Photo of Jennifer Warner Torrez

Jennifer's practice runs the gamut of data privacy and security matters, including litigation, incident response, and compliance. As a Certified Information Privacy Professional (CIPP/US), she draws upon her litigation experience and approaches each data security incident with an eye toward the future, aiming to prevent issues before they arise.

This year, the Cook County docket has seen an influx of class action claims seeking redress under an older Illinois privacy statute, the Genetic Information Privacy Act (GIPA), no doubt due to the statute’s extreme statutory damage provisions. GIPA, enacted in 1998, provides a private right of action and permits recovery for actual damages or for statutory damages of $2,500 per negligent violation and $15,000 per intentional or reckless violation of the statute. The potential for massive awards has clearly caught the eye of the plaintiff’s bar. Indeed, despite sporadic filings over the past decade, nearly 30 cases have been brought under GIPA in 2023 in Cook County alone, the majority of which have been filed in the last two months.Continue Reading Employers Beware – New Life for an Old Statute: Cook County Class Action Litigation Under the Genetic Information Privacy Act

On April 18, 2023, the Washington legislature passed the My Health My Data Act (the “Health Act”), a broad-sweeping data privacy and protection law governing individual personal health data. Although this bill is pending Governor Jay Inslee’s signature, the privacy community expects signature this year and braces itself for this novel law.Continue Reading An “Apple A Day” Does Not Keep Washington Regulators and Consumers Away: Washington Passes My Health My Data Act

After its February 2, 2023, decision in Tims v. Black Horse Carriers, Inc., which held that a five-year statute of limitations applies to all claims brought under the Illinois Biometric Information Privacy Act (“BIPA”), the Illinois Supreme Court has now answered the question of when a BIPA claim accrues: each time an entity scans or transmits an individual’s biometric identifier or information.     Continue Reading BIPA Claims Accrue at Each Scan or Transmission, per Illinois Supreme Court

Today, the Illinois Supreme Court issued a long-awaited and highly-anticipated decision in Tims v. Black Horse Carriers, Inc., which is sure to have a long-term ripple effect on litigation under the Illinois Biometric Information Privacy Act (“BIPA”) going forward. With no dissenting opinion, the Supreme Court reversed the Illinois First District Appellate Court’s decision applying two separate statutes of limitation depending on the section under which a plaintiff’s BIPA claim is brought. The Supreme Court held instead that the five-year catchall statute of limitations period contained in the Illinois Code of Civil Procedure applies to all BIPA claims. Specifically, the Supreme Court held that two separate statutes of limitation go against Illinois public policy and could cause an “unclear, inconvenient, inconsistent, and potentially unworkable regime” for BIPA litigation.Continue Reading Bad News for BIPA Defendants: Illinois Supreme Court Holds That Five-Year Statute of Limitations Applies to All BIPA Claims

On Wednesday, a federal jury broke new ground for lawsuits alleging violations of the Illinois Biometric Information Privacy Act (BIPA). Rogers v. BNSF Railway Co. is the first BIPA class action to go to trial in Illinois, and after only five days of trial and a mere hour of deliberation, the jury returned a verdict in favor of the plaintiff resulting in a whopping $228 million damage award to the class.
Continue Reading Are BIPA Claims a Runaway Train? Defendant Hit With $228 Million Federal Jury Verdict in Rogers v. BNSF Railway