Clearview has a large database with images that have been downloaded from the internet, for example, photos that people post on their own social media. Companies use these photos to create profiles, which can be accessed by the government and previously also companies.

Photo collection goes against Europe’s GDPR privacy law, says French regulator CNIL, the equivalent of the Dutch Data Protection Authority in France. CNIL instructed Clearview to stop collecting photos of French citizens without any legal basis. Clearview must remove Fransen’s photo from its system within two months and comply with individual requests for deletion.

Violation of the privacy law article

According to France, Clearview violates two articles of the GDPR: Article 6 – unlawful processing of personal data, in this case biomedical data. And articles 12, 15 and 17 – lack of respect for individual rights, for example when citizens ask what data Clearview has about them.

If Clearview does not comply with CNIL requirements, supervisors may, among other things, impose fines. Clearview has previously been presented with similar requirements from regulators from Australia and the UK.

Previous complaints against Clearview

Clearview is controversial because of its method of automatically collecting publicly posted photos on a large scale. Earlier this year, several civil rights groups filed complaints against Clearview with several European privacy watchdogs.

The company pledged last year to stop supplying businesses and work only with the government. It happened, among other things, after a story by The New York Times. This paper finds that wealthy investors use Clearview technology for personal purposes. For example, a billionaire can use software to find out who his daughter is dating, based solely on the photo of the man.