The Internet reported that a group of Coinbase users from Illinois have filed a class-action lawsuit against the cryptocurrency exchange, accusing its identity checks of violating the state's Biometric Information Privacy Act (BIPA). In a May 13 complaint filed in federal court, plaintiffs Scott Bernstein, Gina Greeder and James Lonergan claimed that Coinbase violated BIPA by "mass collection" of facial recognition information to satisfy "Know Your Customer"(KYC) requirements, because users were not notified. The group alleges that Coinbase did not inform users in writing about the collection, storage or sharing of its biometric data, as well as the purpose of use and retention schedule of the data. "Coinbase has not publicly provided retention schedules or guidelines for the permanent destruction of plaintiff's biometric identifiers, which violates BIPA regulations," they claimed. The complaint alleges that Coinbase requires users to verify their identity by uploading government-issued photo IDs and self-timer photos, which are then sent to third-party facial recognition software for scanning and facial geometry data extraction. The process captured biometric identifiers without the user's informed written consent, which the lawsuit alleges violates BIPA.