Coinbase, the Nasdaq-listed cryptocurrency exchange, is facing a proposed class action lawsuit in the Northern District of California over alleged wrongful profits from users’ facial and fingerprint scans. Michael Massel, a Coinbase customer and plaintiff in the lawsuit, claims that the exchange illegally collects biometric data from users in violation of Illinois’ biometric privacy law. Coinbase requires users to upload a government ID and selfie for verification and set up biometric authentication (fingerprint scan) for mobile app login. The lawsuit explains that Coinbase collects, stores, possesses, obtains, uses, and disseminates its users’ biometric data to enhance its platform. It also states that Coinbase’s unlawful collection and use of the biometric data of its users expose them to serious and irreversible privacy risks. The Illinois Biometric Information Privacy Act (BIPA) requires companies to obtain consent before collecting biometric data, including fingerprints or facial scans. The law also obliges companies to inform users how long the data will be kept. Coinbase is accused of collecting and storing thousands of ‘face templates’ and fingerprints from countless Illinois residents in violation of the law. Coinbase has not yet released any comments regarding the lawsuit.
The alleged collection and use of customers’ biometric data by Coinbase has raised significant concerns about privacy risks and the potential misuse of data. Facial and fingerprint scans are unique and permanent biometric identifiers that cannot be changed or replaced if stolen or compromised. Companies that collect such data without proper consent and safeguards put their users at risk of identity theft, fraud, and other forms of privacy violation. The Illinois BIPA has been a robust driver of lawsuits against companies across different industries over the past years. As the use of biometric technology becomes more common in different aspects of daily life, proper regulation and oversight are necessary to ensure that the privacy and security of users’ data are protected.
In summary, Coinbase is facing legal action over its alleged wrongful collection and use of users’ biometric data. The lawsuit claims that Coinbase collects, stores, obtains, uses, and disseminates its users’ biometric data without proper consent and in violation of Illinois’ biometric privacy law. The Illinois BIPA requires companies to obtain consent before collecting biometric data and to inform users how long the data will be kept. The alleged collection and use of customers’ biometric data by Coinbase raise significant concerns about privacy risks and the potential misuse of data. Proper regulation and oversight are necessary to ensure that the privacy and security of users’ data are protected in the rapidly evolving landscape of biometric technology. Coinbase has yet to release an official statement regarding the lawsuit.