In Gates v. Eagle Family Foods in the Northern District of Illinois, Gregory Gates, a former sanitation and assembly line employee, alleges that Eagle Foods collected and retained his handprints without consent as part of his timekeeping requirements while he worked at the Waukegan facility in 2016 and 2018.

Eagle Family Foods (Eagle Foods) says the Illinois Biometric Privacy Act (BIPA) does not apply to Gates’s claims of improper handprint collection because he is a former employee. Of course, Gates’s counsel argues that BIPA would apply even if Gates were a third-party worker not directly employed by Eagle.

Eagle Foods also argues that it did not “actively collect” Gates’ handprints, which it maintains is a requirement for there to be a violation under BIPA. Again, however, Gates’s counsel contends that Eagle Foods is liable under BIPA because it collected Gates’s biometric information in violation of the statute, stating, “Nothing in BIPA suggests that only entities that ‘actively’ collect biometric identifiers and/or biometric information directly from individuals are obligated to comply.”

Gates also pushed back against Eagle Food’s claim that he did not adequately allege BIPA; Gates argues that his complaint asserts that Eagle Foods captured, collected, and stored his biometric information “no fewer than a dozen times.”

Photo of Kathryn Rattigan Kathryn Rattigan

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy+ Cybersecurity Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and security…

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy+ Cybersecurity Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and security compliance. Kathryn helps clients review, revise and implement necessary policies and procedures under the Health Insurance Portability and Accountability Act (HIPAA). She also provides clients with the information needed to effectively and efficiently handle potential and confirmed data breaches while providing insight into federal regulations and requirements for notification and an assessment under state breach notification laws. Prior to joining the firm, Kathryn was an associate at Nixon Peabody. She earned her J.D., cum laude, from Roger Williams University School of Law and her B.A., magna cum laude, from Stonehill College. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.