- ITDM 2025 전망 | “불경기 시대 속 콘텐츠 산업··· 기술이 돌파구를 마련하다” CJ ENM 조성철 엔터부문 CIO
- 50억 달러 피해에서 700명 해고까지··· 2024년 주요 IT 재난 8선
- Network problems delay flights at two oneworld Alliance airlines
- Leveraging Avaya Experience Platform to accelerate your digital banking transformation
- The best iRobot vacuums of 2024: Expert tested and reviewed
France Orders Clearview AI to Delete Data
France’s data protection regulator has ordered American facial recognition software firm Clearview AI to stop illegally processing images.
In a statement released today, the CNIL said that Clearview’s facial recognition software relies on a database of photographs built by extracting photographs and videos publicly available on the internet.
The data protection authority commanded Clearview to desist from extracting such images from people on French territory and delete the data it had gathered in this manner within two months.
The CNIL launched an investigation into Clearview AI in the spring of 2020 after the authority received complaints from individuals about the company’s data practices.
Investigators found that Clearview AI “does not respond effectively to requests for access and erasure. It provides partial responses or does not respond at all to requests.”
The association Privacy International also warned the CNIL about Clearview’s data practices in May 2021.
“These complaints revealed the difficulties encountered by the complainants in exercising their rights with Clearview AI,” said the authority.
CNIL’s probe found that Clearview AI had breached the General Data Protection Regulation (GDPR) in force in the European Union in two different ways.
The first violation committed by Clearview AI was the unlawful processing of personal data in breach of Article 6 of the GDPR. CNIL determined that Clearview AI was guilty of this transgression “because the collection and use of biometric data are carried out without a legal basis.”
CNIL found that in an “intrusive and massive” process, Clearview AI extracted people’s images from the internet for use by its facial recognition software without first obtaining their consent to do so.
“These people, whose photographs or videos are accessible on various websites, including social media, do not reasonably expect their images to be processed by the company to supply a facial recognition system that could be used by States for law enforcement purposes,” stated the CNIL.
Clearview’s second strike was its “failure to take into account the rights of individuals effectively and satisfactorily, in particular requests for access to their data” in contravention of Articles 12, 15 and 17 of the GDPR
