Dutch Data Protection Authority Takes Action Against Clearview AI Facial Recognition Company
The Dutch Data Protection Authority (Dutch DPA) has levied a hefty fine of €30.5 million ($33.7 million) on Clearview AI for its unauthorized collection of facial recognition data, including images of Dutch citizens. This action highlights the growing global concern over the privacy implications of facial recognition technology and the need for stricter regulations to protect individuals’ biometric data.
Clearview AI’s Controversial Practices
Clearview AI, an American technology company specializing in facial recognition software, has built a massive database of facial images scraped from publicly available sources on the internet. This database, containing over 30 billion photos, is used to generate unique biometric identifiers, allowing customers such as law enforcement agencies and private organizations to identify individuals using their own sets of images and videos.
Dutch DPA Cites that Clearview AI Fined Because of GDPR Violation
The Dutch DPA has determined that Clearview AI’s practices violate the EU’s General Data Protection Regulation (GDPR). The DPA argues that Clearview AI has collected images of Dutch citizens without their consent, a clear violation of GDPR’s data protection principles.
“Facial recognition is a highly intrusive technology, that you cannot simply unleash on anyone in the world,” stated Dutch DPA’s chairman Aleid Wolfsen. “If there is a photo of you on the Internet – and doesn’t that apply to all of us? – then you can end up in the database of Clearview and be tracked.”
Previous Fines and Continued Non-Compliance
This is not the first time Clearview AI has faced legal action for its data collection practices. Authorities in Italy and France have already imposed €20,000,000 fines on the company for similar violations of GDPR. Despite these previous fines, the Dutch DPA states that Clearview AI has not changed its European practices and continues to operate with a lack of transparency regarding the management of people’s biometric data.
Threat of Additional Fines
The Dutch DPA has warned Clearview AI that if it fails to comply with GDPR and change its data collection practices, it will face an additional fine of €5.1 million ($5.6 million).
Clearview AI Rejects the Fine
In a statement, Clearview AI’s chief legal officer, Jack Mulcaire, rejected the DPA’s claims and argued that the Dutch have no jurisdiction to impose a fine on the company as it does not conduct business in the Netherlands.
“Clearview AI does not have a place of business in the Netherlands or the EU, it does not have any customers in the Netherlands or the EU, and does not undertake any activities that would otherwise mean it is subject to the GDPR. This decision is unlawful, devoid of due process and is unenforceable.” – Jack Mulcaire, Chief Legal Officer, Clearview AI.
Implications for Facial Recognition Technology
The Dutch DPA’s action against Clearview AI sets a significant precedent for the regulation of facial recognition technology. It reinforces the importance of data privacy and the need for companies to obtain explicit consent before collecting and processing biometric data. The outcome of this case will have far-reaching implications for the future of facial recognition technology in Europe and beyond.