Coinbase Accused Of Privacy Violations In Biometric Collection
Key Points:
- Coinbase faces class-action lawsuit for alleged biometric privacy violations in Illinois.
- A Coinbase user claimed that the exchange violated certain provisions of Illinois’ Biometric Information Privacy Act (BIPA).
- Coinbase scans and stores thousands of residents’ fingerprints and facial maps without consent, exposing them to serious privacy risks.
Coinbase is facing a class-action lawsuit that alleges that the company violated biometric privacy laws in Illinois through its collection and storage of customer fingerprints and facial templates.
The lawsuit, which was filed on May 1 in a California District Court by a Coinbase user, claims that the exchange’s requirement that a customer uploads pictures of a valid ID and a self-portrait in order for the firm to conduct Know Your Customer (KYC) checks is violating certain provisions of Illinois’ Biometric Information Privacy Act (BIPA).
The lawsuit argues that COIN needed to gain permission from users when collecting their biometrics, and to provide information about the purpose for collecting such data, how long it would be stored, how it would be used, and how Coinbase would permanently destroy it. However, COIN had no written policy, made available to the public, establishing a retention schedule and guidelines for permanently destroying biometric information.
In a similar process used by other exchanges, COIN scans the photographs and creates a biometric template of a user’s face, which it uses to confirm a match between the self-portrait and the face on the supplied ID. The suit claims that “thousands” of “highly detailed geometric maps of the face” and fingerprints from Illinois residents were illegally collected and stored by the exchange.
The lawsuit also alleges that biometric authentication, such as a fingerprint or face scan, is used on Coinbase’s mobile app to verify the user when logging into their account. This, according to the suit, exposes users to serious and irreversible privacy risks, and Coinbase should have “permanently destroyed” biometric data after a user opened a Coinbase account, as such information was used for the sole purpose of opening the account.
As of now, the suit is seeking damages of $5,000 per intentional BIPA violation or $1,000 if the court finds the alleged violations were not wilful along with paying the attorneys fees and court costs of the class action. If Coinbase’s database containing facial geometry scans or other sensitive, proprietary biometric data is hacked, breached, or otherwise exposed, Coinbase users have no means by which to prevent identity theft.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Annie
Coincu News