A major development in digital privacy took place earlier this year. On January 29, 2026, a federal court granted class certification in a landmark case against Apple, allowing millions of Illinois residents to move forward with claims that the company's Siri voice assistant violated state privacy law.

This marks the first successful class action targeting Siri under the Illinois Biometric Information Privacy Act (BIPA) - one of the strongest biometric privacy laws in the country.

What the Case is About

At the center of the lawsuit is a simple but important question: Did Apple collect and use users' voice data without proper consent?

According to the complaint, Siri allegedly captures and uses biometric voice data - known as voiceprints - in two key ways. First, is the "Hey Siri" voice recognition function. When users enable Personalized Siri, Apple creates a unique voiceprint to recognize the phrase "Hey Siri" and unlock the device. 

The second way is by processing everyday Siri requests. Even without personalized settings enabled, Siri processes voice commands in a way that allegedly creates biometric identifiers from users' speech.

The lawsuit claims Apple violated multiple provisions of Illinois's biometric privacy law by:

• Failing to obtain informed written consent before collecting voiceprint data
• Not clearly explaining how long the data would be stored or how it would be used
• Failing to publish policies for data retention and deletion
• Allegedly sharing voice data with third-party contractors without authorization

Under BIPA, companies must follow strict rules when handling biometric data - and violations can carry significant penalties.

Who Could Be Affected

The certified class includes: All Illinois residents who used Siri on an Apple device and had their voice data collected or analyzed from September 2014 to the present.

This could include millions of Apple device (iPhone, iPad, Apple watch, Mac, etc) users across the state and the potential financial exposure in this case is substantial.

Plaintiffs are seeking:

• $1,000 per violation (negligent)
• $5,000 per violation (intentional or reckless)
• Court-ordered changes requiring Apple to comply with privacy laws
• Attorneys' fees and additional relief

Given the size of the class, total damages could reach significant levels if the claims are proven.

What Happens Next

With class certification granted, the case now moves forward on behalf of all affected Illinois users.

Key next steps include:

• Continued litigation or potential settlement discussions
• Further court rulings on liability and damages
• Possible opportunities for class members to participate

This ruling is a major step forward in one of the most closely watched biometric privacy cases in the U.S.

If successful, it could reshape how companies like Apple handle voice data - and reinfoce the importance of transparency and consent in the digital age.