Consumer News

CATrends: Dating Apps’ Alleged Unlawful Storage of Biometric Information

Is your selfie safe?

Consumer News

CATrends: Dating Apps’ Alleged Unlawful Storage of Biometric Information

This article highlights a trend in class-action litigation as identified by our Class-Action Tracker. Hence the name of this feature, CATrends. (Apologies if you were expecting funny cat videos.)

Your dating profile picture might be attracting the wrong kind of attention: scammers.

That’s because when you upload a selfie to your dating profile, you’re not only putting yourself out there as a potential mate, you’re also potentially putting your biometric information – and, as a result, your identity – at risk.

Many dating apps use photo verification to check the identities of users. But according to a recent trend in class-action litigation, several of them fail to inform consumers that they collect or store users’ biometric information as part of the photo verification process, exposing users to privacy risks.

Since August, five lawsuits have been filed against dating apps alleging they collect or store consumers’ biometric information in violation of an Illinois data privacy law. A class-action lawsuit filed against eHarmony in January alleges:

Facial geometry scans are unique, permanent biometric identifiers associated with each user that cannot be changed or replaced if stolen or compromised. eHarmony’s unlawful collection, obtainment, storage, and use of its users’ biometric data exposes them to serious and irreversible privacy risks.

For example, the lawsuit continues, in the event of a data breach “eHarmony users have no means by which to prevent identity theft, unauthorized tracking or other unlawful or improper use of this highly personal and private information.”

The other dating apps named in litigation are Bumble, Coffee Meets Bagel, MeetMe and Luxy.

The lawsuits, which were all filed in Illinois or California by the same group of attorneys, accuse the dating apps of violating the Illinois Biometric Information Privacy Act, which, among other things, requires companies to obtain consent prior to collecting a person’s biometric information. The law defines a “biometric identifier” as a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry.

The lawsuit against MeetMe was voluntarily dismissed without prejudice in January, meaning an amended version of the complaint can be filed. The rest are pending.

Find more of our coverage on dating services here.

You Might Be Interested In