Image: Louis Vuitton

Louis Vuitton appears to have reached a settlement to bring an early end to a proposed class action lawsuit accusing it of collecting consumers’ biometric data for a virtual eyewear try-on tool “without first obtaining their consent or informing them” about the data collection, thereby running afoul of Illinois Biometric Information Privacy Act (“BIPA”). In a joint stipulation of dismissal on April 21, Louis Vuitton and Plaintiffs Paula Theriot and Cheryl Doyle alerted Judge Denise Cote of the U.S. District Court for the Southern District of New York that they have agreed that “all claims in this lawsuit will be dismissed without prejudice” with each party bearing its own costs and fees. 

The closing of the closely-watched case follows from a partial win late last year for Louis Vuitton, which sought to escape the plaintiffs’ case on the basis that they lack Article III standing for their BIPA section 15(a) claim and therefore, the court lacks subject matter jurisdiction. Louis Vuitton also argued that the plaintiffs’ fail to state a claim for relief in connection with their BIPA section 15(b) claim, and thus, their complaint should be dismissed in its entirety. 

Deciding Louis Vuitton’s motion to dismiss, Judge Cote agreed to toss out the plaintiffs’ BIPA section 15(a) since the plaintiffs failed to allege the necessary “particularized harm.” Specifically, the court found that the plaintiffs’ 15(a) claim is “expressly based on” Louis Vuitton’s alleged “‘failure to develop and make publicly available a written policy for retention and destruction of biometric identifiers’” and not on its unlawful retention of the biometric data. There are “no allegations in the amended complaint that Louis Vuitton unlawfully retained the plaintiffs’ data after the initial purpose for collection had ended,” the court stated. 

As for the section 15(b) claim, the court sided with the plaintiffs, finding that they sufficiently pled that Louis Vuitton ran afoul of the law by “encourag[ing] its website visitors to use the Virtual Try-On tool, through which it collects their facial geometry.” While Louis Vuitton argued that the plaintiffs’ complaint “proves that it is FittingBox,” the company that “powers” the Louis Vuitton virtual try-on tool, and thus, “not Louis Vuitton, who ‘collects’ biometric identifiers,” the court stated that “the precise roles of Louis Vuitton and FittingBox, and the precise kinds of data each receives are factual questions to be resolved later in the litigation.” 

The court was similarly unpersuaded by Louis Vuitton’s argument that the plaintiffs cannot bring a claim under BIPA because “the events giving rise to the litigation did not occur ‘primarily and substantially’ in Illinois,” stating that the plaintiffs allege that they are Illinois residents who used the virtual try-on tool while in Illinois.” 

THE BIGGER PICTURE: The end of the Louis Vuitton case comes amid an influx of BIPA-centric cases, as an increasing number of brands and retailers have introduced things like virtual try-on tools that use biometric technology to recreate the fitting room experience or makeup testing in an e-commerce scenario. Among other brands that have been named in such suits, fellow LVMH-owned Dior was sued over the virtual eyewear try-on tool on its e-commerce site. Dior landed a win in February, with a U.S. District Court for the Northern District of Illinois judge granting its motion to dismiss the complaint on the basis that the plaintiff failed to state a claim given that Dior’s conduct falls within the bounds of BIPA’s statutory “healthcare” exemption. 

As for a few BIPA cases that are still under way … 

Estée Lauder Companies, Bobbi Brown Professional Cosmetics, Smashbox Beauty, and Too Faced Cosmetics are currently facing a BIPA-centric suit stemming from their virtual try-on tools. 

– Plaintiffs recently won class action certification in a state BIPA case against H&M, which allegedly violated Illinois biometric privacy law by requiring its employees to clock in and out of work using a fingerprint scanner without getting employees’ written authorization and without providing them with the required disclosures about why their biometric data was being collected and for how long it would be stored.

– In a non-fashion/luxury/beauty scenario, Prisma Labs – the company behind artificial intelligence (“AI”) image-generating app, Lensa A.I. – is being accused of “collecting, possessing, storing, using, and profiting from” Lensa users’ biometric identifiers namely, scans of their “facial geometry,” in connection with its creation of custom avatars, but failing to properly alert users about the data its collects and how it will be stored/destroyed, as required by the Illinois law.

– Jumio Corp. is facing a BIPA suit, with an Illinois federal court rejecting the selfie ID facial recognition identity verification vendor’s bid for dismissal earlier this month in a decision that Squire Patton Boggs’ David Oberly and Kristin Bryan say, “illustrates the scope of exposure faced by vendors for alleged non-compliance with BIPA, as well as the challenges and complexities in obtaining dismissals of biometric privacy class actions prior to the commencement of costly discovery.” 

The case is Theriot v. Louis Vuitton North America, Inc., 1:22-cv-02944 (SDNY).