By Alice Seeley
On Monday, Feb. 14, Texas Attorney General Ken Paxton sued Meta’s Facebook, claiming that Facebook violated state privacy protections with facial-recognition technology that collected the biometric data of tens of millions of Texans without their consent.
The lawsuit alleges Meta violated Texas’s biometric data law, the Capture or Use of Biometric Identifier (CUBI) Act of 2009. The state can enforce a civil penalty of up to $25,000 for each instance of an unlawful collection of a biometric identifier, disclosure of that data to a third party, and failure to destroy the data promptly.
The state also alleged Meta violated the state’s Deceptive Trade Practices Act by misleading consumers and asked for an additional $10,000 civil penalty for each violation of that law.
Meta’s facial-recognition feature analyzes faces in photos, including those of non-Facebook users, and recommended that Facebook users tag the people that the tool identified. Meta discontinued this feature in November 2021, months after it settled a groundbreaking class-action lawsuit in Illinois over the same issue for $650 million.
Meta also stated that it would delete the data it had collected from at least 600 million users who had been a part of the program. Even though the feature has been discontinued, Paxton argued that Meta should still be held accountable.
This feature left millions of Texans at risk of having their identity stolen.
“Unlike other identifiers, such as Social Security numbers, which can be changed when stolen or misappropriated, biometric identifiers are permanent,” the suit said. “Once a biometric identifier is captured, a bad actor can access and exploit the identifier for the rest of the victim’s life.”
A Meta spokesperson told the New York Post on Monday the claims were” without merit and we will defend ourselves vigorously.”
