The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million on the American facial recognition company Clearview AI, citing the illegal creation of a vast biometric database.

Additionally, the company faces incremental penalties of up to €5.1 million if it does not cease its violations, as ordered by the Dutch DPA.

Clearview AI, which specialises in providing facial recognition services to law enforcement agencies, amassed a database of over 30 billion images by scraping photos from the internet without the knowledge or consent of those pictured. The company then converted these images into unique biometric codes, allowing users to identify individuals through these data points.

Aleid Wolfsen, chairman of the Dutch DPA, highlighted the severity of the situation, noting the widespread implications of such technology. “Facial recognition is a highly intrusive technology, that you cannot simply unleash on anyone in the world,” Wolfsen stated. He expressed concern over the potential for individuals to be unknowingly included in Clearview’s database and warned that this could lead to widespread tracking, drawing a parallel to surveillance practices typically associated with authoritarian regimes.

Clearview AI, which does not operate within the European Union, claims its services are only offered to intelligence and investigative agencies outside the EU. However, Wolfsen stressed that this does not diminish the risks posed by the company’s practices, emphasising that such technology should be restricted to law enforcement agencies under strict regulation and oversight.

The Dutch DPA’s decision marks another instance of European regulators taking action against Clearview AI. The company has previously faced fines from other European data protection authorities, including a €20 million penalty from France’s CNIL in 2022. Despite these sanctions, Clearview has continued its operations without significant changes to its practices.

The Dutch DPA has expressed determination to ensure compliance, even considering holding Clearview’s management personally accountable. “Such a company cannot continue to violate the rights of Europeans and get away with it,” Wolfsen asserted. He warned that Dutch organisations using Clearview’s services could face substantial penalties themselves, as such usage is deemed illegal under Dutch law.

Clearview AI has not contested the Dutch DPA’s decision and is thus unable to appeal the fine.

---