The 22-page lawsuit out of Cook County Circuit Court alleges Lemonade, an “artificial intelligence-driven” insurer, has violated the Illinois Biometric Information Privacy Act (BIPA) by collecting scans of residents’ facial geometries as part of its claims process without first providing required disclosures and obtaining their express consent to do so. Per the suit, Lemonade has failed to notify Illinois customers in writing of its intention to collect their biometric data, secure a written release to do so, and publish a publicly available retention schedule outlining how and when the data would be destroyed.
Although Lemonade represents that it provides an “instant, seamless, and delightful” insurance experience that allows insureds to upload videos explaining their claims in their own words, the company, the case alleges, has failed to disclose that its business model is built on collecting vast amounts of consumer data without their knowledge or consent.
“Or, put another way, Lemonade is an insurance company that claims it is replacing human brokers and actuaries with bots and AI in order to streamline the insurance claim process,” the complaint states. “In the process, however, Lemonade collects tremendous amounts of data, including biometric information, about its customers without telling them in direct violation of BIPA.”
Lemonade purportedly touts its ability to “extract thousands of bits of data” from the videos it requires customers to upload to its app as part of the insurance claims process. According to the case, customers are required to record videos of themselves answering a series of questions posed by Lemonade’s automated chatbot and, in the process, the insurer’s technology collects as many as 1,600 data points. Lemonade, which offers homeowners, renters, pet and life insurance policies, has boasted that its “vast troves of customer information” allow it to decide whether to pay out certain claims, detect fraud and price its products, the complaint says.
The lawsuit centers on a Twitter thread posted by Lemonade in which the insurer stated its artificial intelligence could analyze customers’ videos for signs of fraud by picking up “non-verbal cues” that traditional insurers would be unable to detect. Per the suit, the company faced immediate backlash over the controversial posts describing its AI technology, and later clarified that “[t]he term, non-verbal cues was a bad choice of words to describe the facial recognition technology we’re using to flag claims submitted by the same person under different identities. These flagged claims then get reviewed by our human investigators.”
The complaint alleges the company’s admission to its use of facial recognition technology makes clear that Lemonade has collected “reams of data, including biometric data like face geometry” from Illinois residents without adhering to the BIPA’s requirements.
“In short, Lemonade did not disclose to its customers the extent to which it was collecting and using their sensitive biometric (and other information),” the lawsuit says. “Indeed, the ‘instant, seamless, and delightful’ insurance experience that Lemonade aggressively markets was built by the collection of its customers’ own data, including their biometric information, which those customers never realized they were providing.”
The lawsuit looks to represent anyone whose biometric identifiers or biometric information was collected, captured, stored, used, transmitted, received or otherwise obtained or disseminated by Lemonade in Illinois within the applicable statute of limitations.