Regulation & Policy
Share
Coinbase is facing a proposed federal class action lawsuit accusing the cryptocurrency exchange of unlawfully collecting users’ facial data without their consent, in potential violation of Illinois’ Biometric Information Privacy Act (BIPA).
Filed on May 13 in the U.S. District Court for the Northern District of Illinois, the complaint alleges that Coinbase used facial recognition tools to scan and analyze users’ facial features as part of its identity verification process—without securing the written consent required under Illinois law.
The lead plaintiffs—Scott Bernstein, Gina Greeder, and James Lonergan—claim the company not only failed to disclose its biometric data collection practices, but also didn’t publish a data retention schedule or policy, as mandated by BIPA.
According to the lawsuit, Coinbase also shared users’ biometric data with third-party vendors Jumio Corp. and Onfido without first obtaining user permission.
Disclaimer of Warranty
The information provided in this article is for general informational purposes only. We make no warranties about the completeness, reliability, and accuracy of this information. Read full disclaimer
The plaintiffs turned to the court after Coinbase allegedly declined to arbitrate the claims. Their legal team had previously filed over 10,000 individual arbitration demands in early 2024 through the American Arbitration Association (AAA).
Coinbase responded by arguing that the claims should instead be heard in Illinois small claims court, or be subject to additional procedural steps before arbitration could proceed. However, a process arbitrator rejected those arguments, and AAA ruled in March 2025 that standard arbitration fees would apply—contrary to Coinbase’s preferred fee structure.
When Coinbase failed to pay the required filing fees, AAA closed the arbitration cases, paving the way for the plaintiffs to file suit in federal court.
The proposed class includes Illinois residents whose biometric data was allegedly collected by Coinbase over the past five years. The complaint asserts that Coinbase violated BIPA’s core requirements around informed consent, disclosure, and transparency.
The plaintiffs are seeking statutory damages of up to $5,000 per violation, as well as injunctive relief, attorneys’ fees, and interest.
Editor's Picks
Franklin Templeton’s 250 Digital Deal Signals a Shift Toward Active Crypto Management
Walid Abou Zaki
Apr 1, 2026
5 min
VARA Introduces Virtual Asset Derivatives Framework As Dubai Deepens Market Maturity
Walid Abou Zaki
Mar 31, 2026
7 min
Crypto-Collateral Mortgage Gap Signals Future Opportunity for Dubai
Walid Abou Zaki
Mar 28, 2026
7 min
Read More Articles
In the Same Space
UAE Digital Asset Regulations Move Into More Complex Ground With New CMA Rules
Walid Abou Zaki
Apr 2, 2026
6 min
From Single Tokens to Crypto Baskets: NYSE Arca Options Get SEC Greenlight
News Desk
Apr 2, 2026
5 min
Beyond the Noise, the UAE Is Still Building
Walid Abou Zaki
Apr 1, 2026
6 min
Hong Kong Stablecoin Licenses Delayed Beyond March Target
News Desk
Apr 1, 2026
5 min
