The plaintiffs who filed a complaint with the court of the Northern District of Illinois claim that the exchange demanded that they load the identity and selfie certificates, which were processed by third -party software for recognizing persons. The Procedure of Customer Identification (Know Your Customer, KYC) on Coinbase includes scanning a person of users without their preliminary written notice and obtaining consent to data processing. Moreover, the exchange did not present the data storage schedule and the date of their future destruction, as BIPA requires. KYC also violates the laws of Illinois about the confidentiality of biometric data, the plaintiffs are outraged.
The complaints say that Coinbase without permission transferred their data to third -party services Jumio, ONFIDO, AU10TIX and Solaris. Dissatisfied investors said that more than 10,000 users sent complaints on these questions, but Coinbase did not pay the necessary arbitration fees, so many of the claims were rejected. A group of investors asked the court to appoint up to $ 5000 for Coinbase to customers for $ 5000 for violation of confidentiality and $ 1000 for negligence – in addition to legal costs and a ban on further BIPA violations.
“At any stage of the audit, Coinbase users did not give consent to the collection of biometric information. Users were not notified that their data would be collected by a third party. The exchange did not provide information about the verification process, the type of information collected and data. It is not clear how the data provided are stored and whether they are disclosed to other organizations, ”the lawsuit said.
Coinbase is not the first to accuse of such violations by the inhabitants of Illinois. In May 2023, the local trader complained about the collection of Coinbase of his data, including the image of the face and fingerprints through his mobile application. In February 2025, the court rejected the lawsuit after both sides agreed to terminate the case.
Recently, the high court of Kenya ruled that the World of World, previously known as Worldcoin, illegally collected the biometric data of Kenytsev, and ordered the company to delete this information. Last year, the Bavarian State Data Security Department (Baylda) issued a similar order in relation to World.
Source: Bits
I am an experienced journalist, writer, and editor with a passion for finance and business news. I have been working in the journalism field for over 6 years, covering a variety of topics from finance to technology. As an author at World Stock Market, I specialize in finance business-related topics.
