Chief District Judge Nancy Rosenstengel grants Apple’s request to maintain sealed portions of a lawsuit alleging facial recognition technology used in the Photos App violates BIPA, supporting Apple’s claim that unsealing the information would give its competitors an advantage.
Apple filed a memorandum in support of maintaining redacted portions of the amended complaint under seal on Dec. 22 through attorney Raj Shah of Chicago.
Shah wrote that portions of the amended complaint refer to “confidential and competitively sensitive Apple information.”
Schlichter
“Plaintiffs amended their complaint after months of discovery involving documents that Apple designated confidential or highly confidential … because these documents reflect, reveal, or potentially can be used to piece together nonpublic, proprietary research or technical information about Apple’s products, as well as its internal procedures and processes, which could result in prejudice and harm to Apple if disclose to third parties, let alone made publicly available through a court filing,” the memorandum states.
Shah argues that the complaint attempts to describe the planning, design and operation of Apple’s Photos App as well as functions associated with the app.
“If disclosed, this confidential information would give Apple’s competitors insights into trade secrets and other confidential business information and decision-making processes regarding the design and implementation of technologies within the Photos app, which is a software Apple developed through substantial effort and the investment of significant resources,” the memorandum states.
Rosenstengel granted Apple’s motion on Dec. 28.
Apple then requested additional time to file a response to the complaint on Dec. 30. Rosenstengel gave the defendant until Jan. 14 to respond.
Plaintiffs Roslyn Hazlitt, Jane Doe, Richard Robinson and Yolanda Brown filed the putative class action on March 2, 2020, through attorney Andrew Schlichter of Schlichter Bogard & Denton LLP in St. Louis. The original lawsuit was filed in St. Clair County Circuit Court before Apple removed the case to the U.S. District Court for the Southern District of Illinois on May 6, 2020.
The amended complaint was filed with redactions on Dec. 16. Information is redacted under the header “Defendant’s collection of plaintiffs’ biometric data on its servers.”
In their complaint, the plaintiffs argue that Apple violates the Biometric Information Policy Act (BIPA) by collecting, possessing and profiting from the plaintiffs’ facial geometries through facial recognition. They claim the Apple Photos App uses proprietary software and facial recognition technology to scan facial features from photographs, creating a “faceprint” for every person detected “‘without the knowledge or informed written consent of’ the user or others who may appear in the photographs.”
“The facial recognition ‘feature’ of defendant’s Photos App functions by scanning a user’s photo library for faces, and then, using facial recognition technology that extracts biometric identifiers from photographs, grouping photographs of faces, including the user’s People albums,” the suit states.
Facial recognition algorithms are fun on Apple devices, and Apple allegedly stores the data taken from the device users’ image libraries in a facial recognition database. Digital photographs are then grouped based on the recognized faces in the photo, the suit states.
The plaintiffs acknowledge that the Photos app uses “on-device processing,” but argue that Apple is liable because it provides the app.
They argue that Apple takes “extraordinary measures” to encrypt facial data used to unlock devices by storing the data on a “secure enclave” and ensuring that it is “never stored on Apple servers or backed up to iCloud or anywhere else.” However, the data stored on personal devices through the Photos App is vulnerable to hackers and “creates an independent threat of serious harm that is associated with each personal device that contains biometric data.”
The plaintiffs argue that in 2015 hackers snuck malware onto thousands of apps on the iPhone App Store, enabling them to hijack Apple devices and steal potentially sensitive user information.
“The collection and use of biometric data is especially problematic in relation to the collection of biometric data from minors, who cannot provide informed consent and may be unaware of the serious harms that can result from the release of biometric data,” the suit states.
The plaintiffs seek class certification for two subclasses. Subclass one includes “all Illinois citizens whose faces appeared in one or more photographs taken or stored on their own Apple devices running the Photos App from March 4, 2015 until present.”
Subclass two includes “all Illinois citizens whose faces appeared in one or more photographs taken or stored on an Apple device other than their own or whose faces appeared in one or more photographs stored in an iCloud Photos Library other than their own from September 13, 2016 until present.”
They seek injunctive relief, actual damages, $5,000 in statutory damages for each intentional and reckless BIPA violation, $1,000 for each negligent BIPA violation, attorney’s fees and court costs.
U.S. District Court for the Southern District of Illinois case number 3:20-cv-421