That Garante per la Protezione dei Dati Personali (GPDP) has fined Clearview AI EUR 20 million. The privacy watchdog ruled that an American tech company had illegally collected biometric data from Italian citizens. In addition, the company must destroy all collected data and can no longer collect data from Italians with facial recognition technology.
This was reported by the Italian regulator in press statementright
Clearview has a controversial working method
Clearview AI is an American technology company that specializes in facial recognition. Use scraping software the company automatically collects a profile picture with related information, such as name, date of birth and place of residence. All of these faces and information end up in the facial recognition database. Experts say this database contains more than ten billion facial profiles.
The technology and how Clearview AI works is quite controversial. Privacy regulators and organizations from France, Italy, Greece, Austria and the UK filed complaints against the company last year for breaches of privacy. The American tech company did not explicitly ask for permission to enter facial profiles into the database. Nor is there any legal basis for it. Finally, people can’t appeal to have their faces removed from the database.
The Information Commissioner’s Office (ICO) fined Clearview AI at the end of last year £17 million for violating UK privacy rules. Around the same time, the Commission Nationale de l’ Informatique et des Libertés (CNIL) asked to stop collecting and processing photographs of French citizens. French regulators also ordered that all photos of French men and women be removed within two months. Regulators from Sweden, Germany, Canada and Australia have also demanded Clearview stop collecting facial profiles.
Italian regulator cracks down on Clearview AI
Italian regulators are now getting in on the act too. GPDP investigators have determined that Clearview AI illegally collected biometric and location data. In addition, the company violates European privacy laws by not being open and honest about its data collection practices: after all, Italian citizens have not been informed about this. In addition, no retention period is defined and the data has also been used for other purposes.
For this violation, Clearview must pay a fine of 20 million euros to Italian regulators. In addition to the fine, the US company must delete all photos of Italian citizens it collects. In addition, he can no longer use his facial recognition system in Italy and must appoint an EU representative to act as an interlocutor.
Bits of Freedom asks AP to act against Clearview
A Little Freedom hope Dutch regulators will now also take action against Clearview AI. “Despite the Dutch Data Protection Authority speaking out against the unlawful use of facial recognition technology and calling for a ban on this technology, Clearview AI has remained silent. Hopefully the firmness of the Italian regulator now will reassure him.”
“Coffee trailblazer. Analyst. General music geek. Bacon maven. Devoted organizer. Incurable internet ninja. Entrepreneur.”