AWS Seeks Dismissal of BIPA Class Action in Chicago
Plaintiff Cynthia Redd’s class action “seeks to expand” the Illinois Biometric Information Privacy Act “far beyond what its authors could have possibly intended,” said Amazon Web Services Tuesday in U.S. District Court for Northern Illinois in Chicago in its motion to dismiss (docket 1:22-cv-06779) Redd’s complaint for failure to state a claim.
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
Redd alleges Wonolo, an app-based job placement company, used AWS’ cloud-based software service, Rekognition, to verify the identities of Wonolo users who interacted with its app (see 2212050036). By providing the Rekognition service to Wonolo, AWS violated the BIPA by possessing the plaintiff’s biometric data without developing and adhering to a publicly available retention and deletion schedule, said her complaint.
Redd doesn't allege “she interacted with AWS in any way, or that AWS was even aware of her use of Wonolo,” said its motion to dismiss. She nevertheless seeks to hold AWS liable “on the theory that AWS -- not Wonolo -- improperly collected, possessed, disclosed, and profited from biometric data about her face,” it said.
Redd’s claims fail “on multiple levels,” said AWS. The court lacks personal jurisdiction over AWS because Redd “has not alleged and cannot allege that her claims arise from any Illinois-based conduct by AWS,” it said. She also comes “nowhere near alleging the essential elements of her claims,” it said.
The “novel attempt” of Redd’s complaint “to sweep into BIPA’s scope back-end cloud-service providers like AWS is inconsistent with any rational reading of the law,” said AWS. Even if Redd could overcome those hurdles, “her claims would still fail because AWS complied with BIPA by contractually requiring its customers, including Wonolo, to comply with the law,” it said. “As multiple courts have confirmed, nothing more is required.”
Redd “may or may not have valid claims against Wonolo,” the company she claims required her to disclose photos of her face and then analyzed those photos, said AWS. This is her third BIPA lawsuit, including one against Wonolo, the other against Amazon, it said. “But she certainly has no claims against AWS,” which has no relationship with her, “and merely acted as a back-end, out-of-state service provider for Wonolo,” it said. Her claims should be dismissed, it said.