Back to Cases
technologyTechnology · 2022
Clearview AI Inc.
The ICO fined Clearview AI for unlawfully scraping and processing facial images of UK residents to build a database of over 20 billion images used to offer facial recognition services to law enforcement and commercial clients, without lawful basis, transparency, or any mechanism for UK residents to exercise data subject rights. The ICO coordinated its investigation with Australian and other privacy regulators as part of a joint international enforcement effort. The fine was reduced from an initial enforcement notice of £17.1 million following representations.
Fine Imposed€8.8M
Authority
ICO-UK
Regulation
UK General Data Protection Regulation + Data Protection Act 2018
Max fineHigher tier: £17.5M or 4% of global annual turnover; standard tier: £8.75M or 2%
Statusactive
Key Takeaways
- Building biometric databases from scraped online images is unlawful under UK GDPR regardless of the public availability of source images — the ICO will coordinate internationally and seek to protect UK residents' biometric data from exploitation by overseas entities.