477 F.Supp.3d 723
N.D. Ill.2020Background
- Cothron began working for White Castle in 2004; around 2007 White Castle required managers to scan and register fingerprints to access systems and paystubs.
- White Castle transferred and stored fingerprint data with third-party vendors (Cross Match, Digital Persona) and other off-site storage.
- Illinois enacted BIPA in mid-2008; White Castle did not obtain the written disclosures/consent required by BIPA until October 2018.
- Cothron filed a class action in state court on December 6, 2018 (removed to federal court). Her operative complaint alleges violations of BIPA Sections 15(b) (collection without consent) and 15(d) (disclosure without consent).
- White Castle moved for judgment on the pleadings under Rule 12(c), arguing Cothron’s claims accrued in 2008 and are time-barred; Cothron argued waiver and that claims are timely either under the continuing-violation doctrine or because each post-BIPA scan/disclosure is a separate violation.
- The court denied judgment on the pleadings, holding (1) White Castle did not waive the statute-of-limitations defense and (2) Cothron pleaded multiple timely violations because each unauthorized scan and each unauthorized disclosure/redisclosure independently violates Sections 15(b) and 15(d).
Issues
| Issue | Plaintiff's Argument | Defendant's Argument | Held |
|---|---|---|---|
| Waiver of statute-of-limitations defense | Cothron: White Castle waived the defense by not raising it in its earlier Rule 12(b) motion | White Castle: Affirmative defenses need not be raised in pre-answer Rule 12(b) motions and may be asserted in the answer and then by Rule 12(c) motion | Court: No waiver — Rules permit asserting statute-of-limitations as an affirmative defense in the answer and then moving under Rule 12(c) |
| Accrual: continuing-violation vs. discrete-violation | Cothron: Either the continuing-violation doctrine delays accrual to the last unlawful act, or each post-BIPA scan/disclosure is a separate violation that accrues when it occurs (so some claims are within limitations) | White Castle: The complaint describes a single violation that accrued in 2008, so claims are time-barred | Court: Continuing-violation doctrine does not apply to Sections 15(b) and 15(d); each unauthorized collection (scan) and each unauthorized disclosure/redisclosure is a discrete, immediately actionable violation, so Cothron alleged multiple timely violations |
Key Cases Cited
- Bishop v. Air Line Pilots Ass'n, Int'l, 900 F.3d 388 (7th Cir. 2018) (Rule 12(c) standard mirrors Rule 12(b)(6))
- Wagner v. Teva Pharm. USA, Inc., 840 F.3d 355 (7th Cir. 2016) (plausibility standard for pleadings)
- Ashcroft v. Iqbal, 556 U.S. 662 (2009) (pleading standards)
- Brownmark Films, LLC v. Comedy Partners, 682 F.3d 687 (7th Cir. 2012) (affirmative defenses and proper use of Rule 12(c))
- Feltmeier v. Feltmeier, 207 Ill.2d 263 (Ill. 2003) (explaining continuing-violation doctrine under Illinois law)
- Belleville Toyota, Inc. v. Toyota Motor Sales, U.S.A., Inc., 199 Ill.2d 325 (Ill. 2002) (repeated statutory violations are discrete actionable wrongs, not a single continuing violation)
- Rosenbach v. Six Flags Entm't Corp., 129 N.E.3d 1197 (Ill. 2019) (violation of any Section 15 requirement confers standing under BIPA)
- Bryant v. Compass Grp. USA, Inc., 958 F.3d 617 (7th Cir. 2020) (failure to obtain informed consent inflicts the concrete BIPA injury)
- Rodrigue v. Olin Employees Credit Union, 406 F.3d 434 (7th Cir. 2005) (continuing-violation doctrine applies where a cause arises from a series of acts considered collectively)