ICO Announces Potential £17m Fine for Clearview AI
November 29 2021
In the UK, the Information Commissioner’s Office (ICO) says it plans to impose a potential fine of just over £17m on facial recognition start-up Clearview AI, and has also issued a notice to stop the company further processing UK citizens’ personal data.
New York-based Clearview has created a database of ten billion ‘faceprints’ – unique biometric identifiers akin to a fingerprint or DNA profile – drawn from personal photos on users’ social media accounts and elsewhere online, and was sued in 2020 by the American Civil Liberties Union (ACLU) who considered it a ‘threat to privacy, safety, and security’. In early 2020, Twitter, YouTube and Facebook all wrote to the company requiring it to cease collection and delete its data, which it has declined to do.
The ICO and the Office of the Australian Information Commissioner (OAIC) opened a joint investigation into Clearview AI in July; and earlier this month said they had found the company to be in breach of privacy regulations.
According to the ICO, the images in Clearview AI’s database are likely to include the data of a substantial number of people from the UK and may have been gathered without people’s knowledge from publicly available information online, including social media platforms. The ICO also says it understands that the service provided by the company was used on a free trial basis by a number of UK law enforcement agencies, but that this trial was discontinued.
Information Commissioner Elizabeth Denham comments: ‘Clearview AI’s services are no longer being offered in the UK. However, the evidence we’ve gathered and analysed suggests Clearview AI was and may be continuing to process significant volumes of UK people’s information without their knowledge. We therefore want to assure the UK public that we are considering these alleged breaches and taking them very seriously’.