Skip to content

Zut alors! Raclage crapuleux! Clearview AI in 20% more trouble in France – Naked Security

The French data protection regulator, CNIL, has fined facial recognition service Clearview AI €20,000,000 for deploying its image scraping technology in France. CNIL argued that constructing data templates for recognising individuals amounted to collecting biometric data, which is unarguably personally identifiable information. Clearview AI collects photographs from a wide range of websites, including social networks, and sells access to its database of images of people through a search engine in which an individual can be searched using a photograph. The company offers this service to law enforcement authorities. Facial recognition technology is used to query the search engine and find an individual based on their photograph.

CNIL also castigated Clearview for trying to cling onto the data it shouldn’t have collected in the first place, making it unacceptably difficult for French people to exercise their rights to request full details of personal identifiable information collected about them and to have any or all of that data deleted if they wanted. Clearview placed artificial restrictions on letting individuals get at their own data, including by refusing to delete data collected more than a year earlier, allowing people to request their data only twice a year, and only responding to certain requests after an excessive number of requests from the same person.

As well as ordering Clearview to delete all existing data on French residents and to stop collecting data in the future, CNIL noted that it had already tried to engage with the face-scraping company but had been ignored and had therefore run out of patience. Clearview has still made no effort to comply with the French regulator’s ruling, and the regulator has yet again decided it has had enough.

CNIL invoked a “thou shalt not ignore us this time” clause in its previous settlement, allowing for fines of up to €100,000 for every day that the company refused to comply. If Clearview AI continues to ignore the ruling, it could face more penalties.

The case highlights the issue of facial recognition technology and the importance of protecting personal data. Companies must obtain consent before collecting biometric data, and individuals must have the right to access and delete their data. The standoff between Clearview AI and CNIL raises questions about how to resolve this issue and protect personal data in the future.

Leave a Reply

Your email address will not be published. Required fields are marked *