Clearview AI Triumphs in UK GDPR Appeal, Casting Doubts on International Jurisdiction
Summary:
U.S. facial recognition firm Clearview AI has won a UK court appeal over alleged general data protection regulation (GDPR) breaches, potentially overturning a previous $10 million fine. The tribunal judge stated that GDPR doesn't apply to Clearview AI due to jurisdictional limitation on implementing GDPR to overseas companies. Despite multiple lawsuits and fines in the EU, the tech firm has at times sidestepped the rulings. Its relationship with law enforcement has led some to argue it's somewhat insulated from U.S. regulations designed to prevent unwarranted surveillance. Currently, data removal requests are limited to residents of certain U.S. states.
Clearview AI, a U.S.-based firm specializing in facial recognition and surveillance, has secured a legal victory in a U.K. court appeal over alleged transgressions of the U.K.'s general data protection regulation (GDPR). The tech firm was previously slapped with a $10 million fine for alleged GDPR breaches in May 2022, with this recent court success potentially reversing this penalty, barring any further challenge from the U.K.'s Information Commissioner's Office (ICO). Tribunal Judge, Lynn Griffin, heading the U.K court tribunal, stated that the applicability of GDPR to Clearview AI, referred to as "CV" in court filings, was irrelevant due to jurisdictional boundaries when it comes to applying GDPR to overseas companies. As the court papers, made public on October 17, state, "The question of whether CV has violated GDPR or U.K GDPR as stated or at all was not on trial. That would only be the case if these proceedings were to progress". Despite experts claiming that Clearview AI has access to billions of images, some allegedly scraped from 'public' U.K internet sources, the ICO doesn't have the jurisdiction to enforce GDPR cases against it in instances like these. The court document specified that Clearview AI "is an overseas company catering to 'foreign clients, using foreign IP addresses, supporting national security and criminal law enforcement operations', targeting behavior within their jurisdiction and outside of the U.K." The approval of this appeal seemingly establishes a legal standpoint, where U.K. courts' enforcement of GDPR applies solely to those firms operating within U.K. jurisdiction. On the other hand, Clearview AI has faced multiple lawsuits and fines under E.U's GDPR in nations including France, Italy, and Greece. In 2021, Sweden's local police authority received over $300K in fines for unauthorized use of Clearview AI's software. But the company has at times sidestepped these rulings. For instance, even after being fined $20 million for GDPR violations in France in October 2022, the organization declined payment and was found guilty of breaching the order as of May 2023. Clearview AI currently occupies a unique standing within the U.S tech industry. Amid ongoing claims of software and services infringing civil liberties and privacy rights of U.S. citizens, some experts believe the company's close relationship with law enforcement shields it from punitive measures consistent with U.S. regulations aimed at curtailing unwarranted surveillance and the Fourth Amendment. Resultantly, it becomes extremely challenging for individuals to have their data expunged from the firm's databases. According to Clearview AI's Privacy Policy page: "At present, only residents of the following states can request access, opt-out and/or deletion: California, Colorado, Connecticut, Illinois, and Virginia." Those residing outside these states, so far, have no clear-cut pathway to have their pictures and other data deleted from Clearview AI's database. The policy also clarifies that Clearview AI "may have transferred this category of personal information to law enforcement, government agencies, legitimate contractors of government agencies or law enforcement, and national security professionals." To opt-out, individuals from the listed U.S. states must submit a 'headshot' photo, substantiate their government-issued ID, and tender "any additional information" demanded by the company to review their removal request.
Published At
10/19/2023 5:38:04 PM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.