(Source-euractiv.com_
The Dutch Data Protection Authority (Dutch DPA) has imposed a significant fine of €30.5 million ($33.7 million) on Clearview AI, a facial recognition technology firm, for breaching the General Data Protection Regulation (GDPR) within the European Union. Clearview AI, which amassed a vast database of billions of facial images, including those of Dutch citizens, has faced international scrutiny for its controversial data collection practices.
Clearview AI Accused of Privacy Breach
Clearview AI’s practice of collecting facial data without consent has been flagged as a serious privacy violation by several countries. The Dutch DPA’s investigation found that the company built a massive database by scraping publicly available images from the internet, including photos of individuals from the Netherlands. This data was used to create unique biometric profiles, enabling law enforcement agencies to identify suspects, persons of interest, and victims. According to the Dutch DPA, Clearview failed to inform the individuals whose images were collected and did not provide a mechanism for them to access or delete their data.
Aleid Wolfsen, chairman of the Dutch DPA, condemned the company’s actions, emphasizing the risks posed by facial recognition technology. “Facial recognition is a highly intrusive technology that you cannot simply unleash on anyone in the world,” he stated. Wolfsen warned that any image posted online could potentially end up in Clearview’s database, allowing individuals to be tracked without their knowledge. This, he said, is not a hypothetical situation but a real concern, adding that such practices should not be limited to countries like China.
Global Regulatory Backlash and Future Consequences
Clearview AI has faced similar regulatory challenges in other nations, including the U.K., Australia, France, and Italy, all of which have raised concerns over the company’s extensive data collection methods. Despite being ordered to cease its practices, Clearview allegedly continued violating GDPR regulations, prompting the Dutch DPA to consider holding the company’s management personally accountable for these breaches. If Clearview fails to comply, it could face an additional fine of €5.1 million ($5.6 million), and Dutch companies have been banned from using the firm’s services.
Wolfsen further noted that corporate leaders could face penalties if they knowingly violate GDPR regulations and fail to stop such actions. Clearview’s response to the ruling was one of defiance, as the company claimed it is not subject to EU data protection laws due to its lack of business presence in the region. However, the Dutch authority’s decision reflects a broader crackdown on privacy violations tied to facial recognition technologies worldwide.
Ongoing Legal Battles and International Response
In addition to the fines imposed by European authorities, Clearview has been involved in legal disputes in the United States. Recently, the company settled a lawsuit in Illinois over similar privacy concerns related to facial recognition. Rather than a traditional financial settlement, Clearview granted the plaintiffs a 23% stake in its future value. However, the company did not admit to any wrongdoing.
The mounting legal challenges against Clearview AI highlight the growing global unease with the use of facial recognition technology and the need for stricter regulations to protect individual privacy. As investigations continue, the outcome of Clearview’s case in the Netherlands could set a precedent for other countries grappling with similar privacy concerns.
Also Read: CyberPro Magazine
