‘Sue First, Ask Questions Later’: Biometric Data Collection Could Cost CRE Millions — Even If It Follows The Rules Biometric building access controls have become increasingly popular among security-minded residential and commercial property managers, but the legal risks of collecting and using this data are growing. A new surge in class-action lawsuits over biometric data collection under the Illinois Biometric Information Privacy Act, also known as BIPA, is leaving CRE operators vulnerable to liabilities totaling millions in damages and legal fees — even if they aren't doing anything wrong. The Illinois statute is also setting a precedent for robust copycat laws that other states are considering passing, as well as potential federal legislation. “Plaintiffs' lawyers, if they see biometric information collection, they might just sue first and ask questions later,” said D. Reed Freeman Jr., a partner in the Washington, D.C., office of ArentFox Schiff LLP. “You could be completely compliant with the law and find yourself having to defend litigation and then prove that you're compliant.” 
At least 2,000 suits had been filed as of earlier this year under BIPA since 2018, and legal experts told Bisnow the pace is only accelerating. This includes several high-profile, expensive settlements, like the $725M Facebook paid out in October after settling a class-action suit… Read the full story here. | 
