Facebook is about to face a $35 billion class-action lawsuit because of its facial recognition tools usage without permission. Facial recognition tools are based on automated facial recognition of uploaded photographs.
Here’s how this tool actually works. Let’s say that Person A uploads a photo taken with Person B. After successful upload, Facebook recognition tool will scan the photo for faces and compare it with the current database. If Facebook detects Person B, it will ask Person A to tag Person B and will automatically link the photo to the Person B profile.
The main problem lies in the fact that Facebook automatically opted-in its users in using this technology even though its facial recognition clearly violates the Illinois Biometric Information Privacy Act. Facebook should have asked its users for consent prior to using facial recognition technology. Along with this, Facebook didn’t specify how long they store facial data and thus in case of a data breach, this facial information could be misused for unlocking devices or spotting persons on security footages.
This single class-action case is combined from three individual lawsuits from 2015. Even though Facebook claimed that no one suffered a direct financial loss because of their technology, its argument was rejected by the local court and the case will proceed.
The maximum penalty for breaching the law is $5,000 per violation and if we multiply this with 7 million Facebook users in Illinois, it could be one hard hit on Facebook.