An Uber driver has taken Microsoft to court over its role in Uber’s identity verification system, Real-Time ID Check.

Real-Time ID Check requires drivers to snap selfies before signing on to the platform and accepting ride requests. The new feature is described as a way to prevent fraud and protects drivers’ accounts from being compromised, but Illinois driver Mario Pena claims Microsoft, who it appears is providing the back end, has unlawfully collected and used his facial data when it verified his identity.

The suite is being brought under Illinois’ Biometric Information Privacy Act (BIPA) that requires that users give informed consent in writing before collecting, analyzing and storing state residents’ digital likenesses.

Pena is claiming security against fraud and ID theft has been compromised now that his biometric identifiers are stored online, beyond his control and without his permission.

The case, which is seeking class-action status, notes that  Microsoft failed to make a policy as to its collection, storage, deletion, retention, and security practices regarding the biometric information in its possession publicly available and that it profited from that data through charges to Uber.

BIPA is clear in prohibiting companies from profiting from biometric identifiers collected without consumer consent. The case may only be heard on the 16th of September when the first case management call will take place.

via BiometricUpdate