Clearview AI is a New York-based facial recognition company providing software to companies, law enforcement agencies, universities, and individuals. The firm’s algorithm matches faces to a database of over 20 billion images indexed on the Internet. This includes social media channels.
Recently, the controversial company has been ordered to delete all data that belongs to UK residents. The warning came from the country’s privacy watchdog, the Information Commissioner’s Office (ICO). The ICO also fined Clearview AI £7.5 million ($9.4 million) for failure to follow the UK’s data protection laws.
Clearview AI and its background on data usage
Based on The Verge article, this is the fourth time Clearview has been commanded to delete national data, following similar orders and sanctions issued in Australia, France, and Italy.
Clearview claims its facial recognition database with 20 billion images scraped from public sources like Facebook and Instagram. It previously sold its software to different private users and businesses. However, it recently agreed to focus on selling to federal agencies and police departments in the US. The said agreement came after a lawsuit filed by the ACLU or the American Civil Liberties Union.
In the United Kingdom, the following law enforcement clients used Clearview AI:
- Ministry of Defense,
- Metropolitan Police,
- National Crime Agency.
ICO reports that the company “no longer provides its services to UK organizations. However, customers can still use the data it has pulled from UK residents in other countries.
Information Commissioner’s Office
In a press statement, John Edwards, Information Commissioner of the UK, said Clearview had possibly collected significant information owned by the UK citizens.
“The company not only allows identification of those people, but effectively monitors their behavior and offers it as a commercial service. That is unacceptable. That’s why we have to protect the UK people by both fining the company and issuing an enforcement notice.” -John Edwards.
According to the ICO, Clearview violated several UK data protection law principles. The company failed to use data in a “fair and transparent way,” given that residents’ images were used without their consent. Likewise, it violated the law for “the lack of a lawful reason for collecting people’s information”. Plus, for “failing to maintain a procedure to stop the data being retained indefinitely.”
Even though ICO has issued a fine against Clearview AI and instructed the company to delete UK-owned data, it’s vague how this might be enforced if the firm has no business or customers in the country to sanction. Concerning a similar deletion order and fine issued in Italy under EU law earlier this year, Clearview’s CEO Hoan Ton-That responded that the US-based company was not subject to EU laws and principles.
Possible Fines
When questioned on the issue, the ICO told The Verge that if Clearview fails to comply, it can issue further fines.
Lee Wolosky of Jenner and Block, Clearview’s legal representatives, told The Verge:
“While we appreciate the ICO’s request to lower their monetary penalty on Clearview AI, we stand firm that the decision to impose any fine is incorrect as a matter of law. Clearview AI is not subject to the ICO’s jurisdiction, and Clearview AI does no business in the UK at this time.”
Meanwhile, the ICO said that Clearview has 28 days to appeal the ruling and six months to comply. On identifying data belonging to UK residents and other individuals, the group said, “this is a matter for Clearview AI to answer”. The watchdog added that its investigations team closely coordinated with Clearview to ensure the implementation of appropriate measures.
For other tech news and top stories, read more here at Owner’s Mag!
