FB pixel

Greek regulator fines Clearview €20M and orders biometric data deleted

Greek regulator fines Clearview €20M and orders biometric data deleted
 

Clearview AI has been fined €20 million ($20.1 million) by a second data regulator in Europe for violating several articles of the European Union’s General Data Protection Rule with its facial recognition service.

Greece’s Hellenic Data Protection Authority responded to a complaint filed by Homo Digitalis and the subject of the data, Marina Zacharopoulou.

The decision refers to a series of events in 2021, beginning with Zacharopoulou’s March request to know what data of hers was in Clearview’s database of images scraped from public internet pages. The request references Article 15 of the GDPR.

The request was acknowledged, though whether the reply was manual or not is not specified in the decision. Clearview responded to a reminder email in April, saying it could not find the original request, and asked for a photo to use in the process, according to the Greek agency. The company notes a formatting issue which may have been behind the difficulty finding the initial email.

At that point, Zacharopoulou turned to the government, the complaint alleges.

Similar appeals have been made in Austria, France, Italy and the United Kingdom.

An Italian regulator issued a €20 million fine in March, and the UK imposed a £7.5 million fine in May. Clearview executives responded to the latter decision by criticizing the information commissioner’s representation of their technology and intentions.

Executives argue that they, as employees of a United States-based firm with no offices in the European Union, are not subject to the GDPR. They also have said their biometric service does not perform surveillance, as some have alleged.

The Greek regulator says Clearview declined to attend its hearing on the matter.

It says that Article 3 of the GDPR, plays here because it addresses situations like this one, where Clearview processed the data of EU citizens. The government also disagreed with Clearview’s position on surveillance, saying that Article 4’s definition of profiling makes it relevant here.

The regulator found Clearview violated the GDPR, but also levied its sizable fine in view of the “nature, gravity and duration of the infringement, which is not an isolated one incident, but it is systematic and concerns the basic principles of its legitimacy processing.” Other factors, including a “lack of cooperation,” were also cited.

The actual violations of GDPR, according to the Greek agency, are the principles of “legality and transparency” and obligations under Articles 12, 14, 15 and 27.

The company has been ordered to comply with the complainant’s request, and to stop collecting, storing and using biometric data collected from people in Greece.

“Clearview AI does not have a place of business in Greece or the EU, it does not have any customers in Greece or the EU, its product has never been used in Greece, and does not undertake any activities that would otherwise mean it is subject to the GDPR,” Clearview CEO Hoan Ton-That told Biometric Update in an email responding to the decision.

This post was updated at 1:47pm Eastern on July 14, 2022 with the response from Clearview’s CEO.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

KakaoBank nets 15 million users for digital certificate that enables IDV, authentication

South Korean firm KakaoBank has announced that its digital certificate service has surpassed 15 million users. A piece in Business…

 

Japanese govtech startup raises 600 million yen (US$4M) in funding

A release from the Tokyo-based digital ID firm Cross ID says it has raised a total of approximately 600 million…

 

Biometric passports in Google Wallet take (domestic) flight in US

Google Wallet’s feature for digitizing U.S. biometric passports has graduated to a production launch, enabling domestic travel within the country…

 

Challenges remain in effective digital ID management for public benefits, report says

The methods state agencies employ for identity proofing and authentication in online public benefits applications play a crucial role in…

 

Dentity plans decentralized digital ID scale-up with Trinsic platform acquisition

California-based self-sovereign identity provider Dentity is taking over a decentralized ID platform from Trinsic to more quickly scale its consumer-centric…

 

Cluj Airport chooses SITA biometrics to power sustainable travel operations

Romania’s second busiest airport, the Cluj Avram Iancu International Airport, has entered into a collaboration with airport biometrics provider SITA…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events