DPA Fines Clearview AI For Illegal Database

Reuters reported on September 3 that U.S. facial recognition company Clearview AI has been fined 30.5 million euros ($33.7 million) by the Dutch Data Protection Authority (DPA) for creating what the watchdog described as an illegal database.

The DPA stated that the Clearview’s database, which includes billions of photos, many of them of Dutch citizens, was built without individuals’ consent. The DPA has also issued a compliance order threatening additional penalties of up to 5.1 million euros if the company fails to address the violations.

The DPA’s investigation notes that Clearview AI offers facial recognition services to law enforcement and intelligence agencies by matching images from its vast database, which contains over 30 billion photos scraped from the internet.

The company then generates unique biometric codes from these images, all without the knowledge or consent of the individuals involved.

Aleid Wolfsen, chairman of the Dutch DPA, criticized the invasive nature of Clearview’s technology, warning that it could lead to anyone with an online presence being tracked.

Wolfsen acknowledged the potential benefits of facial recognition technology in law enforcement but argued that such tools should be tightly controlled and used only by official authorities under strict conditions.

He warned that the use of Clearview’s services is illegal under Dutch law, and organizations that engage with the company could face significant fines.

This fine follows a similar €290 million penalty imposed on Uber by the Dutch DPA for unlawfully collecting sensitive data from European drivers. These actions highlight the growing scrutiny of data privacy practices and the importance of ensuring that companies comply with data protection regulations.

Clearview AI has denied any wrongdoing, claiming “Clearview AI does not have a place of business in the Netherlands or the European Union, it does not have any customers in the Netherlands or the EU,” said to Reuters Jack Mulcaire, Clearview AI’s chief legal officer.

“(The company) does not undertake any activities that would otherwise mean it is subject to the GDPR (the EU’s General Data Protection Regulation). This decision is unlawful, devoid of due process and is unenforceable,” Mulcaire added, according to Reuters.