A newly filed class action lawsuit against Coinbase alleges that the top US crypto exchange illegally stored platform users’ fingerprint and facial scans.
The lawsuit, which was filed in California District Court by plaintiff Michael Massel, an Illinois resident who opened a Coinbase account five years ago, alleges that the platform violated the state’s Biometric Information Privacy Act (BIPA).
According to the lawsuit, Coinbase requires customers to provide fingerprint and facial scans along with a state-issued ID as part of its authentication process to use its services
But the lawsuit claims Coinbase violated several BIPA provisions, including failing to inform customers in writing that their biometric data would be collected and stored and not disclosing for what length of time the biometric data would be stored.
The lawsuit claims that Coinbase should have destroyed the biometric data after customers successfully opened an account as well as when logging out or discontinuing use of its mobile app.
According to the lawsuit, the collection and storage of biometric data exposed customers to severe privacy risks.
Says the lawsuit,
“Coinbase’s unlawful collection, obtainment, storage, and use of its users’ biometric data exposes them to serious and irreversible privacy risks. For example, if Coinbase’s database containing facial geometry scans or other sensitive, proprietary biometric data is hacked, breached, or otherwise exposed, Coinbase users have no means by which to prevent identity theft, unauthorized tracking or other unlawful or improper use of this highly personal and private information.”
The lawsuit, which estimates that Coinbase created and stored face scans for “thousands” of Illinois residents, seeks damages of $5,000 for every BIPA violation if deemed willful or $1,000 if unintentional, plus other damages and attorney fees.
Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inboxGenerated Image: Midjourney