Security News > 2023 > May > Zut alors! Raclage crapuleux! Clearview AI in 20% more trouble in France
CLEARVIEW AI collects photographs from a wide range of websites, including social networks, and sells access to its database of images of people through a search engine in which an individual can be searched using a photograph.
Worse still, CNIL castigated Clearview for trying to cling onto the very data it shouldn't have collected in the first place.
The regulator ruled that Clearview made it unacceptably difficult for French people to exercise their rights not only to request full details of PII collected about them, but also to have any or all of that data deleted if they wanted.
CNIL determined that Clearview placed artificial restrictions on letting individuals get at their own data, including: by refusing to delete data collected more than a year earlier; by allowing people to request their data only twice a year; and by "Only responding to certain requests after an excessive number of requests from the same person."
Following a formal notice which remained unaddressed, the CNIL imposed a penalty of 20 million Euros and ordered CLEARVIEW AI to stop collecting and using data on individuals in France without a legal basis and to delete the data already collected.
CLEARVIEW AI had two months to comply with the order and justify compliance to the CNIL. However, the company did not send any proof of compliance within this time limit.