Privacy International (PI) and several other European privacy and digital rights groups announced today that they have filed a legal complaint against the controversial facial recognition company Clearview AI. Complaints received in France, Austria, Greece, Italy and the UK indicate that the company’s data documentation and methods of collection (including automatically extracted facial images from public websites) violate European privacy laws. New York-based Clearview claims to have built “the largest database of over 3 billion facial images.”
PI, NYOB, Hermes Center for Transparency and Digital Human Rights, and Homo Digitalis all claim that Clearview’s data collection goes beyond what the average user expects when using services like Instagram, LinkedIn or YouTube. “Extracting our unique facial features or sharing them with police and other companies is more than what we could expect as online users,” PI Legal Director Ioannis Kouvakas said in a joint statement.
Clearview AI uses an image scraper to automatically collect publicly available facial photos from social media and other websites to build a biometric database. It then sells access to that database and the ability to identify people to law enforcement and private companies.
The legitimacy of Clearview AI’s approach to building facial recognition services is the subject of numerous legal issues worldwide. Authorities in the UK and Australia launched a privacy investigation into the company’s data scraping technology last year. In February, Canadian privacy commissioners found Clearview’s face scraping “illegal” and created a system that “inflicts widespread harm to all members of society who continue to participate in the police lineup.”
Swedish police have been fined by national data regulators for using Clearview’s products to identify citizens as “illegal.” In one case in Germany, the Hamburg Data Protection Agency ordered Clearview to delete a mathematical hash representing a user profile after a user complained.
In the United States, Clearview was sued in 2020 by the American Civil Liberties Union in Illinois for violating the Illinois Biometric Privacy Act. The outcome of the lawsuit contributed to the company’s decision to stop selling its products to private American companies. Clearview also faced legal action in Vermont, New York and California.
Privacy watchers say regulators must respond to complaints within three months. In the meantime, you may request data that Clearview may hold about you via emails and forms provided on the Site and may request that your face be omitted from client searches.