US intelligence and facial recognition company Clearview AI wins GDPR appeal in UK court
US surveillance and facial recognition firm Clearview AI has won an appeal in a UK court after it was accused of breaching the UK's General Data Protection Regulation (GDPR).
First, the company was fined nearly $10 million in May 2022 for violating the UK GDPR. The recent victory means that this penalty will be overturned unless the UK Information Commissioner's Office (ICO) appeals the ruling further.
In a UK court led by High Court judge Lynn Griffin, Clearview AI (referred to as “CV” in the documents) found it irrelevant that it did not comply with the GDPR.
Court documents released on Oct. 17 show:
“Whether or not CV breached the GDPR or the UK GDPR as alleged or at all was not before us. Should this matter proceed in the future, it will be the subject of any substantive hearing.
The document continues that although Clearview AI has billions of images in its facial recognition and AI surveillance system (including, according to experts, “public” Internet repositories from the UK), the UK ICO does not have the authority to grant GDPR protection to the citizen in this case.
Referring to Clearview AI, the court document states: “It is a foreign company that provides its services to foreign clients, uses foreign IP addresses and is targeted for such activities in support of public interest national security and criminal law enforcement activities.” in their jurisdiction and behavior outside the United Kingdom.
In essence, the appeal approval appears to set a legal precedent that the UK court system's position on enforcing the GDPR is thrown out only for those companies within the UK concept.
In contrast, Clearview AI has been prosecuted and fined several times in Europe, with fines imposed in France, Italy and Greece through the EU GDPR. In Sweden, the local police authority In 2021, Clearview was fined more than $300,000 for illegally using AI products.
Related: UK to target potential AI threats at planned November meeting
However, regarding these and other rulings, Clearview AI has been able to avoid following the court's orders in at least some cases. Although, for example, it was fined $20 million in France in October 2022 for GDPR violations, the company refused the payment in 2018. He was found in breach of the order in May 2023.
Currently, Clearview AI occupies a seemingly unique position in the US technology ecosystem. Despite continued allegations that its software and services violate civil rights and privacy protections afforded to all US citizens, the company's close ties to law enforcement have given it a level of protection inconsistent with US laws and the Fourth Amendment of the US Constitution, according to some experts.
Therefore, it is impossible for most people to extract their data from the company's data sets and systems.
On Clearview AI's privacy policy page, it states, “Currently, only residents of one of the following states may submit consumer access, opt-out and/or deletion requests. Those states include California, Colorado, Connecticut, Illinois and Virginia.
Individuals outside of those areas still have no clear way to have their images, likenesses, and other information removed from the company's database.
The same document clearly states that Clearview AI “may have sold this category of personal information [face vectors and photographs] Contractors for law enforcement, government agencies, authorized law enforcement or government agencies, security and national security professionals.
Opt-outs residing in the aforementioned US states must provide a “head” photograph, provide government-issued identification, and provide “additional information” requested by the Company.
