BIPA and Collective Bargaining Agreements
In a February 22, 2022, decision, the Appellate Court of Illinois, First District, held that plaintiff (union employee) and his fellow unionized employees are not prohibited from pursuing redress for a violation of their right under BIPA to biometric privacy—they are simply required to pursue those rights through the grievance procedures in their collective bargaining agreement rather than in state court in the first instance. In essence, the Illinois Appellate Court determined that a union member-employee (plaintiff) “cannot bypass his union, his sole and exclusive bargaining agent,” to demand that the employer “deal with him directly” on this issue.
The plaintiff (union member-employee) in William Walton, Individually and on Behalf of Others Similarly Situated, v. Roosevelt University, 2022 WL 522760 (Appellate Court of Illinois, 1st District, 2nd Division, 20220222) alleged claims under BIPA. The defendant argued that the claims asserted by the plaintiff are preempted and moved to dismiss the complaint. The circuit court denied the motion to dismiss but certified the relevant question (“Does Section 301 of the Labor Management Relations Act (29 U.S.C. § 185) preempt [Privacy Act] claims (740 ILCS 14/1) asserted by bargaining unit employees covered by a collective bargaining agreement?”) for interlocutory review.
The Illinois Court of Appeals noted that while the Walton appeal was pending, the United States Court of Appeals for the Seventh Circuit directly addressed the question brought to bear in this appeal. In Fernandez v. Kerry, Inc., 14 F.4th 644, 646-47 (7th Cir. 2021), the U.S. court of appeals found that unionized employees’ claims that their employer violated the BIPA were preempted by the Labor Management Relations Act (29 U.S.C. § 185). As Walton (plaintiff) conceded at oral argument, the relevant factual and legal circumstances of this case were indistinguishable from Fernandez, so, as noted by the Court, the Court’s real objective in this appeal was to determine whether the court of appeals’ ruling on a matter of federal law was wrongly decided in such a way that the Court would deem it to be without logic and reason. (For a more detailed discussion of Fernandez, see “Biometric Information Privacy Act and Collective Bargaining Agreements.”)
In addressing the issues raised by the certified question, the Court reasoned:
In contrast to finding the court of appeals’ decision to be without logic or reason (see State Bank of Cherry, 2013 IL 113836, ¶ 54), we think it is the proper interpretation of the Privacy Act when viewed through the prism of the Labor Management Relations Act’s preemptive effect. The Privacy Act contemplates the role of a collective bargaining unit that may act as an intermediary on issues concerning the employee’s biometric information. See 740 ILCS 14/15(b) (West 2020). The Privacy Act provides that “[n]o private entity may collect *** a person’s *** biometric identifier or biometric information, unless it first: (1) informs the subject or the subject’s legally authorized representative in writing that a biometric identifier or biometric information is being collected or stored; (2) informs the subject or the subject’s legally authorized representative in writing of the specific purpose and length of term for which a biometric identifier or biometric information is being collected, stored, and used; and (3) receives a written release executed by the subject of the biometric identifier or biometric information or the subject’s legally authorized representative.” (Emphases added.) Id. Under the Privacy Act, it is clearly within a union’s purview to negotiate with the employer about its members’ biometric information. The grievances that Walton has raised against Roosevelt are all things that his union can bargain about, but his complaint raises the question of whether such bargaining has occurred, either implicitly or explicitly.
The collective bargaining agreement at issue in this case contains a broad management rights clause. The agreement makes the union the sole and exclusive bargaining agent for the employees in the union. Walton and any other similarly situated employees agreed to their employment being covered by the subject collective bargaining agreement. The timekeeping procedures for workers are a topic for negotiation that is clearly covered by the collective bargaining agreement and requires the interpretation or administration of the agreement. The members of the collective bargaining unit in this case have surrendered their individual right to bargain with their employer about timekeeping procedures, even where those timekeeping procedures also include the collection and use of the employees’ biometric information. …
Unions frequently bargain for matters concerning their members’ privacy and protection. Collective bargaining agreements may include express and implied terms (id.), and it is up to an arbitrator, not a state court, to define the scope of the parties’ agreement (Fernandez, 14 F.4th at 646-47).
In answering the certified question, the Illinois Court of Appeals held:
Walton and his fellow unionized employees are not prohibited from pursuing redress for a violation of their right to biometric privacy—they are simply required to pursue those rights through the grievance procedures in their collective bargaining agreement rather than in state court in the first instance. Walton cannot bypass his union, his sole and exclusive bargaining agent, to demand that Roosevelt deal with him directly on this issue. Walton comes to the court attempting to represent a class of similarly situated employees over a workplace grievance, but that is a place for his union, not Walton himself. Federal law prevents state courts from stepping in and usurping the bargained-for dispute resolution framework where the parties have elected to establish a working relationship that comes within the purview of the Labor Management Relations Act. Accordingly, we answer the certified question in the affirmative and find that Privacy Act claims asserted by bargaining unit employees covered by a collective bargaining agreement are preempted under federal law.
Conclusion
The bottom line is that employers using, or planning to use, biometric devices (e.g., timeclocks, facial recognition, etc.) in the workplace need to be aware of the biometric privacy legislation applicable to the jurisdictions where they do business and where their employees (and others interacting with those biometric devices) reside. In particular, employers subject to a Workers’ Compensation Act or collective bargaining agreement under the Labor Management Relations Act (29 U.S.C. § 185 (2018)) need to understand their compliance responsibilities in light of the employer’s use of biometric devices and the relationship to their employees’ rights, and the business’s liabilities (which can be significant under BIPA-type legislation).