and through next friend John Doe, Richard Robinson and Yolanda Brown filed the putative class action on March 2, 2020, in St. Clair County Circuit Court before Apple removed the case to the U.S. District Court for the Southern District of Illinois on May 6, 2020. They argue that Apple violated BIPA by collecting, possessing and profiting from their biometric identifiers.
According to the complaint, the plaintiffs allege Apple violated BIPA by collecting, possessing and profiting from their facial geometries through facial recognition. They claim the Apple Photos app uses a proprietary software and facial recognition technology to scan facial features from photographs, creating a “faceprint” for every person detected “‘without the knowledge or informed written consent of’ the user or others who may appear in the photographs.”
The plaintiffs acknowledge that the Photos app uses “on-device processing,” but argue that Apple is liable because it provides the app.
The plaintiffs seek class certification, including “all Illinois citizens whose faces appeared in one or more photographs taken or stored on their own Apple Devices running the Photos App from March 4, 2015 until present.”
They seek injunctive relief, actual damages, $5,000 in statutory damages for each intentional and reckless BIPA violation, $1,000 for each negligent BIPA violation, attorney’s fees and court costs.
Apple filed a motion to dismiss the complaint on June 12. The defendant argued that the complaint is “devoid of factual allegations that Apple Inc. engages in any of the conduct against which the Illinois Biometric Information Policy Act protects: a private entity’s unauthorized collection, possession, and disclosure of individuals’ unique and personal ‘biometric identifiers’ or ‘biometric information.’”
Apple argued that the plaintiffs fail to plead that the defendant, the device or the Photos app links facial scans from photos to identifiable individuals. It added that device users have control over whether to tag people in photos.
The defendant further argued that the complaint fails to allege that it actually collects the information at issue. The complaint alleges the information is stored in the memory on the specific Apple device, the motion states.
“The plaintiffs therefore resort to tenuous and never before used theories of vicarious or secondary liability as a basis for their BIPA claims against Apple,” the motion stated. “The Illinois legislature imposed no such liability in enacting BIPA, and courts routinely dismiss claims against device manufactures and software developers that, like here, allege nothing more than the sale of technology which allegedly created biometric identifiers or biometric information during operation by the end-user.”
District judge Nancy Rosenstengel previously remanded the claims that Apple violated BIPA by possessing and profiting from the class members’ biometric identifiers and biometric information. Apple opposed the remand and sought supplemental authority from the Seventh Circuit.
The Seventh Circuit granted Apple immediate relief and reversed Rosenstengel’s order on Jan. 22.