Skip to main content

About this practice


Biometric technology has enabled vastly improved efficiencies for controls on access to secure locations and the use of time management and other information systems at a time when systems are more vulnerable than ever before to unauthorized access and abuse. Regardless of the different applications for which biometric technology is used, ensuring compliance with applicable laws — including the privacy and security of any biometric identifiers or biometric information used in the process — is critical.

Our attorneys in our Privacy, Data and Cybersecurity and Class Actions and Complex Litigation practice groups collaborate to support organizations across a number of industries at every turn — offering insights as they evaluate the potential use of biometric technologies, assisting with implementation and monitoring of those in place, ensuring compliance with proliferating laws and regulations and using innovative litigation strategies should a problem arise.

Our practice has evolved in lock step with bourgeoning biometric technologies and the laws regulating them, giving us the insight and experience organizations need to maximize access, privacy and security.

Related capabilities and tools


Legislation such as the Illinois Biometric Information Privacy Act (BIPA) contain, among other things, detailed requirements for companies using biometric technology in Illinois. Further, a growing patchwork of federal, state and local regulation exists for biometric information including mandates such as notice and consent prior to collection, reasonable security safeguards including data destruction, notification in the event of a data breach, and obtaining written assurances from vendors concerning privacy and security. We see that patchwork expanding rapidly, accelerated by the passage of the California Consumer Privacy Act (CCPA).

We bring a multi-disciplinary approach to each client, continually refining our guidance based on the latest case law developments, and partner with you to ensure compliance with the ever-evolving regulatory requirements and mitigate risk. Our services include:

  • Design and implement programs and systems utilizing biometric technologies;
  • Review and draft policies, procedures, notices, consents, etc. concerning the collection, use, storage, security, retention and destruction of biometric identifiers and information;
  • Conduct vendor assessments, including service agreement review and drafting;
  • Respond to inquiries from individuals concerning the use of their biometric information and requests for deletion of the same;
  • Coach you through data incidents involving potential breaches of sensitive information; and
  • Defend companies faced with biometric privacy litigation.

Navigating ever-evolving biometric privacy laws in multiple jurisdictions, each with differing obligations, is no easy task. 


Over the past several years, there has been a dramatic uptick in biometric privacy litigation, including hundreds of putative class action lawsuits asserting violations of the BIPA. Our attorneys have been on the forefront of high-stakes biometric litigation from the outset, helping clients navigate the complex and ever-evolving legal landscape.

Our seasoned team of litigators helps companies implement innovative and cost-conscious legal strategies to create leverage and mitigate exposure when faced with biometric litigation. We put to use the vast class action experience of more than 200 litigators in our Class Actions and Complex Litigation practice group and attorneys in our Privacy, Data and Cybersecurity practice group, who have a long-standing record of success defending complex class claims, including claims under the BIPA.

We work with our clients to develop a comprehensive strategy for achieving the best possible litigation outcome, while also advising about preventive strategies to forestall future legal action and mitigate overall risk to their organizations.

Featured insights & news

View all...

Talk to a lawyer