You are here

HomeJohn Lister › Photo-Scraping Business Ignores $39M Privacy Fine

Photo-Scraping Business Ignores $39M Privacy Fine

John Lister's picture
by John Lister on September, 9 2024 at 12:09PM EDT

A US company that used billions of online photos without permission for facial recognition faces a fine of more than $35 million. Regulators say they may hold directors of Clearview AI personally responsible after the company said the fine was unenforceable.

Clearview has attracted the attention of regulators in several companies for the way it does business. It produces and licenses facial recognition software to law enforcement agencies, for example, to identify alleged offenders from crowd photos or live video.

The software works thanks to a massive database of pictures which Clearview scraped from websites including social media sites. It argues that pictures online are public information and thus come under the First Amendment, giving it the right to use the pictures without permission.

Permission Required

Regulators in European countries disagree and say it violates the EU's General Data Protection Regulation (GDPR). They say photos count as personal data and that it's not usually lawful to collect or use photos without the subject's permission.

This permission must cover the specific way the image is used and the fact they've already put the image on a website isn't relevant. Although there's a "legitimate interest" defense that can cover some business use, this can't outweigh the individual's privacy rights.

Netherlands data regulators have now issued the biggest ever fine against Clearview, €30.5 million plus another €5.1 million for continuing to breach GDPR after learning it was under investigation. That's the equivalent of US$39.3 million. (Source: theverge.com)

Clearview's Views Clear

Clearview has issued a media statement reading "Clearview AI does not have a place of business in the Netherlands or the EU, it does not have any customers in the Netherlands or the EU, and does not undertake any activities that would otherwise mean it is subject to the GDPR. This decision is unlawful, devoid of due process, and is unenforceable."

Despite the location of Clearview and its customers (the police), it does come under GDPR because its database includes pictures of users from EU countries. However, it may indeed be difficult to enforce the fine given it doesn't have an EU presence.

The regulators say they will now investigate "if the directors of the company can be held personally responsible for the violations." That's legally uncertain and again would have enforcement problems, unless the directors wanted to visit an EU country in person or expand their operations and client base. (Source: theregister.com)

What's Your Opinion?

Should Clearview's operations be legal in the US? Do you agree with their argument that people who put photos on a website lose the right to control how they are used? Does it make a difference that their product is used for law enforcement?

Filed under:
Courts
| Tags:
clearview
,
pictures
,
permission
,
regulators
,
photos
,
gdpr
Rate this article: 
Average: 5 (5 votes)

Comments

rwells78_13585's picture

Submitted by rwells78_13585 on Mon, 09/09/2024 - 22:59

No, No, and a hard NO!

russoule's picture

Submitted by russoule on Tue, 09/10/2024 - 17:00

OK, I understand the dude with"no, no and hard no", but let's be reasonable here. The firm is NOT located in the EU, nor are its clients in the EU. Holding it liable for vilolating an EU rule is the same as the USA holding a German bank located only in Germany for violating usury laws here if it lends its customers at 30% interest rate, but the customer is in Germany. As for Clearview's position that posting a selfie to a social site makes it an "open" photo, that again would be based on the country's laws and not on our personal desires, unless we have posted a statement of PRIVATE,NO ADMITTANCE to our social sites. Now if Clearview were traveling around the various countries and suckiing these photos off the personal wifi, THAT would likely be an invasion of privacy in most countries. My understanding, however, is that they merely take, via software scraping, pix that are open to public view. MY pix are all posted as private to me and "friends" unless I decide to make them public, such as sharing a meme or a news article. It seems that the real problem here is that Clearview seems to be making a (Oh My GOD!) profit doing so.

bigton's picture

Submitted by bigton on Thu, 09/12/2024 - 06:49

I have to agree with the first post. To be honest, it is little different from a scammer lifting your photo to use for profit. Yet that is classed as illegal. So why should a company, no matter where it is based, be allowed to do as it pleases? Personally I think its about time countries worked together to agree online rules, and agreed to enforce a legitimate court order no matter where it comes from or where the company is based.

Need Help? Ask!



My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).

We are BBB Accredited

We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.