As part of the larger trend of invasion of privacy claims asserted by employees or consumers against businesses, several states have recently passed legislation that sets forth requirements for the collection, storing and dissemination of biometric information such as fingerprints, voice recordings and even keystroke patterns.

See, e.g., California Civil Code Sections 1798.100, 1798.140(b). Similar statutes have been enacted in Illinois, Washington and New York.

As claims arising from the collection and disclosure of biometric information proliferate, businesses faced with lawsuits will turn to their liability insurance policies.

A recent case from a U.S. district court in Illinois addressed two key issues: whether mere ‘procedural violations’ of a statute governing the collection of biometric information triggered the application of an invasion of privacy exclusion; and whether a company’s commitment in its employee handbook to comply with applicable laws and regulations triggered an employment practices liability insurer’s duty to defend given allegations in the underlying actions that the employer had violated the underlying statute.