Federal Judge Denies Motion to Compel Apple to Provide Personal Information in Facial Recognition Suit

In a putative class-action lawsuit filed against Apple concerning alleged violations of the Illinois Biometric Information Privacy Act (BIPA), the parties disputed the scope of discovery to which the plaintiffs were entitled. The plaintiffs sought to compel Apple to produce certain identifying information for Illinois residents with Apple devices containing the Photos App. The plaintiffs also issued document subpoenas to major resellers of Apple products for the personal data of individual customers. The district court ultimately denied the request to compel and quashed the subpoenas, citing concerns about how personal information would be protected given the increase in cyber attacks and hacking incidents.

The suit centers on the Photo App contained on Apple devices that displays photos stored on the devices. According to the plaintiffs, the Photo App collects biometric identifiers and biometric information, including scans of facial geometry and related biometric information, of the individuals in the photos. Apple collects these biometric identifiers, the plaintiffs allege, without first notifying the individuals in writing and obtaining their informed consent. The plaintiffs further allege Apple possessed biometric identifiers and biometric information without creating and following a written, publicly available policy with retention schedules and destruction guidelines. According to the plaintiffs’ complaint, these actions violate the BIPA.

Following the filing of the suit, the plaintiffs issued various discovery requests including a request for production of documents that would identify the Illinois residents who had purchased Apple devices with the Photos App and who had agreed to Apple’s End User License Agreement (EULA) in connection with the Photos App. Apple objected to the requests and refused to produce the requested documents contending that the identity of putative class members was not an appropriate source of discovery. In response, the plaintiff filed a motion to compel production of the requested documents.

The plaintiffs also issued document subpoenas to Amazon, AT&T, Best Buy, T-Mobile, Target, U.S. Cellular, and Verizon, major resellers of Apple products, seeking the personal data of individual customers who may be members of the putative class. The subpoenas requested the names, addresses, phone numbers, email addresses, birth dates, and Apple IDs for users of iPhones, iPads, and Mac computers. Apple moved to quash these subpoenas.

The plaintiffs argued that the requested documents were directly relevant to the issue of class certification. The plaintiffs argued that the information was relevant to Rule 23(b)(3)’s requirements that a class action be superior to other available methods for fairly and efficiently adjudicating the controversy and that the matter is manageable as a class action.

Apple responded by arguing that such pre-certification discovery would be invasive, would identify potentially millions of consumers who are not class members, and was neither relevant nor proportional to the needs of this case. Apple also contended that disclosure of this information would intrude on consumers’ privacy interest in avoiding disclosure of their names and addresses without their knowledge and consent. Both parties cited the Supreme Court’s decision in Oppenheimer Fund, Inc. v. Sanders, in which the Supreme Court held the names and addresses of potential class members do not fall within the scope of allowable discovery under Rule 26(b)(1).

In denying the motion to compel and quashing the subpoenas, the Court found the plaintiffs’ arguments unpersuasive. The Court noted that while the plaintiffs claimed the information was relevant to the “manageability” and “superiority” elements of class certification, they never articulated why personal consumer information is necessary to establish these requirements or why this information was preferable to less intrusive ways of establishing these elements. The Court also noted that the plaintiffs failed to explain why they needed the personal information for each and every Illinois resident who had purchased an Apple Device, as opposed to a smaller subset of those potential class members.

Importantly, the Court also had serious concerns about the disclosure of millions of consumers’ personal information without any notice or the ability to opt-in. The Court explained that the plaintiffs provided no explanation as to how the requested data would be stored and kept secure, a consideration the Court found “crucial considering the rising number of computer hackings and ransomware attacks hitting U.S. companies.”

The Court’s decision came after it had previously remanded the case to state court, a decision Apple appealed to the Seventh Circuit. Earlier this year, the Seventh Circuit granted Apple immediate relief and reversed the district court’s remand order.

The Court’s full opinion is available here.

Our Chicago, Illinois business and class-action defense law firm handles individual and class-action gift card, data breach, privacy rights, deceptive advertising, predatory lending, unfair debt collection, lemon law, and other consumer fraud cases that government agencies and public interest law firms such as the Illinois Attorney General may not pursue. Class-action lawsuits our law firm has been involved in or spear-headed have led to substantial awards totaling over a million dollars to organizations including the National Association of Consumer Advocatesthe National Consumer Law Center, and local law school consumer programs. The Chicago class action lawyers at Lubin Austermuehle are proud of our achievements in assisting national and local consumer rights organizations to obtain the funds needed to ensure that consumers are protected and informed of their rights. By standing up to consumer fraud and consumer rip-offs, and in the right case filing consumer protection lawsuits and class actions you too can help ensure that other consumers’ rights are protected from consumer rip-offs and unscrupulous or dishonest practices.

Our Oak Brook and Hinsdale consumer attorneys provide assistance in a data breach, privacy violation, fair debt collection, consumer fraud, and consumer rights cases including in Illinois and throughout the country. You can click here to see a description of the some of the many individual and class-action consumer cases our Chicago consumer lawyers have handled. You can contact one of our Skokie and Waukegan consumer protection attorneys who can assist in consumer fraud, consumer rip-off, lemon law, unfair debt collection, predatory lending, wage claims, unpaid overtime, and other consumer class-action cases by filling out the contact form at the side of this blog or by clicking here. You can also call us at 630-333-0333.

Contact Information