Lemonade slapped with lawsuit over alleged mishandling of customers’ biometric data3 min read
AI Jim asked Pruden several questions regarding the circumstances of the lost jewellery, including when the incident occurred and the cause of the loss, the lawsuit continued. Pruden was also asked to sign a pledge to confirm that the information provided is “100% true and accurate.” After signing the pledge, AI Jim then asked Pruden to record a short video of himself describing what had happened.
Pruden recorded a 47-second video wherein he described the circumstances of his claim to meet AI Jim’s requirement, but the chatbot did not immediately approve the claim, the lawsuit stated. Instead, AI Jim sent the video to Lemonade’s human team, and Pruden’s claim was approved 10 days later on June 04, 2021.
The lawsuit argued that sending Pruden’s video to a human team ran against Lemonade’s terms of service and “Data Privacy Pledge”. The insurer had promised that it would not collect, store, analyse or use customers’ biometric data. Pruden had also believed that his biometric data would not be analysed, collected, stored, and used, and that he did not consent or provide permission for the insurer to keep and use his data.
“Had Plaintiff known that Lemonade unlawfully collects, stores, analyses, or uses his biometric data, Plaintiff would not have purchased an insurance policy from Lemonade or would have paid less for the same insurance policy,” the complaint added.
The lawsuit also cited some substantive allegations to support its case.
On its website and proprietary app, Lemonade expressly assured consumers that the video process is used because it is “better for [its] customers, making it easier for them to describe what happened in their own words,” and that it does not collect their personal information. The insurer also described how AI Jim works, saying that the bot analyses the contents of the video by utilizing “dozens of anti-fraud algorithms” to determine whether to approve the claim or not.
But on May 24, 2021, Lemonade publicly revealed in a series of social media posts on Twitter that it picks up and analyses “non-verbal cues” from the videos submitted as part of the claims process. The insurer added that this practice helps lower its loss ratios – a statement that was met with criticism and outrage among consumers and privacy experts.
Lemonade later retracted the Twitter messages and explained in another statement that the term non-verbal cues was “a bad choice of words” to describe its facial recognition technology, which the company claims it uses in order to flag claims submitted by the same person under different identities. This move, the lawsuit maintained, confirms that Lemonade uses facial recognition technology, and thus has a database from which to cross-reference biometric data.
“Based on consumers’ preferences and concerns over personal data as well as Lemonade’s express and implied promises that it will not collect plaintiff and class members’ biometric data, plaintiff and class members have an expectation that their face geometry, voiceprints, or other biometric data will not be collected, analysed, stored, or otherwise used by Lemonade without their knowledge and/or consent,” the lawsuit said. “Violation of the expectation, which plaintiff and class members bargained for, directly harmed plaintiff and class members.”
“Lemonade purported to act consistently with consumer expectations and its written guarantees by promising to only collect certain types of data, none of which includes biometric data.”
Consumer-focused news outlet Consider The Consumer reported that the lawsuit accuses Lemonade of multiple violations, including violation of New York’s Uniform Deceptive Trade Practices Act, breach of contract, breach of implied contract and unjust enrichment.