![]() ![]() Under the GDPR, such a sensitive purpose for personal data (i.e., facial recognition for an ID-matching service) would - at a minimum - require explicit consent from the data subjects to process their biometric data. The European Union’s data protection framework, the General Data Protection Regulation (GDPR), sets a similarly high bar for legal use of biometric data to identify individuals - a standard that extends across the bloc, as well as to some non-member states (including the U.K.) so around 30 countries in all. More recently, in May, Clearview agreed to major restrictions on its services domestically, inside the U.S., in exchange for settling a 2020 lawsuit from the American Civil Liberties Union (ACLU), which had accused it of breaking state law in Illinois that bans the use of individuals’ biometric data without consent. Last year, privacy regulators in Canada and Australia also concluded Clearview’s activities fall foul of local laws - in earlier blows to its ability to scale internationally. The U.S.-based company gained notoriety for scraping selfies off the internet to build an algorithmic identity-matching commercial service aimed at law enforcement agencies and others, including private sector entities. Since late last year, national DPAs in the U.K., Italy and France have also issued similar decisions sanctioning Clearview - effectively freezing its ability to sell its services in their markets since any local customers would be putting themselves at risk of being fined. It has also ordered it to delete any data on Greek citizens that it has already collected. ![]() The Athens-based Hellenic data protection authority has fined the controversial facial recognition firm €20 million and banned it from collecting and processing the personal data of people living in Greece. Clearview AI has been hit with another sanction for breaching European privacy rules.
0 Comments
Leave a Reply. |