Uber Faces Illinois Lawsuit Over Biometric Data Use to Adjust Fares

3 min readSources: Courthouse News

An Illinois lawsuit alleges Uber illegally uses drivers' biometric data to alter fares.

Why it matters: This case spotlights evolving legal challenges around biometric data privacy and wage practices in the gig economy. Legal teams must scrutinize platform data use and compliance with biometric privacy laws like Illinois' BIPA.

  • Lawsuit filed July 9, 2026, in Illinois’ Circuit Court by driver Edwin Carranza alleging violation of Illinois Biometric Information Privacy Act (BIPA).
  • Complaint accuses Uber of collecting biometric and continuous geolocation data without informed consent to manipulate driver payouts.
  • Uber settled a $148 million 2018 class action for concealing a 2016 data breach impacting millions of users and drivers.
  • In August 2024, Uber was fined €80 million by the Dutch Data Protection Authority for illegally transferring EU drivers’ data to U.S. servers, violating GDPR.
  • Carranza’s complaint claims Uber’s practices breach BIPA and seek statutory damages under Illinois law.

Uber Technologies Inc. faces a lawsuit in Illinois alleging it unlawfully collects and exploits drivers’ biometric data without proper consent, violating the Illinois Biometric Information Privacy Act (BIPA). Filed on July 9, 2026, in Cook County Circuit Court, the complaint by driver Edwin Carranza asserts Uber collects continuous geolocation data and biometric identifiers to adjust fares and driver compensation dynamically.

The complaint details that Uber records biometric data, such as facial recognition or fingerprints, when drivers use certain features of its app. It alleges Uber does not provide the required notice or obtain written consent mandated by BIPA, which governs biometric data collection in Illinois.

Uber’s use of such sensitive data purportedly allows it to manipulate fares and driver earnings without transparency. Carranza seeks statutory damages under BIPA, emphasizing privacy and wage concerns for gig workers.

Uber’s history with data privacy complaints includes a $148 million settlement in 2018 arising from a concealed 2016 breach compromising data from 57 million customers and 600,000 drivers. Further, in August 2024, the Dutch Data Protection Authority fined Uber €80 million for GDPR violations related to transferring EU drivers’ personal data to U.S. servers, highlighting ongoing transatlantic regulatory scrutiny.

This Illinois suit intensifies the spotlight on platform liability for biometric data misuse and employment rights in the gig economy, where legal counsel must navigate intersecting privacy statutes and labor protections carefully. Legal professionals representing platform companies or gig workers should monitor this case’s developments, as it may influence biometric data practices nationwide.

Uber has not publicly responded to the allegations or detailed its legal strategy concerning this lawsuit as of now.

By the numbers:

  • $148 million — Uber’s 2018 settlement for a concealed 2016 data breach.
  • €80 million — fine imposed on Uber in 2024 for GDPR violations regarding EU drivers’ data.
  • July 9, 2026 — date of the new lawsuit filing in Illinois.

Yes, but: While the lawsuit alleges violations of Illinois biometric privacy law, Uber has not yet responded publicly, and no court rulings have been made, so claims remain unproven.

What's next: The case will proceed through Illinois courts, with initial hearings and potential motions expected in late 2026; outcomes could set precedents for biometric data use in gig work.