Facial recognition tool Clearview AI has been fined twenty million euros by the Greek regulator DPA. That fine is for violating the GDPR privacy law. Regulators in several Member States have issued fines.
The DPA says in his decision that the complaint of human rights organization Homo Digitalis is justified, because Clearview AI collected private data of Greek citizens without prior consent. That is against the rules of the GDPR privacy law, which is also known by the English abbreviation GDPR. Under that law, companies must obtain prior permission to collect and process data.
Clearview says to Techcrunch that it considers the fine to be unfair. “Clearview AI does not have an office in Greece or the EU, nor does it have any customers in Greece or the EU. We do not engage in activities that would otherwise imply compliance with the GDPR.” The company is also appealing the fine it received from the UK regulator. Clearview was previously fined in Italy. An investigation is also underway in Austria.
Clearview AI collects photos that are publicly available on the internet and applies facial recognition to them, so that the software can recognize users and thereby match new images to profiles on social media. The company sells its tool to investigative services, among others.