Sponsored Links

Clearview AI fined £17 million for breaching UK data protection laws

The facial recognition company allegedly had no lawful reason to collect the data.
iot machine learning with human and object recognition which use artificial intelligence to measurements ,analytic and identical concept, it invents to classification,estimate,prediction, database
Ekkasit919 via Getty Images
Steve Dent
Steve Dent|@stevetdent|November 30, 2021 5:28 AM

The UK's Information Commissioner's Office (ICO) has provisionally fined the facial recognition company Clearview AI £17 million ($22.6 million) for breaching UK data protection laws. It said that Clearview allegedly failed to inform citizens that it was collecting billions of their photos, among other transgressions. It has also (again, provisionally) ordered it to stop further processing of residents' personal data.

The regulator said that Clearview apparently failed to process people's data "in a way that they likely expect or that is fair." It also alleged that the company failed to have a lawful reason to collect the data, didn't meet GDPR standards for biometric data, failed to have a process that prevents data from being retained indefinitely and failed to inform UK residents what was happening to their data.

The ICO noted that Clearview's services were used on a free trial basis by a number of UK law enforcement agencies, "but that this trial was discontinued and Clearview AI Inc’s services are no longer being offered in the UK."

Turn on browser notifications to receive breaking news alerts from Engadget
You can disable notifications at any time in your settings menu.
Not now

The images in Clearview AI Inc’s database are likely to include the data of a substantial number of people from the UK and may have been gathered without people’s knowledge from publicly available information online, including social media platforms.

The UK and Australia opened up a joint investigation of Clearview AI last year. Regulators were concerned with Clearview's practice of scraping data and gathering photos from social media site like Facebook. It sells that data to law enforcement agencies, purportedly allowing them to identify criminals or victims. However, the company's business practices have raised numerous privacy concerns

Clearview AI said it was considering an appeal, according to The New York Times. "[Clearview only] provides publicly available information from the internet to law enforcement agencies," said company lawyer Kelly Hagedorn in a statement. "My company and I have acted in the best interests of the UK and their people by assisting law enforcement in solving heinous crimes against children, seniors and other victims of unscrupulous acts," added Clearview AI chief executive Hoan Ton-That in a separate statement.

Earlier this month, Australia's regular issued a similar ruling, saying Clearview AI breached the privacy of residents by scraping their biometric information. The country's regulator, the OAIC, ordered Clearview to "cease collecting facial images and biometric templates from individuals in Australia and destroy all facial images and biometric templates collected."  

In the US, the ACLU recently sued Clearview for violating Illinois state laws. Twitter, Google and YouTube have all sent cease-and-desist letters to the company, alleging that it violates their terms of service. Facebook has also demanded that Clearview stop scraping its data. 

The fine would be the first Clearview has faced, the company told the NYT. It can still contest the ruling with the Commissioner, so the fine and enforcement "may be subject to change," the ICO wrote. The ICO expects to make a final decision by mid-2022.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.
Clearview AI fined £17 million for breaching UK data protection laws