Headline: Dutch Data Protection Authority Levies €30.5 Million Fine on Clearview AI for Illegal Facial Recognition Database
Amsterdam, 3 September 2024 – Clearview AI, an American facial recognition company, has been hit with a €30.5 million fine by the Dutch Data Protection Authority (Dutch DPA) for constructing an illegal facial recognition database. The database contains photos of billions of individuals, including Dutch citizens, without their knowledge or consent.
The Dutch DPA has also issued a stern warning that utilizing Clearview AI’s services is illegal. The company, which provides facial recognition services to intelligence and investigative services, has a database of over 30 billion photos harvested from the internet without the subjects’ informed consent.
According to the Dutch DPA, Clearview AI’s actions represent a clear and serious breach of the General Data Protection Regulation (GDPR). Facial recognition is a highly intrusive technology, that you cannot simply unleash on anyone in the world, stated Dutch DPA chairman Aleid Wolfsen. If there is a photo of you on the Internet, then you can end up in the database of Clearview and be tracked. This really shouldn’t go any further. We have to draw a very clear line at incorrect use of this sort of technology.
Wolfsen acknowledged the potential benefits of facial recognition in public safety and criminal detection but emphasized that such technologies should be used only by official authorities under strict conditions. Certainly not by a commercial business, he added.
Clearview AI has argued that it only provides services to intelligence and investigative services outside the European Union, but the Dutch DPA has deemed this rationale insufficient. The company failed to inform individuals in its database about the use of their photos and biometric data, and it has not cooperated with requests for data access.
The Dutch DPA has ordered Clearview AI to cease these violations immediately. If the company fails to comply, it will face additional penalties of up to 5.1 million euros. This fine follows previous penalties imposed by other data protection authorities, but Clearview AI has not yet taken steps to rectify its practices.
In a strong stance against the company’s continued violations, the Dutch DPA is now exploring the possibility of holding Clearview AI’s management personally liable for directing these breaches. Such a company cannot continue to violate the rights of Europeans and get away with it, said Wolfsen. Certainly not in this serious manner and on this massive scale.
The Dutch DPA’s decision sends a strong signal to companies worldwide about the importance of adhering to GDPR guidelines and respecting individual privacy rights.
Views: 0