Clearview Faces £17 Million Penalty For Breaching Data Laws

Uploaded on 2021-12-02 in TECHNOLOGY-Key Areas-Artificial Intelligence, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law

The British data regulator has warned Clearview AI that it faces a fine of at least £17m ($22.5m) over its use of people’s data to power its facial recognition software. The Information Commissioner’s Office (ICO) has issued a provisional notice to stop further processing of the personal data of people in the UK and to delete it following alleged serious breaches of the UK’s data protection laws.

Clearview claims to have the largest known database of facial images, with more than 10 billion images sourced from public-only web sources, including news media, mugshot websites, public social media, and other open sources. 

The company pitches its web-based intelligence platform, powered by facial recognition technology, as a tool that helps law enforcement “generate high-quality investigative leads.”

The ICO is particularly concerned that while the tech firm’s services are no longer being offered in the United Kingdom, and the company has no UK-based customers, evidence suggests it both has and “may be continuing to process significant volumes of UK people’s information without their knowledge.”

“I have significant concerns that personal data was processed in a way that nobody in the UK will have expected,” said Information Commissioner Elizabeth Denham in a statement.

The announcement of the fine and provisional notice follows a joint investigation conducted by the ICO and the Office of the Australian Information Commissioner (OAIC). The ICO and OAIC investigation found that the company failed to comply with UK data protection laws, such as failure to process the information of UK residents in a way that is fair or expected, failure to have a process in place to prevent data from being retained indefinitely, and failure to have a lawful reason for collecting information. 

“The images in Clearview AI Inc’s database are likely to include the data of a substantial number of people from the UK and may have been gathered without people’s knowledge from publicly available information online, including social media platforms,” stated the ICO. 

“UK data protection legislation does not stop the effective use of technology to fight crime, but to enjoy public trust and confidence in their products technology providers must ensure people’s legal protections are respected and complied with,” said the UK’s information commissioner Elizabeth Denham. Clearview have responded to the ICO notice, describing  ICO’s allegations as “factually and legally incorrect.”

ICO:    Law360:     Newsbreak:   Oodaloop:     ComplianceWeek:    Infosecurity Magazine:   Writofly:

You Might Also Read: 

Facebook To Pay $650m For Facial Recognition Lawsuit:

 

« British Spies Must Adapt to Survive
What Is An API, Anyway? »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

National Security Authority (NBU) - Slovakia

National Security Authority (NBU) - Slovakia

The National Security Authority (NBU) is the central government body in Slovakia for the Protection of Classified Information, Cryptographic Services, Trust Services and Cyber Security.

Puleng Technologies

Puleng Technologies

Puleng provides customers with a client-centric strategy to manage and secure the two most valuable assets an organisation has - its Data and Users.

Propelo

Propelo

Propelo (formerly LevelOps) is an engineering excellence platform that helps increase developer productivity and improve security with data-led insights and workflow automation.

GroupSense

GroupSense

GroupSense helps governments and enterprises take control of digital risk with cyber reconnaissance, counterintelligence and monitoring for breached credentials.

ACA Group

ACA Group

ACA Group are a leading governance, risk, and compliance (GRC) advisor in financial services.

GLESEC

GLESEC

GLESEC offer a complete range of Cyber Security services from Operations & Intelligence Services to Auditing & Compliance and Simulation and Training.

Query.ai

Query.ai

At Query.AI, we are committed to helping companies unlock the power of their security data, so they are empowered to meet security investigation and response goals while simultaneously reducing costs.

Orro Group

Orro Group

Orro create 'future now' solutions that make it faster, simpler and safer for you to access, store and share information. Wherever, whenever and with whomever you want.

SNC-Lavalin

SNC-Lavalin

SNC-Lavalin is a fully integrated professional services and project management company with offices around the world.

TetherView

TetherView

TetherView provides leading virtual desktop and email security technology to help businesses stand up and manage digital workspaces.

Neosoft

Neosoft

Néosoft is an independent digital transformation consulting group with expertise in Consulting & Agility, Cybersecurity, Data, DevOps, Infrastructure & Cloud and Software Engineering.

DHCO IT

DHCO IT

The DHCO IT team are experts in IT support, cyber security, cloud support and disaster recovery, and are Microsoft 365 partners.

SecZone

SecZone

SecZone is a Chinese enterprise with a mission to "Make It Secure." We are dedicated to driving software security innovation globally.

ClamAV

ClamAV

ClamAV is an open-source (GPL) anti-virus engine used in a variety of situations, including email and web scanning, and endpoint security.

8kSec

8kSec

8kSec is a cybersecurity company specializing in training, consulting, and research.

AXGATE

AXGATE

AXGATE is a specialized security solutions company based on our distinctive technological capabilities in the field of network information protection.