Over 10,000 Users Accuse Coinbase of Secretly Harvesting Biometric Data in Explosive Lawsuit
Key Takeaways:
- A class-action lawsuit accuses Coinbase of illegally collecting and sharing users’ biometric data.
- Plaintiffs allege Coinbase failed to inform users about how their facial data was collected, used, and stored.
- Over 10,000 arbitration claims have reportedly been dismissed after Coinbase refused to pay arbitration fees.
A new class-action lawsuit filed in Illinois could mark a turning point in how crypto exchanges handle biometric data. Coinbase is under legal fire for allegedly violating Illinois’ stringent biometric privacy laws by collecting and sharing users’ facial data without proper consent.
Read More: Coinbase Breaks Barriers: First-Ever Crypto Company Added to the S&P 500 Index
Coinbase Accused of Violating Biometric Privacy Laws
Lawsuit Highlights Systematic Data Collection
The case, which was filed in the U.S. District Court for the Northern District of Illinois on May 13, 2025, claims that Coinbase’s Know Your Customer (KYC) process collects biometric data without permission, specifically users’ facial geometry. Scott Bernstein, Gina Greeder, and James Lonergan, the plaintiffs, say that Coinbase broke the Illinois Biometric Information Privacy Act (BIPA) by not telling consumers in writing that they were going to gather their biometric data.
According to the complaint, users are required to upload a government-issued ID along with a selfie for identity verification. These images are then processed by third-party facial recognition services such as Jumio, Onfido, Au10tix, and Solaris, allegedly at Coinbase’s direction, without user knowledge or consent.
This process, plaintiffs argue, captures unique facial data—considered sensitive biometric identifiers—without adhering to BIPA’s clear requirement: that companies must provide advance written notice and obtain informed consent before collecting such data.
No Transparency on Retention or Destruction Policies
Company Failed to Publish Required Guidelines
The plaintiffs further allege that Coinbase has never made public any retention schedules or data destruction policies, another requirement under BIPA. The law mandates that companies clearly inform users how long their biometric data will be stored and when it will be permanently deleted.
Coinbase, on the other hand, is said to still be storing this data and possibly sharing it with outside suppliers, with no defined deadline or control. The plaintiffs say that this lack of transparency and protocol puts users’ sensitive biometric data at danger for a long time.
Massive Legal Ramifications and Arbitration Controversy
10,000+ Arbitration Cases Dismissed Over Fee Dispute
The complaint adds to the debate by saying that more than 10,000 Coinbase users have tried to file arbitration claims over the same privacy issues. But it is said that these lawsuits were thrown out because Coinbase didn’t want to pay the American Arbitration Association (AAA) the fees they needed to.
This move could be part of Coinbase’s larger legal plan to avoid individual arbitration, which is a common way for businesses to avoid expensive class-action lawsuits.
The lawsuit is seeking damages of:
- $5,000 per willful or reckless violation
- $1,000 per negligent violation
- Injunctive relief and attorney fees
The complaint also claims that Coinbase broke the Illinois Consumer Fraud and Deceptive Business Practices Act by lying to users about how their data would be used.
Read More: Binance vs. Coinbase Comparison in 2025: Fees, Safety, and Security
A Growing Pattern of Legal Troubles
Coinbase has been accused of using biometric data before. A similar action from 2023 was sent to arbitration and then dropped without prejudice. But because the most recent case involves tens of thousands of affected users and well-known third-party providers, legal experts think that the present action could create a big precedent for how biometric data is handled in crypto.
As of press time, Coinbase has not yet officially responded to the claims.
The post Over 10,000 Users Accuse Coinbase of Secretly Harvesting Biometric Data in Explosive Lawsuit appeared first on CryptoNinjas.
