Wendy’s Sued for Mismanagement of Employee Fingerprints
As reported by ZDNet.com, a class-action lawsuit has been filed in Illinois that claims Wendy’s restaurant chain has broken state laws by improperly storing and managing employee fingerprints.
The complaint centers on Wendy’s practice of using biometric clocks that scan fingerprints when employees arrive at work, when they leave, and when they use the point-of-sale and cash register systems.
The suit contends that Wendy’s breaks the Illinois Biometric Information Privacy Act (BIPA) because the company doesn’t inform its employees how it uses their data and fails to obtain a written release with their explicit consent to obtain and handle the prints in the first place.
Further, according to the plaintiffs, Wendy’s doesn’t provide a publicly available retention schedule or guidelines for permanently destroying employees’ fingerprints after they leave the company.
“Unlike key fobs or identification cards – which can be changed or replaced if stolen or compromised – fingerprints are unique, permanent biometric identifiers associated with the employee,” the plaintiffs said in the complaint. “This exposes employees to serious and irreversible privacy risks.”
Also named in the lawsuit is Discovery NCR Corporation, which supplies Wendy’s with the biometric clocks and cash register access systems. The article suggests that NCR was included because of its similarity to Pay By Touch, a biometric company that once provided retailers in Illinois with fingerprint scanners. In late 2007, Pay By Touch had accumulated the fingerprints of many employees throughout the state, and there were concerns the company would sell the data in an effort to recoup expenses during a bankruptcy proceeding. BIPA was enacted as a response.
ZDNet.com reports that Wendy’s did not respond to a request for comment. Plaintiffs’ lawyers declined to comment when reached as well.
Celebrate With Us!
In celebration of our new Information Management Magazine website launch, now available at magazine.arma.org, we're making our latest and most important resource, the Information Governance Body of Knowledge (IGBOK) available to you at a discounted rate (Members save $40 off of list price; Non-Members save $30 off of list price).Get Your Copy
About the Author
- Information Security (Information Protection)2019.02.04Isaza Responds to Illinois Supreme Court Ruling on Biometric Privacy
- Cloud2019.01.28Dropbox Buys Hello Sign, Adds its Coveted Workflow Capabilities
- News & Analysis2019.01.25Google Is Fined $57 Million, First Major Penalty Under Europe’s Data Privacy Law
- Information Governance2018.12.07Information Governance Body of Knowledge Published