fbpx

Tarte Cosmetics Virtual Try-On Biometrics BIPA Class Action

At the Tarte Cosmetics, Inc. website, part of the sales pitch is allowing consumers to virtually try on its make-up products. The Virtual Make-Up Try On program scans consumers’ facial geometry and then virtually applies certain products. But the complaint alleges that this program’s “features function, at least in part, by scanning, collecting, storing, and using customers’ or potential customers’ facial biometrics.” What’s wrong with that? The complaint alleges it exposes those who use the program “to serious and irreversible privacy risks” and also violates the Illinois Biometric Information Privacy Act (BIPA).

The class for this action is all persons whose biometric identifiers, facial geometry, faceprints, or facial data was captured, collected, or received by Tarte Cosmetics while the persons were living in Illinois, between July 30, 2016 and the date the class is certified in this case.

In make-up try-on programs, facial scans allow the program to properly position the cosmetics on the customers’ or potential customers’ faces. But this can raise privacy concerns.

Biometrics are different from other forms of identification or authentication, because if they are lost or stolen, they cannot be canceled and replaced—at least not without surgery. The complaint says, “For example, if a biometric database is hacked, breached, or otherwise exposed … consumers have no means by which to prevent identity theft, unauthorized tracking, and other improper or unlawful use of this information.”

To protect its citizens, Illinois passed BIPA, a law establishing some minimal requirements for private businesses that intend to collect, store, or use biometrics:

  • They must inform the individual in writing that the biometrics will be collected and tell them of the purpose and length of time for which the biometrics will be used.
  • They must obtain a written release from the individual.
  • They must make available a written policy as to when they will permanently destroy the information.

The complaint specifically notes, “Burying a vague reference to biometric information in an online privacy policy is not sufficient to comply with BIPA’s requirements.”

Under BIPA, these requirements are a precondition for collecting or storing the biometric information. However, the complaint claims that the Tarte website collects, stores, and uses consumers’ biometrics without meeting these requirements.

The complaint alleges, “The State of Illinois takes the privacy of biometric data seriously.”

The complaint asks for an injunction against the company, requiring it to comply with the provisions of BIPA from now on. It also asks for “damages available under [] BIPA, including liquidated damages of $1,000 per negligent violation, $5,000 per willful or reckless violation, or actual damages, whichever is greater.”

Article Type: Lawsuit
Topic: Privacy

Most Recent Case Event

Tarte Cosmetics Virtual Try-On Biometrics BIPA Complaint

July 30, 2021

At the Tarte Cosmetics, Inc. website, part of the sales pitch is allowing consumers to virtually try on its make-up products. The Virtual Make-Up Try On program scans consumers’ facial geometry and then virtually applies certain products. But the complaint alleges that this program’s “features function, at least in part, by scanning, collecting, storing, and using customers’ or potential customers’ facial biometrics.” What’s wrong with that? The complaint alleges it exposes those who use the program “to serious and irreversible privacy risks” and also violates the Illinois Biometric Information Privacy Act (BIPA).

Tarte Cosmetics Virtual Try-On Biometrics BIPA Complaint

Case Event History

Tarte Cosmetics Virtual Try-On Biometrics BIPA Complaint

July 30, 2021

At the Tarte Cosmetics, Inc. website, part of the sales pitch is allowing consumers to virtually try on its make-up products. The Virtual Make-Up Try On program scans consumers’ facial geometry and then virtually applies certain products. But the complaint alleges that this program’s “features function, at least in part, by scanning, collecting, storing, and using customers’ or potential customers’ facial biometrics.” What’s wrong with that? The complaint alleges it exposes those who use the program “to serious and irreversible privacy risks” and also violates the Illinois Biometric Information Privacy Act (BIPA).

Tarte Cosmetics Virtual Try-On Biometrics BIPA Complaint
Tags: BIPA, Taking/Storing/Using Biometric Data, Your Privacy