Clearview AI faces provisional $23M fine, cease and delete notice from UK regulator

Following a joint investigation with its counterpart in Australia, the UK’s Information Commissioner’s Office (ICO) has announced its provisional intent to impose a potential fine of just over £17 million (US$23 million) on Clearview AI Inc for alleged serious breaches of UK data protection law with its biometric data collection and facial recognition app. The announcement comes with an additional provisional notice to cease further processing the personal data of people in the UK and delete it.

Clearview AI has the opportunity to make representations in answer to the alleged breaches to data protection law. Any representations will be considered by the Information Commissioner before a final decision is made in mid-2022.

The firm has scraped facial images from the internet and social media to create a database of more than 10 billion. It offers searches of this database via biometric analysis and returns its findings with the links to where on the internet the images were taken.

The ICO and the Office of the Australian Information Commissioner (OAIC) have completed their joint investigation into Clearview AI’s practices begun in July 2020.

Australia acted first after the joint investigation. Australian Information Commissioner and Privacy Commissioner Angelene Falk acknowledged Clearview AI’s efforts to stop its operations in the country and required the firm to cease scraping images, vectors and biometric templates, destroy those collected and confirm the process within 90 days.

The BBC reports that Clearview AI believes that Australia’s commissioner has not understood how it conducts its business and that it plans to appeal.

As in Australia, the UK commissioner finds that Clearview AI’s practices breach data protection law on multiple counts. It finds that Clearview AI has been “failing to process the information of people in the UK in a way they are likely to expect or that is fair,” has failed to have a process to stop data being held indefinitely, for having a lawful reason to collect the information, failing to meet the higher protection standards for biometric data under UK and for making the opt-out process onerous.

The ICO announcement states that although Clearview AI’s services were being used on a free trial basis by a number of UK law enforcement agencies, the trials were discontinued and the company is no longer offering its services in the UK, as in Australia.

A Clearview AI legal representative emailed Biometric Update in response to the decision:

“The UK ICO Commissioner’s assertions are factually and legally incorrect,” states Kelly Hagedom, Partner, Jenner & Block London LLP. “The company is considering an appeal and further action. Clearview AI provides publicly available information from the internet to law enforcement agencies. To be clear, Clearview AI does not do business in the UK, and does not have any UK customers at this time.”

Attitudes towards Clearview AI differ around the world. Multiple U.S. federal agencies use its biometric identification service, many of them beginning with a free trial of the software systems available.

The firm has facial recognition algorithms among the most accurate of any U.S.-based biometrics provider, according the latest NIST testing.

 

Updated at 1:10pm on December 1, 2021 with comment from a Clearview AI legal representative.

Article Topics

biometric data  |  biometric identification  |  biometrics  |  Clearview AI  |  data protection  |  face biometrics  |  facial recognition  |  Information Commissioner’s Office (ICO)  |  legislation  |  privacy  |  regulation  |  UK