Read the attached settlement from the Illinois lawsuit before speaking. It doesn't require "actual damages."
Seriously read the settlement. Since you won't I'll paste part of the summary here:
The plaintiffs in the L.A. Tan case alleged that the company, which used customers’ fingerprint scans in lieu of key fobs for tanning membership ID purposes, violated the BIPA by failing to obtain the customers’ written consent to use the fingerprint data and by not disclosing to customers the company’s plans for storing the data or destroying it in the event a tanning customer terminated her salon membership or a franchise closed. The plaintiffs did not claim L.A. Tan illegally sold or lost customers’ fingerprint data, just that it did not handle the data as carefully as the BIPA requires.
HUH NO ACTUAL DAMAGES. Just that they were an aggrieved party whose information wasn't being stored according to the statutory requirements. Mind blowing