Photo of David Poell

David Poell is an associate in the Business Trial Practice Group in the firm’s Chicago office, particularly focusing on the areas of consumer privacy and class action litigation.

Continuing the trend of recognizing Illinois’ Biometric Information Privacy Act (“BIPA”) as a muscular privacy-protective statute, the Illinois Appellate Court for the First District has ruled that the most common statutory violations of BIPA are subject to a five-year statute of limitations. BIPA imposes several duties on companies that collect, store or use biometric data—e.g., fingerprints, facial geometry scans—from Illinois residents. Prevailing plaintiffs may recover liquidated damages ranging from $1,000 to $5,000 for each BIPA violation (plus attorneys’ fees), and these provisions incentivize plaintiffs’ lawyers to bring BIPA claims as class actions.

Continue Reading Illinois Appellate Court Affirms 5-Year Statute of Limitations Period for Certain BIPA Claims

For the first time, the Supreme Court has agreed to review the Computer Fraud and Abuse Act (CFAA). The Court’s initial review of the CFAA comes in the wake of a federal circuit split as to whether the statute can only be deployed against hackers and unauthorized users of electronic systems, or also against authorized users who use the information for unauthorized purposes. The Court’s decision may significantly affect not only how law enforcement uses the CFAA, but also whether civil litigants, such as employers, may use the CFAA to defend against unauthorized employee activities.
Continue Reading U.S. Supreme Court Case Preview—Van Buren v. United States: Does Use of a Computer for an “Improper Purpose” Violate the Computer Fraud and Abuse Act?