Dutch Agency Slaps Face Recognition Firm Clearview AI with $33.7M Fine

Dutch data watchdog the Data Protection Agency (DPA) on Tuesday fined US facial recognition firm Clearview AI $33.7 million, alleging the company keeps an illegal database of billions of images of private citizens scraped from the internet.

The Netherlands’ DPA also imposed a separate penalty of up to 5 million euros for non-compliance. DPA says the lack of consent from people whose images appear in the database amounted to a breach of the European Union's (EU) General Data Protection Regulation (GDPR). Clearview AI’s database is used by businesses and law enforcement agencies.

“Facial recognition is a highly intrusive technology that you cannot simply unleash on anyone in the world,” DPA Chairman Aleid Wolfsen said in a statement. DPA says use of Clearview AI’s services is illegal under Dutch regulations.

Wolfsen added, “If there is a photo of you on the internet -- and doesn’t that apply to all of us? -- then you can end up in the database of Clearview and be tracked. This is not a doom scenario from a scary film. Nor is it something that could only be done in China.”

In a statement sent to InformationWeek, Jack Mulcaire, Clearview AI’s chief legal officer, called the decision “unlawful” and “unenforceable.” “Clearview AI does not have a place of business in the Netherlands or the EU, it does not have any customers in the Netherlands or the EU and does not undertake any activities that would otherwise mean it is subject to GDPR.”

Related:Meta’s $1.4B Texas Settlement Highlights Facial Recognition Risks

He claimed that the decision was “devoid of due process.”

A Clear View of Controversies

This is not the first time Clearview AI faced legal challenges for its facial recognition database practices. The company in June settled an Illinois lawsuit -- which consolidated several lawsuits from around the US -- over the firm’s massive photographic database. Plaintiffs in the case were given a share of the company’s potential value, rather than a traditional payout.

The company also settled a separate case by the Illinois ACLU that had the firm agree not to sell its faceprint database to private businesses nationwide. Law enforcement agencies in Illinois were also banned from using the company’s services.

Last month, the Office of the Australian Information Commissioner announced that it would drop its case against Clearview AI. In 2022, a $14.5 million UK fine was overruled by courts that found UK authorities did not have the power to issue fines to a foreign company. France, Italy, Greece and other countries in the EU also issued $33 million or higher fines.

Related:FTC Prescribes Ban on Rite Aid’s AI Facial Recognition Use

The legal controversies have done little to slow the success of the firm, which sells its database technology to law enforcement agencies and governments. Most recently, the technology was used in war-torn Ukraine to identify Russian soldiers.

In an interview with CNN, Clearview AI founder and CEO Hoan Ton-That defended his company’s use of billions of images taken without consent, saying law enforcement has successfully used the technology to solve crimes.

In a September interview with Inc.com, Ton-That said that with law enforcement and government market possibilities alone, the company could carve out $2 billion in annual recurring revenue.

But regulators are taking an increasing interest in potential biometric misuse.

In July, Texas reached a historic $1.4 billion settlement with Meta over the company’s use of facial-recognition technology that collected biometric data on millions of state residents without their consent.

And last year, the US Federal Trade Commission banned Rite Aid’s facial recognition use that tracked potential shoplifters.