It is important to note that SB 2979 does not eliminate all liabilities for violations under BIPA. Hypothetically, a business with a large number of employees or customers could still be liable for substantial damages. For example, if a business with 1,000 employees or customers for whom they collected biometric data was found to have intentionally or recklessly violated BIPA and is subject to liquidated damages of $5,000 or actual damages, then damages could be $5,000,000 (=$5,000 x 1,000) plus reasonable attorneys’ fees and costs. Of course this would be subject to the facts and the applicable law, but even with the SB 2979 BIPA amendments, BIPA violations can still result in substantial damages.
The bottom line is that the courts and the legislature will continue to have to address the tension between the 2008 Illinois legislative findings underlying BIPA and potentially excessive BIPA damages awards. This analysis should consider evolving artificial intelligence (“AI”) software’s potential to provide humanity with many benefits, but also risks, and AI’s use of biometric data (and ability to copy that biometric data). Legislators and the courts will need to consider the opportunities and risks these, and other, technologies present to society, and strive to achieve a judicial and legislative balance that will maximize the beneficial opportunities of these technologies, and contain, mitigate, or remove the risks.
© 2024 Alan S. Wernick and Aronberg Goldgehn.
For more information, please see Business Law Today’s forthcoming full-length article on this topic.
2nd Circuit Finds Subway’s Promotional Texts Are Not Illegal Autodialing
By Brian Jones, J.D. Candidate, Class of 2026, University of Chicago
In Soliman v. Subway Franchisee Advertising Fund Trust Ltd., Marina Soliman sued the sandwich chain after receiving automated texts offering promotional deals, alleging that these texts violated the federal Telephone Consumer Protection Act. The TCPA makes it illegal to call consumers using an “automatic telephone dialing system or an artificial or prerecorded voice,” with “automatic telephone dialing system” defined as “equipment which has the capacity to store or produce telephone numbers to be called, using a random or sequential number generator; and to dial such numbers.” On May 10, 2024, the Second Circuit held that Subway’s automatic texting technology did not violate these provisions. The Second Circuit’s reasoning is discussed below.
Subway’s texting does not use an automated dialing system.
Subway’s system uses “an algorithm whereby a random or sequential number generator, similar to a randomization formula or sequential dialing formula, selects which number to dial from the stored list of numbers, and sequences those numbers in order to automatically dial” them to send out promotional texts. The stored telephone numbers came from a preexisting list of customers’ numbers, which Soliman voluntarily added her number to when she participated in an earlier Subway promotion.
The issue that faced the court was whether a “using a random or sequential number generator” refers only to generating the telephone number itself, or to generating any number to use computer code to store or produce telephone numbers. The court noted that only three other circuit courts had considered this issue, with all finding that the TCPA only applies to the former; the court here agreed.
Context suggests the use of ‘number’ refers to telephone numbers.
The court noted that other references to “number” in the TCPA, outside of obvious references to quantity (e.g., the number of violations), made it clear that it referenced “telephone numbers” rather than coding or indexing numbers, such as those used in the “randomization formula” that selects and sequences numbers from Subway’s preexisting list.
Prior precedent supports this interpretation.
In Facebook v. Duguid, the United States Supreme Court held that to qualify as an automatic telephone dialing system, “a device must have the capacity either to store a telephone number using a random or sequential number generator, or to produce a telephone number using a random or sequential number generator.” Here, the court found that selecting telephone numbers from a preexisting list constituted neither storing nor producing.
Texts do not constitute ‘voice.’
Soliman had also alleged that Subway’s texts violated TCPA’s ban on using an “artificial or prerecorded voice.” The court found that the ordinary meaning of “voice” did not support this interpretation; dictionary definitions and common sense suggest it refers to a sound produced by a human being. The court also noted that other provisions of the TCPA distinguished between texts and voice as categories. For instance, the statute defines “caller identification information” as applying to “a call made using a voice service or a text message sent using a text messaging service.”