Coinbase faces suit over alleged privacy violations in biometrics collection

Coinbase violated biometric privacy laws in Illinois through its collection and storage of customer fingerprints and facial templates, a proposed class-action lawsuit alleges.

A May 1 filing in a California District Court by a Coinbase user claimed the exchange’s requirement that a customer uploads pictures of a valid ID and a self-portrait in order for the firm to conduct Know Your Customer (KYC) checks is violating certain provisions of Illinois’ Biometric Information Privacy Act (BIPA).

The lawsuit argues BIPA required Coinbase to gain permission from users when collecting their biometrics. Coinbase needed to also provide the purpose for collecting such data, how long it would be stored, how it would be used and how Coinbase would permanently destroy it.

“Coinbase had no written policy, made available to the public, establishing a retention schedule and guidelines for permanently destroying biometric information,” the suit argued.

Coinbase user Michael Massel filed the suit on May 1, demanding a jury trial. Source: CourtListener

In a similar process used by other exchanges, the suit says Coinbase scans the photographs and creates a biometric template of a user’s face. It uses the information to confirm a match between the self-portrait and the face on the supplied ID.

“Thousands” of “highly detailed geometric maps of the face” and fingerprints from Illinois residents are claimed to have been illegally collected and stored by the exchange.

Biometric authentication, such as a fingerprint or face scan, is also used on Coinbase’s mobile app to verify the user when logging into their account, the suit states.

Related: Coinbase execs respond to SEC’s Wells notice in person and on video

It was alleged Coinbase’s “collection, obtainment, storage, and use” of such data is “unlawful” and exposes users “to serious and irreversible privacy risks.”

“If Coinbase’s database containing facial geometry scans or other sensitive, proprietary biometric data is hacked, breached, or otherwise exposed, Coinbase users have no means by which to prevent identity theft.”

The filing asserted that Coinbase should have “permanently destroyed” biometric data after a user opened a Coinbase account, as such information was used for the sole purpose of opening the account.

The suit is seeking damages of $5,000 per intentional BIPA violation or $1,000 if the court finds the alleged violations were not wilful along with paying the attorneys fees and court costs of the class action.

Cointelegraph contacted Coinbase for comment but did not receive a response by publication.

Magazine: Crypto Twitter Hall of Flame, Gabriel Haines: Shirtless shitposting and hunting SBF on the meme streets

All Dutch and English crypto news!

Cardano oprichter wil uitgestorven mammoet tot leven brengen

Charles Hoskinson is van alle markten thuis. Het ene moment werkt hij aan Cardano, dan probeert hij het volledige onderwijssysteem op de blockchain te krijgen,...

FTX debtors object Genesis’ ‘critical’ claim estimate of ‘$0.00’

Just a month after bankrupt cryptocurrency exchange FTX was seeking $4 billion from the also bankrupt crypto lender Genesis, it is now contesting a claim...

Elliptic integrates ChatGPT to bolster crypto risk detection

Crypto risk management firm Elliptic is integrating artificial intelligence chatbot, ChatGPT, to ramp up accuracy and scalability in detecting crypto threats, amid other crypto firms...

Warren’s alleged work with short-seller shows anti-crypto army heating up

What do progressive Democrats, Republican national security hawks and Wall Street traders have in common? They are all apparently enlisting in United States Senator Elizabeth...

Beste exchanges

Koop je crypto bij Bitvavo