without any legal basis, by sucking up publicly accessible photographs on the Internet in order to feed its tool,” the spokesperson added.Ĭlearview was also contacted for a response. “The CNIL is questioning the way in which personal data is collected by the company, i.e. The CNIL also volunteered that it will not be seeking to block Clearview’s website in France - saying such a step would not be relevant to the key lawfulness of processing issue. “With regard to the penalty payment, the Ministry of Economy and Finance is approaching the FTC to consider existing and possible means of collecting the fine and the penalty payment.” “With regard to the injunction, the CNIL is continuing to work with its American counterpart, the Federal Trade Commission (FTC), to discuss how we can ensure that the injunction issued against the company is enforced,” they added when asked what powers they have to enforce the order on the US-based company. A spokesperson for the regulator confirmed to us that Clearview has not paid any of the penalties the CNIL has issued, telling TechCrunch: “They still are compliant - that’s why we imposed an overdue penalty payment of €5,200,000.” We reached out to the CNIL with questions. “On 13 April 2023, the restricted committee considered that the company had not complied with the order and consequently imposed an overdue penalty payment of €5,200,000 on Clearview AI.” However, the company did not send any proof of compliance within this time limit,” the regulator writes. “Clearview AI had two months to comply with the order and justify compliance to the CNIL. company has failed to play ball yet again - hence the latest CNIL fine, which appears to be billing Clearview for 52 days of non-compliance. Safe to say, the demonstrably uncooperative U.S. The CNIL’s order also instructed Clearview not to collect and process data on individuals located in France without a proper legal basis and to delete data of individuals whose information it had processed unlawfully, after fulfilling any outstanding data access requests.Īt the time the CNIL committee responsible for issuing sanctions gave Clearview a two month deadline to comply with the order - with the threat of further fines if it did not do so (at a cost of €100,000 per overdue day). (The regulation allows for fines of up to 4% of global annual turnover or €20 million, whichever is higher.) It was Clearview’s failure to comply with the CNIL’s December 2021 order that led, in October 2022, to the French watchdog adding a third breach finding to its tally - lack of cooperation with the regulator - and issuing the biggest fine it possibly could under the GDPR. That 2022 order followed an earlier finding, in December 2021, when - after investigating complaints - the CNIL decided Clearview had breached the GDPR by unlawfully processing several tens of millions of citizens’ data and failing to provide locals with data access rights.
In a press release today, the CNIL said Clearview has failed to complied with the order it issued last October - when it imposed the maximum possible size of penalty it could (€20 million) for three types of breaches of the GDPR. Whether Clearview will ever pay any of these fines remains an open question, since the US-based company has not been cooperating with EU regulators. Clearview has been found to have breached a number of requirements set out in law - by France’s CNIL and several other regional data protection authorities, including authorities in the U.K., Italy and Greece, garnering several tens of millions in total fines to date.
The European Union’s General Data Protection Regulation (GDPR) sets out conditions for processing personal data lawfully.
The overdue penalty payment of €5.2 million has been issued by the French regulator, the CNIL - on top of a €20 million sanction it slapped the company with last year for breaching regional privacy rules. startup that’s attracted notoriety in recent years for a massive privacy violation after it scraped selfies off the internet and used people’s data to build a facial recognition tool it pitched to law enforcement and others, has been hit with another fine in France over non-cooperation with the data protection regulator.
0 kommentar(er)
