Latrina Cothron worked as a manager of a White Castle restaurant in Illinois, starting in 2004. Shortly after her employment began, White Castle implemented a system in which employees were required to scan their fingerprints to access their paystubs and computers.
A third-party vendor verified each scan.
In 2008, the United States introduced the Biometric Information Policy Act, designed to protect citizens from the illegal collection of biometric data. It states private entities may not ‘collect, capture, purchase, receive through trade, or otherwise obtain’ a person’s biometric data without first providing notice to and receiving consent from the person.
Not until 2018 did Cothron receive consent forms from White Castle on acquiring her fingerprint biometric data. She filed a complaint against her employer, claiming White Castle ‘unlawfully collected her biometric data and unlawfully disclosed her data to its third-party vendor in violation’ of the Act.