Collaborating Authors


Clearview Stole My Face and the EU Can't Do Anything About It


Matthias Marx says his face has been stolen. The German activist's visage is pale and wide, topped with messy, blond hair. So far, these features have been mapped and monetized by three companies without his permission. As has happened to billions of others, his face has been turned into a search term without his consent. In 2020 Marx read about Clearview AI, a company that says it has scraped billions of photos from the internet to create a huge database of faces. By uploading a single photo, Clearview's clients, which include law enforcement agencies, can use the company's facial recognition technology to unearth other online photos featuring the same face.

Clearview AI fined for violating the European GDPR privacy law


In context: French authorities have imposed the maximum possible fine against Clearview AI, a biometric startup selling its controversial facial recognition technology to governments and law enforcement worldwide. The company must delete the data already acquired on French citizens or face an additional €100,000 fine per day. Clearview AI received yet another fine for its biometric profiling activities in Europe, this time for illegally collecting and using data belonging to French citizens without their knowledge. The Commission nationale de l'informatique et des libertés (CNIL), France's data protection authority, imposed a 20 million euros penalty against the American company after a lengthy investigation and an unfruitful cooperation attempt. Clearview markets facial recognition tools to companies, individuals, and law enforcement, boasting its algorithm can detect any individual with "99% accuracy" in a database with 30 billion images of faces.

UK privacy watchdog fines Clearview AI £7.5m and orders UK data to be deleted


Since completing a degree in journalism, Aimee has had her fair share of covering various topics, including business, retail, manufacturing, and travel. She continues to expand her repertoire as a tech journalist with ZDNet. The Information Commissioner's Office (ICO) has fined controversial facial recognition company Clearview AI £7.5 million ($9.4 million) for breaching UK data protection laws and has issued an enforcement notice ordering the company to stop obtaining and using data of UK residents, and to delete the data from its systems. In its finding, the ICO detailed how Clearview AI failed to inform people in the UK that it was collecting their images from the web and social media to create a global online database that could be used for facial recognition; failed to have a lawful reason for collecting people's information; failed to have a process in place to stop the data being retained indefinitely; and failed to meet data protection standards required for biometric data under the General Data Protection Regulation. The ICO also found the company asked for additional personal information, including photos, when asked by members of the public if they were on their database.

UK fines Clearview just under $10M for privacy breaches – TechCrunch


The UK's data protection watchdog has confirmed a penalty for the controversial facial recognition company, Clearview AI -- announcing a fine of just over £7.5 million today for a string of breaches of local privacy laws. The watchdog has also issued an enforcement notice, ordering Clearview to stop obtaining and using the personal data of UK residents that is publicly available on the internet; and telling it to delete the information of UK residents from its systems. The US company has amassed a database of 20 billion facial images by scraping data off the public internet, such as from social media services, to create an online database that it uses to power an AI-based identity-matching service which it sells to entities such as law enforcement. The problem is Clearview has never asked individuals whether it can use their selfies for that. And in many countries it has been found in breach of privacy laws.

French regulator tells Clearview AI to delete its facial recognition data


France's foremost privacy regulator has ordered Clearview AI to delete all its data relating to French citizens, as first reported by TechCrunch. In its announcement, the French agency CNIL argued that Clearview had violated the GDPR in collecting the data and violated various other data access rights in its processing and storage. As a result, CNIL is calling on Clearview to purge the data from its systems or face escalating fines as laid out by European privacy law. Clearview rose to prominence in 2020 after a New York Times investigation highlighted the company's massive data collection efforts. In particular, the company offered the unique ability to identify subjects by name, drawing on data scraped from public-facing social networks.

UK's data privacy watchdog may fine Clearview AI £17m


Clearview AI, the controversial startup known for scraping billions of selfies from people's public social network profiles to train a facial-recognition system, may be fined just over £17m ($22.6m) by the UK's Information Commissioner's Office (ICO). The watchdog on Monday publicly mulled punishing Clearview following an investigation launched last year with the Australian Information Commissioner. The ICO believes the US biz broke Britain's data-protection rules by, among other things, failing to have a "lawful reason" for collecting people's personal photos and info, and not being transparent about how the data was used and stored for its facial-recognition applications. Clearview harvests people's photos – 10 billion or more, it's thought – from their public social media profiles, and then builds a face-matching system so that if, say, the police upload a picture of someone from a CCTV still, the software can locate that person in its database and provide officers the corresponding name and online profiles. The images in Clearview AI Inc's database are likely to include the data of a substantial number of people from the UK and may have been gathered without people's knowledge from publicly available information online, including social media platforms.

Clearview AI Raises Disquiet at Privacy Regulators WSJD - Technology

The data protection authority in Hamburg, Germany, for instance, last week issued a preliminary order saying New York-based Clearview must delete biometric data related to Matthias Marx, a 32-year-old doctoral student. The regulator ordered the company to delete biometric hashes, or bits of code, used to identify photos of Mr. Marx's face, and gave it till Feb. 12 to comply. Not all photos, however, are considered sensitive biometric data under the European Union's 2018 General Data Protection Regulation. The action in Germany is only one of many investigations, lawsuits and regulatory reprimands that Clearview is facing in jurisdictions around the world. On Wednesday, Canadian privacy authorities called the company's practices a form of "mass identification and surveillance" that violated the country's privacy laws.

What Went Wrong With Clearview AI?


Facial recognition software has been the subject of debate for a long time now. Despite the controversy, law enforcement has been using such AI-powered software to catch criminals all around the world, and most particularly in large nations with less strict privacy laws. The use is prevalent despite the fact that the software may not work accurately when used on ethnic communities, youngsters and even women. One company which is leading the news headlines these days is Clearview AI founded by an Australian entrepreneur Hoan Ton-That. Although Clearview AI hasn't devised a groundbreaking facial recognition app, what it sells can be deemed as useful to law enforcement agencies.

EU to tackle AI 'Wild West' - but still to say how


The European Commission has said it intends to draw up new rules to protect citizens against misuses of artificial intelligence (AI) tech. It likened the current situation to "the Wild West" and said it would focus on "high-risk" cases. But some experts are disappointed that a white paper it published did not provide more details. A leaked draft had suggested a ban on facial recognition's use in public areas would be proposed. Industry Commissioner Thierry Breton suggested the new legislation would be comparable to the General Data Protection Regulation.

Automated facial recognition breaches GDPR, says EU digital chief


The EU's digital and competition chief has said that automated facial recognition breaches GDPR, as the technology fails to meet the regulation's requirement for consent. Margrethe Vestager, the European Commission's executive vice president for digital affairs, told reporters that "as it stands right now, GDPR would say'don't use it', because you cannot get consent," EURACTIV revealed today. GDPR classes information on a person's facial features as biometric data, which is labeled as "sensitive personal data." The use of such data is highly restricted, and typically requires consent from the subject -- unless the processing meets a range of exceptional circumstances. These exemptions include it being necessary for public security.