France’s data privacy watchdog CNIL has ordered Clearview AI, a facial recognition company that has collected 10 billion images worldwide, from collecting and using data from people based in the country.
In a formal demand announced on Thursday, CNIL insisted that of clearview The collection of publicly available facial images on social media and the Internet had no legal basis and was infringing The European Union Rules on data privacy.
The regulator said the software company, which is used as a search engine to help law enforcement and intelligence agencies with their investigations, failed to seek prior consent of people whose images were collected online.
“These biometric data are particularly sensitive, particularly because they are linked to our physical identity (what we are) and allow us to be identified in a unique way,” the authority said in a statement.
It added that the New York-based firm failed to provide those concerned with reasonable access to their data, specifically without justification, by limiting access to twice a year, and during the 12 months prior to any request for data. By limiting this right of
Clearview did not immediately respond to a request for comment.
EU law provides for citizens seeking to delete their personal data from privately owned databases. CNIL said Clearview has two months to accept its demands or it may face clearance.
The decision follows several complaints, one of them by advocacy group Privacy International. This follows a similar order from its Australian counterpart, which asked Clearview to stop collecting images from websites and destroy data collected in the country.
The UK Information Commissioner’s office, which worked with Australians on the Clearview investigation, also said last month it intended to fine Clearview £17 million ($22.59 million) for alleged breaches of the data protection law.
© Thomson Reuters 2021