THE HAGUE, Netherlands — The Dutch data protection watchdog Tuesday issued facial recognition startup Clearview AI with a fine of $33.7 million over its creation of what the agency called an “illegal database” of billion of photos of faces.
The Netherlands’ Data Protection Agency, or DPA, also warned Dutch companies that using Clearview’s services is also banned. The data agency said that New York-based Clearview “has not objected to this decision and is therefore unable to appeal against the fine.”
But in a statement emailed to The Associated Press, Clearview’s chief legal officer, Jack Mulcaire, said the decision is “unlawful, devoid of due process and is unenforceable.”
The Dutch agency said that building the database and insufficiently informing people whose images appear in the database amounted to serious breaches of the European Union’s General Data Protection Regulation, or GDPR.
“Facial recognition is a highly intrusive technology, that you cannot simply unleash on anyone in the world,” the DPA chair, Aleid Wolfsen, said in a statement.
“If there is a photo of you on the Internet — and doesn’t that apply to all of us? — then you can end up in the database of Clearview and be tracked,” he said.
DPA said that if Clearview doesn’t halt the breaches of the regulation, it faces noncompliance penalties of up to $5.6 million on top of the fine.
Mulcaire said in his statement that Clearview doesn’t fall under EU data protection regulations.
“Clearview AI does not have a place of business in the Netherlands or the EU, it does not have any customers in the Netherlands or the EU, and does not undertake any activities that would otherwise mean it is subject to the GDPR,” he said.
In June, Clearview settled an Illinois lawsuit alleging its massive photo collection of faces violated the subjects’ privacy rights, a deal that attorneys estimate could be worth over $50 million. Clearview didn’t admit any liability in that settlement.