Dutch data protection authorities have imposed a fine of €30.5m ($33.7m) on Clearview AI, citing violations of the European Union’s GDPR.
According to Security Week, the Netherlands’ Data Protection Agency (DPA) described Clearview AI’s database, which reportedly contains billions of photos, as “illegal.” This significant penalty marks one of the sternest actions taken against the misuse of facial recognition technology to date.
According to the DPA, the database’s extensive collection of internet-sourced images constitutes a serious intrusion into personal privacy and fails to comply with the EU’s stringent data protection standards. The agency also prohibited Dutch firms from using Clearview’s services, emphasising the importance of protecting citizens from unsanctioned surveillance and data misuse.
DPA chairman Aleid Wolfsen stressed the invasive nature of facial recognition technology, stating, “Facial recognition is a highly intrusive technology, that you cannot simply unleash on anyone in the world.”
Clearview AI’s chief legal officer, Jack Mulcaire, responded to the fine by questioning the legitimacy of the DPA’s decision. “The decision is unlawful, devoid of due process and is unenforceable,” Mulcaire said. He also highlighted that Clearview AI does not recognise the DPA’s jurisdiction over their operations, as the company claims it has no physical presence or customers in the Netherlands or the EU.
In addition to the immediate fine, Clearview faces further penalties of up to €5.1m ($5.6m) if it continues to breach the GDPR regulations. This decision comes on the heels of a settlement in an Illinois lawsuit, where Clearview AI agreed to a deal potentially worth over $50m, though the company did not admit any liability for privacy rights violations concerning their facial recognition database.
Copyright © 2024 RegTech Analyst
Copyright © 2018 RegTech Analyst