Skip to content Skip to navigation

NFI and Kronos Collection of Employee Fingerprints Illinois BIPA Class Action

NFI Trucks

If your credit card number is stolen, you can cancel the card and get a new one with a new number. However, if your fingerprints are stolen, you can’t cancel them and get a new set. The complaint for this class action alleges that NFI, LLC and Kronos, Inc. are recording and storing the biometric data of NFI’s employees but not obeying the provisions of Illinois’s Biometric Information Privacy Act (BIPA), thus putting employees’ personal information at risk. 

The class for this action is all individuals who work for NFI in Illinois who had their fingerprints taken or collected or obtained or disclosed by NFI or Kronos during the statute of limitations period. 

Data breaches are unfortunately common, even in large, well-to-do and technologically savvy companies. Many people have spent time cancelling and replacing credit and debit cards or monitoring credit reports to try to catch identity thieves who might have stolen their personal information. 

Companies are now often asking employees for biometric information, such as fingerprints or palm scans, for identification and timekeeping purposes. NFI takes employee fingerprints and shares them with Kronos, a third party. It then uses the Kronos database to monitor the time worked by its employees. 

But this kind of information is not replaceable if it is stolen. In 2015, a data breach at the US Office of Personnel Management exposed the personal information and biometric data of over 21.5 million federal employees, contractors, and job applicants. And in 2018, a Washington Post article announced that hackers and thieves had accessed information from Aadhaar, a biometric database in India. Aadhaar contains information such as fingerprints, iris scans, and photographs of over a billion people. 

With both the taking of biometric information and the dangers of hacking on the increase, Illinois has begun to regulate the taking and storage of this information with its BIPA law.

The complaint alleges several violations of BIPA against NFI and Kronos:

  • That they did not properly inform employees in writing of the purpose of the purpose for which their fingerprints were being taken and length of time for which they would be kept and used.
  • That they did not make publicly available a retention schedule and guideline for permanent destruction of the fingerprints.
  • That they did not obtain a written release from employees permitting them to take, store, disseminate, or otherwise use their fingerprints. 

The complaint alleges violations of BIPA and negligence.

Article Type: 

Free Case Evaluation

Fill out the information for a FREE and prompt case evaluation.

About you

Additional Information

Latest Tweets

Join Us on Facebook