The UK's privacy authority has fined facial recognition startup Clearview AI more than £7.5 million and ordered it to destroy the data of UK individuals.


To establish a global facial recognition database, the business collects photographs from the internet.


According to the Information Commissioner's Office (ICO), this is a violation of UK data protection rules.


It has ordered the company to stop collecting and utilizing personal information about UK citizens.


Hoan Ton-That, the CEO of Clearview AI, said: "I am really sorry that the Information Commissioner of the United Kingdom misconstrued my technology and objectives.


"We only take public data from the internet and adhere to all privacy and legal requirements.


"I'm discouraged by society's misconception of Clearview AI's technology."


Use of 'unacceptable' data


According to the ICO, the corporation has accumulated more than 20 billion facial photographs internationally.

Clearview AI harvests publicly shared photos from Facebook, Instagram, and other sites, frequently without the platform's knowledge or consent.

UK Information Commissioner John Edwards stated: "The corporation not only identifies such individuals, but also successfully monitors their behavior and sells it as a service. That is really inappropriate."

"People expect that their personal information will be respected, regardless of where their data is utilized," Mr Edwards concluded.


The ICO stated that while Clearview AI Inc no longer provided services to UK businesses, the company continued to utilize personal data of UK people since it had customers in other countries.

The ICO warned the firm in November 2021 that it may face a punishment of up to £17 million, about £10 million more than it has already been compelled to pay.

Following France, Italy, and Australia, the United Kingdom has become the fourth country to pursue enforcement action against the company.

"While we appreciate the ICO's willingness to lessen their monetary punishment on Clearview AI, we continue to believe that the decision to impose any charge is improper as a matter of law," stated Lee Wolosky of the American firm Jenner and Block.


"Clearview AI is not subject to the ICO's jurisdiction, and Clearview AI currently does no business in the UK."

'A facial search engine'

The company's approach allows users to submit a snapshot of their face and search through billions of photographs in its database for matches.

It then gives you links to where you may find matching photographs online.

Clearview AI Inc was found to have broken UK data protection legislation by failing to:

use people's data in the UK in a fair and transparent manner have a -legal justification for collecting people's data have a method in place to prevent data from being kept indefinitely satisfy the higher data protection requirements necessary for biometric data

It was also discovered that when people enquired if they were on the firm's database, they were asked for more personal information, including images.

Following a collaborative investigation with the Office of the Australian Information Commissioner, the ICO took action.

"This international cooperation is crucial to defend people's privacy rights in 2022," Mr Edwards added.

"That involves collaborating with regulators in other countries, as we did with our Australian counterparts in this case."


Hoan Ton-That, the company's creator, claims that the firm's objective is to "help communities and their people live better, safer lives," and that all of the information gathered is freely available on the internet. He claims that Clearview's massive database of faces has aided law enforcement in combating "heinous" crimes.

The Metropolitan Police, the Ministry of Defence, and the National Crime Agency were among Clearview's prior clients in the United Kingdom. However, those it collaborates with in other countries will have access to its whole database of 20 billion photographs, which would invariably include UK citizens.


Will we ever find out who was on it? Probably not, although you may be if there are images of you on the internet. And it's rare that you've been asked if that's okay.

When Italy fined Clearview €20 million (£16.9 million) earlier this year, the company retaliated, claiming that it did not operate in any way that put it under the GDPR's authority. Could it make a similar argument in the United Kingdom, where it has no business, customers, or headquarters?

It can now appeal the ICO's judgment, and it may do so.