Clearview AI faces another multimillion-dollar fine. Greece's privacy watchdog is handing out a €20 million fine to the U.S. technology company for violating the General Data Protection Regulation (AVG) (1). The company may no longer process personal data of Greek citizens and must destroy data already collected.
So writes privacy organization Noyb, which along with other privacy organizations filed a series of charges against Clearview (2).
Clearview AI is a company that sells facial recognition technology to investigative and law enforcement agencies worldwide. The American company, according to many privacy experts, has the largest database of facial profiles in the world. It reportedly contains more than 20 billion images. The company aims to expand its face database to one hundred billion faces within now and a year. This would make it possible to identify almost every person on earth.
To build this database, Clearview uses scraping software. That is a program that automatically visits public sources on the Internet and collects profile photos with associated information. Then you have to think of social media and personal Web sites (3). A patented facial recognition program then builds a facial recognition database.
Noyb is not served by these practices. Along with Privacy International, Hermes Center and Homo Digitalis, the civil rights organization has filed complaints about alleged privacy violations with the national regulators of France, Austria, Italy, Greece and the United Kingdom.
The Greek Data Protection Authority has issued a ruling on the matter. This ruled that Clearview uses its software to monitor people's behavior. Although the tech company does not offer its services in Greece, it does collect personal data from Greek citizens. That means the AVG applies.
European privacy laws prohibit the collection of images for a biometric search engine. That is exactly what Clearview is doing, the Greek regulator concludes. Clearview is therefore banned from collecting facial profiles and must delete all existing data. Also, the company must appoint a representative in the EU. This will make it easier for European citizens to exercise their rights. Finally, the tech company must pay a €20 million fine for violating the AVG.
This is not the first multimillion-dollar fine imposed on Clearview in Europe. Italian regulator GPDP fined the company €20 million in March this year (4). The privacy watchdog concluded that the company unlawfully collected and processed biometric and location data of Italian citizens. The company also violated European privacy laws and was not open and honest about its data collection practices.
In May, the Information Commissioner's Office (ICO) handed out a fine of more than 7.5 million pounds, which translates to 8.9 million euros (5). The British regulator ruled that Clearview collected photos of British men and women without explicit consent. It also ordered the technology company to remove all profiles of British citizens from its database.
Regulators from Belgium, France, Sweden, Germany, Canada and Australia previously ordered Clearview to stop collecting photos of citizens and delete photos in its database (6).
Clearview's facial recognition software is also controversial in our country. The American medium Buzzfeed News published an article last year stating that the National Police used Clearview's services between 51 and 100 times. This prompted D66 and GroenLinks to submit written questions about this to then Minister for Legal Protection Sander Dekker (7).
Minister Dekker denied that the police used Clearview's facial recognition technology. "Neither in the financial records of the police, nor in the departments involved in digital investigations, has any indication been found that Clearview would have been used," he wrote to the House of Representatives (8). However, he could not guarantee that any individual police officer had visited the company's website and made some inquiries. "That does not mean that the system was operationally deployed," the minister said.
https://www.vpngids.nl/veilig-internet/zakelijk/vereisten-avg/
https://noyb.eu/nl/tweede-boete-van-20-miljoen-euro-voor-clearview-ai
https://www.vpngids.nl/privacy/social-media/
https://www.vpngids.nl/nieuws/italiaanse-toezichthouder-geeft-clearview-boete-van-20-miljoen-euro/
https://www.vpngids.nl/nieuws/ico-legt-clearview-ai-boete-op-van-75-miljoen-pond/
https://www.vpngids.nl/nieuws/clearview-moet-ook-belgische-gezichten-uit-database-verwijderen/
vpngids.co.uk/news/chamber-wants-clearance-over-use-of-face-recognition-software-by-police/
https://www.vpngids.nl/nieuws/kabinet-houdt-vol-politie-heeft-nooit-software-clearview-ai-gebruikt/
