Embattled New York-based facial recognition startup Clearview AI has been asked to answer a number of questions regarding the collection and processing of personal biometric data in Hamburg, Germany, by Johannes Caspar, the city’s Commissioner for Data Protection and Freedom of Information.
The request came via a formal notice of inquiry filed by Caspar and is based on a complaint filed against the company with his office in February of this year. Caspar’s staff apparently made several attempts to contact Clearview over the past several months, but have so far reportedly only received ‘evasive’ answers pertaining to its general business model.
‘Business models that consist of collecting masses of images on the Internet without cause and making people’s faces identifiable through biometric analysis endanger privacy on a global scale,’ said Caspar. ‘To protect those affected under the EU Charter of Fundamental Rights, they must be controlled, regulated and, if necessary, stopped using the General Data Protection Regulation.’
Clearview AI found itself in the global spotlight in January of this year after the New York Times published a front page story revealing that the company had been selling its facial recognition services to law enforcement agencies around the world.
The report revealed that Clearview’s algorithm scraped billions of photos from social media platforms like Youtube, Twitter, and Facebook, and used those images to create a massive database that police could then pay to use to track down individuals.
The company has faced several lawsuits in the United States, including one under Illinois’s BIPA framework, which prohibits the capture and storage of an individual’s biometric data without their express written consent. And while Europe has the General Data Protection Regulation (GDPR), Clearview has thus far argued that it doesn’t fall under its jurisdiction.
Caspar disagrees, saying that the GDPR ‘also applies to companies pursuing corresponding business purposes from outside the EU and thus call into question the privacy and informational self-determination of people in the EU.’
Clearview has until mid September to provide ‘comprehensive and meaningful’ answers, with a possible fine of €10,000 for each of the seventeen questions that go unanswered.
Source: Datenschutz Hamburg
August 24, 2020 – by Tony Bitzionis