• Coinbase has been slapped with a lawsuit for violating Illinois’ Biometric Information Privacy Act (BIPA).
  • The suit alleges the exchange collected and improperly used its customers’ fingerprint and facial recognition data.
  • The plaintiff is seeking relief in the form of $5,000 in damages for each “intentional and reckless violation” of BIPA.

Coinbase Sued for Violating Biometric Information Privacy Act

Cryptocurrency exchange Coinbase has been sued by a District Court in California on May 1 for allegedly violating Illinois‘ Biometric Information Privacy Act (BIPA). The plaintiff Michael Massel is seeking relief in the form of $5,000 in damages for each “intentional and reckless violation” of BIPA.

Alleged Violations

The lawsuit claims that Coinbase collected biometric information through its KYC procedures without informing users or receiving written consent. In addition, it argues that Coinbase failed to publish „publicly‐available written retention schedules and guidelines“ as required by BIPA regulations. It further alleges that the exchange failed to permanently destroy biometric data obtained solely to create an account after the customer’s account was created.

Potential Risks

The lawsuit states that if Coinbase’s database containing facial geometry scans or other sensitive biometric data is hacked, breached, or otherwise exposed, users will have no means to prevent identity theft. This poses serious privacy risks due to the irreversibility of such data.

Plaintiff Seeking Relief

Massel is seeking relief from these “unlawful” violations from Coinbase in the form of $5,000 in damages for each “intentional and reckless violation” of BIPA and an additional $1,000 for every additional violation found by his legal representation.

Disclaimer

This article is provided only for informational purposes and should not be taken as legal, tax, investment or financial advice.