A new Coinbase biometric lawsuit has been filed in the U.S. state of Illinois. A group of investors is accusing the exchange of violating the state’s Biometric Information Privacy Act (BIPA) by collecting facial data during its KYC process without proper notice or consent.
The class-action complaint, submitted to the U.S. District Court for the Northern District of Illinois, alleges that Coinbase failed to inform users about the scope and purpose of biometric data collection.
Coinbase Biometric Lawsuit Alleges Illegal KYC Practices
According to the plaintiffs, Coinbase required users to upload government ID and selfies that were then processed using third-party facial recognition software. The exchange allegedly failed to:
-
Provide written notice of biometric data collection
-
Obtain informed user consent
-
Disclose retention periods or deletion policies
-
Reveal how data might be shared with third parties
The complaint names several external service providers involved in the process, including Jumio, Onfido, Au10tix, and Solaris.
“At no point did users consent to the collection of biometric data,” the lawsuit states.
Thousands Affected, Compensation Demanded
The Coinbase biometric lawsuit highlights that over 10,000 users have filed complaints related to biometric privacy. Many of these were dismissed after Coinbase allegedly failed to pay required arbitration fees.
Now, the plaintiffs are asking the court to:
-
Award up to $5,000 per person for privacy violations
-
Award $1,000 per person for negligence
-
Cover legal expenses
-
Issue a ban on future violations of the Illinois BIPA law
Illinois is one of the strictest U.S. states in terms of biometric data protection. Under BIPA, companies must adhere to clear protocols when collecting and storing sensitive data like fingerprints or facial scans.
Coinbase Not Alone in Biometric Controversies
Coinbase has faced similar legal actions before. In May 2023, a trader in Illinois sued the exchange for collecting facial images and fingerprints through its mobile app. That case was dismissed in early 2025 after both parties reached a settlement.
Globally, concerns over biometric data have led to legal consequences for other crypto-linked platforms. In 2023, Worldcoin was ordered by regulators in Kenya and Germany to delete illegally gathered biometric data.
These legal actions suggest growing regulatory attention to biometric privacy across the blockchain sector.
Conclusion: Coinbase Biometric Lawsuit Could Set Legal Precedents
The Coinbase biometric lawsuit may become a pivotal case in how crypto exchanges handle user identity verification. If the court rules in favor of the plaintiffs, it could set a precedent for stricter biometric compliance across the U.S. crypto industry.
As regulators and users become more aware of privacy risks, platforms like Coinbase may need to adopt new standards to avoid legal backlash.
