American Facial Recognition Company Fined $34M in the Netherlands

Why Trust Techopedia
Key Takeaways

  • US-based facial recognition company Clearview was fined $34 million in the Netherlands for potential violation of the GDPR.
  • It has previously been charged on similar grounds in France, Greece, Italy, and Austria.
  • Clearview’s total fines in Europe stand at over 80 million euros, but it has yet to comply.

A US-based company has been fined roughly $34 million by the Dutch Data Protection Authority for illegally scraping images for its facial recognition tools.

Clearview AI, a US-based software company that offers facial recognition tools to law enforcement agencies, has received a fine of €30.5 million ($33.7 million) by the Dutch Data Protection Authority (DPA). The Dutch watchdog alleges Clearview has built an “illegal database” of 30 million people without clear consent and cited a violation of the EU’s General Data Protection Regulation (GDPR).

The DPA accused Clearview of scraping the internet for billions of images of humans, including millions of Dutch citizens. The Authority further said Clearview assigns unique biometric identifiers to faces, so they can be used later by investigative and intelligence agencies at state and federal level in the US.

Clearview stated it explicitly functions outside the EU. Though the company did not deny using images of internet users without their consent, its chief legal officer, Jack Mulcaire, protested the penalty and called it “unlawful, devoid of due process,” and “unenforceable,” as quoted by the Associated Press.

Mulcaire insisted the company does not operate in the Netherlands or the EU and does not have any customers in the region. The executive added Clearview does not engage in activities that would subject it to the GDPR.

While acknowledging the need to use facial recognition technologies for catching of suspects, Dutch DPA chairman Aleid Wolfsen said it should be managed by “competent authorities in highly exceptional cases only” but not by commercial entities such as Clearview.

The DPA added Clearview would be subject to additional fines worth €5 million ($5.5 million) if it fails to comply. This isn’t the first time Clearview has been sanctioned in the EU. Before the Netherlands, the company has received cumulative fines worth over €70 million ($77 million) in France, Greece, Italy, and the UK since 2022 based on a series of complaints by privacy advocates. While the company was also deemed illegal in Austria as well, it avoided a fine.

Clearview has failed to comply with the orders — or pay due fines — in these countries. This led to the French privacy regulator CNIL imposing an additional penalty of €5.2 million ($5.7 million) in April 2023.

Although the current status of these fines remain unclear, Clearview was able to secure a ruling in its favor later in October 2023 from the UK’s first-tier tribunal, which said the topic was outside the purview of the UK GDPR.

Despite its repeated non-cooperation with authorities in Europe, Clearview took an unusual stance in the US, where it agreed to pay monetary settlements in exchange for dropping a class action lawsuit.