UK privacy watchdog fines Clearview AI £7.5m and orders UK data to be deleted
The Information Commissioner's Office (ICO) has fined controversial facial recognition company Clearview AI £7.5 million ($9.4 million) for breaching UK data protection laws and has issued an enforcement notice ordering the company to stop obtaining and using data of UK residents, and to delete the data from its systems.
In its finding, the ICO detailed how Clearview AI failed to inform people in the UK that it was collecting their images from the web and social media to create a global online database that could be used for facial recognition; failed to have a lawful reason for collecting people's information; failed to have a process in place to stop the data being retained indefinitely; and failed to meet data protection standards required for biometric data under the General Data Protection Regulation.
The ICO also found the company asked for additional personal information, including photos, when asked by members of the public if they were on their database. The privacy watchdog also concluded that given the higher number of UK internet and social media users, Clearview AI's database is "likely to include a substantial amount of data" from UK residents, and while the company no longer offers services to UK organisations, it continues to do so in other countries, and this may include using personal data of UK residents.