Clock blocker: Woman sues bosses over fingerprint clock-in tech

Worker time-keeping system at center of biometric privacy legal battle in the US

A former employee at a nursing home is alleging the company and its equipment provider violated the US state of Illinois' biometric privacy laws with a fingerprint-scanning time clock system.

Judge Matthew Kennelly, of the northern Illinois district court, has agreed to hear the claims of Cynthia Dixon against Smith Senior Living and its equipment provider Kronos Inc. Dixon is suing for damages after what she claims is an invasion of privacy.

Dixon claimed the violations as part of a larger negligence and pay violations claim against Smith, her former employer. The complaint includes the allegation that the clock-in system Smith used, a fingerprint scanning system from Kronos, collected, transmitted, and stored her prints without prior permission, a violation of the state's Biometric Information Privacy Act (BIPA).

Skeleton Using Cell Phone

Bungling cops try to use dead chap's fingers to unlock his smartmobe


Specifically, Dixon says, she was never notified or asked to sign a waiver acknowledging that the clock-in system she used to log her work hours would not just read her prints, but store and transmit them to Kronos.

"Smith required Dixon to clock in and out of work by scanning her fingerprint, which Smith stored in a database after the first time it was scanned. Smith did not inform Dixon of the specific purpose or length of time for which her fingerprint was to be collected, stored, and / or used," a case summary reads.

"Nor did Smith make available information about its biometric data retention policy (if it had such a policy) or other guidelines regarding the permanent destruction of the biometric information it possessed. Smith also neglected to obtain a written release from Dixon authorizing Smith to collect or store her fingerprints."

The Illinois' BIPA law is among the strictest biometric privacy laws in the US, establishing that any private company who collects or transmits biometric info first obtain permission and a written release from the subject, or face liability and fines.

Kennelly ruled (PDF) that Smith and Kronos could not dismiss the BIPA charge, finding that Smith has more than enough evidence of both violations and damages to make a case.

"It is reasonable to infer from the allegations in the complaint that Kronos obtained Dixon's biometric data without her knowledge or consent," the Judge decided.

"The Court has already concluded that BIPA established a right to privacy in such information and that obtaining or disclosing a person's biometric data without her consent or knowledge necessarily infringes on the right to privacy in that data."

The case will now proceed to a status hearing, set for June 7. ®

Similar topics

Other stories you might like

  • Brave Search leaves beta, offers Goggles for filtering, personalizing results
    Freedom or echo chamber?

    Brave Software, maker of a privacy-oriented browser, on Wednesday said its surging search service has exited beta testing while its Goggles search personalization system has entered beta testing.

    Brave Search, which debuted a year ago, has received 2.5 billion search queries since then, apparently, and based on current monthly totals is expected to handle twice as many over the next year. The search service is available in the Brave browser and in other browsers by visiting

    "Since launching one year ago, Brave Search has prioritized independence and innovation in order to give users the privacy they deserve," wrote Josep Pujol, chief of search at Brave. "The web is changing, and our incredible growth shows that there is demand for a new player that puts users first."

    Continue reading
  • Never fear, the White House is here to tackle web trolls
    'No one should have to endure abuse just because they are attempting to participate in society'

    A US task force aims to prevent online harassment and abuse, with a specific focus on protecting women, girls and LGBTQI+ individuals.

    In the next 180 days, the White House Task Force to Address Online Harassment and Abuse will, among other things, draft a blueprint on a "whole-of-government approach" to stopping "technology-facilitated, gender-based violence." 

    A year after submitting the blueprint, the group will provide additional recommendations that federal and state agencies, service providers, technology companies, schools and other organisations should take to prevent online harassment, which VP Kamala Harris noted often spills over into physical violence, including self-harm and suicide for victims of cyberstalking as well mass shootings.

    Continue reading
  • Abortion rights: US senators seek ban on sale of health location data
    With Supreme Court set to overturn Roe v Wade, privacy is key

    A group of senators wants to make it illegal for data brokers to sell sensitive location and health information of individuals' medical treatment.

    A bill filed this week by five senators, led by Senator Elizabeth Warren (D-MA), comes in anticipation the Supreme Court's upcoming ruling that could overturn the 49-year-old Roe v. Wade ruling legalizing access to abortion for women in the US.

    The worry is that if the Supreme Court strikes down Roe v. Wade – as is anticipated following the leak in May of a majority draft ruling authored by Justice Samuel Alito – such sensitive data can be used against women.

    Continue reading

Biting the hand that feeds IT © 1998–2022