Newsnews

New Ruling: Clearview AI Wins Appeal Against UK Privacy Sanction

new-ruling-clearview-ai-wins-appeal-against-uk-privacy-sanction

Controversial US facial recognition company, Clearview AI, has successfully appealed against a privacy sanction issued by the UK’s Information Commissioner’s Office (ICO) last year. The ICO had fined Clearview around £7.5 million ($10 million) and ordered the deletion of personal data it held on UK citizens. However, Clearview argued that its activities fell outside the jurisdiction of UK data protection law, and the tribunal agreed, citing an exemption related to foreign law enforcement.

Key Takeaway

Clearview AI has won an appeal against a privacy sanction issued by the UK’s ICO. The company argued that its activities fall outside the jurisdiction of UK data protection law. The ruling could have implications for other enforcements against Clearview under the EU’s GDPR.

The Background

In May 2022, the ICO issued an enforcement notice on Clearview AI, accusing the company of multiple breaches of local privacy laws. The ICO found that Clearview had been scraping personal data and selling an identity-matching service to law enforcement and national security bodies. The fine and deletion order were part of the ICO’s enforcement actions.

The Appeal Ruling

Clearview appealed the ICO’s decision and argued that its service was exclusively provided to foreign law enforcement and national security bodies. The tribunal accepted Clearview’s claim and overturned the ICO’s enforcement decision. While the tribunal agreed with the ICO’s argument that Clearview’s processing activities were related to the monitoring of data subjects’ behavior, it concluded that the company fell outside the scope of UK GDPR due to the exemption related to foreign law enforcement.

Implications for Clearview AI and Data Protection Authorities

This appeal ruling highlights the challenges faced by European data protection authorities in enforcing data protection rules against foreign-located firms. While Clearview AI’s pivot to focusing exclusively on law enforcement and national security agencies has complicated the legal picture, it remains unclear whether this tribunal ruling will have direct implications for other enforcements against the company under the EU’s GDPR.

Data protection watchdogs in France, Italy, and Greece have previously found Clearview AI in breach of the EU’s GDPR. However, the UK’s domestic data protection framework, post-Brexit, is now separate from the EU GDPR. The ICO has not confirmed whether it will appeal the ruling, but it retains the ability to act against international companies processing data of people in the UK.

Overall, this ruling raises questions about the ability of European regulators to prevent a US company like Clearview AI from collecting and selling data on European citizens and providing facial recognition services to foreign law enforcement and state agencies. The controversy surrounding Clearview has prompted EU lawmakers to consider tighter regulations on the use of artificial intelligence and potentially ban practices like indiscriminate scraping of biometric data to create facial recognition databases.

Leave a Reply

Your email address will not be published. Required fields are marked *