A U.S. District Court judge ruled that Mitek was not included in the arbitration agreement between its customer HyreCar and a customer suing under Illinois’ biometric data privacy law.
The applicant in Joshua Johnson et al. vs. Mitek Systems Inc. has consented to arbitration to resolve disputes with HyreCar when signing up for its rideshare car rental app. When he was redirected to Mitek for identity verification via selfie biometrics, he alleges the company violated biometric information privacy law by not obtaining required written consent or failing to meet other data privacy terms.
Mitek had filed for arbitration, arguing that it was a party to the claimant’s settlement with HyreCar. As spotted by Bloomberg Law, Chicago Judge Ronald A. Guzmán ruled that Mitek could have been included if the agreement had said so “expressly”, but that is not the case.
The judgment expands on the treatment of third-party beneficiaries under Illinois law, including a similar lawsuit against Onfido, in which forced arbitration was also denied. A decision to dismiss this case, arguing a defense based on the interpretation of the data covered by the BIPA, was also recently rejected.
Mitek also argued for arbitration on the grounds that HyreCar is relying on its identity verification services and the “fundamental fairness” of the complaint by dodging the arbitration agreement by not naming HyreCar. Guzmán judged that the company showed none of these points.
biometric data | biometric identifiers | biometrics | BIPA | data protection | facial biometrics | trial | mitek | confidentiality | selfie biometrics