The Dutch Data Protection Authority (DPA) fined Clearview AI €30.5 million on Tuesday (3 September), for illegally building a database with over 30 billion photos.
According to the Dutch DPA, Clearview AI, a US firm providing facial recognition services to intelligence agencies and law enforcement, built an illegal database with photos of more than 30 billion people’s faces, without their consent, violating the General Data Protection Regulation (GDPR).
“The Dutch DPA are baring their teeth, and demonstrating the power of the GDPR when properly enforced,” said Ella Jakubowska, Head of Policy at EDRi, the advocacy group for European Digital Rights.
The authority warned against the use of the company’s services, which it said is prohibited.
According to the data watchdog, Clearview did not stop its violations even after the investigations had started. If the AI company continues it could face additional penalties of up to €5.1 million.
Clearview responded to the fine stating the decision is “unlawful, devoid of due process and is unenforceable” since Clearview “does not have a place of business” or customers in the Netherlands or the EU, or undertake other activities that would make it subject to the GDPR, the firm’s Chief Legal Officer Jack Mulcaire, told Euractiv via email on Tuesday.