NEWS10 November 2021

Facial recognition firm ordered to delete photos in Australia

Asia Pacific GDPR Legal News Privacy UK

UK/AUSTRALIA – Facial recognition company Clearview AI contravened privacy laws in Australia, according to the Office of the Australian Information Commissioner (OAIC) following a joint investigation with the UK Information Commissioner’s Office (ICO).

Facial recognition

The two regulators launched the investigation into Clearview last year regarding the company’s use of data scraped from the internet and the use of biometrics for facial recognition.

Clearview’s facial recognition app allows users to upload a photo of an individual’s face and match it to photos of that person’s face collected from the internet.

The ICO said that the Clearview system is reported to include a database of more than three billion images from various social media platforms and other websites.

The ICO and OAIC worked together on the evidence-gathering stage of the investigation, and each authority has also been looking separately at their respective police forces’ use of the technology.

The OAIC determined that Clearview breached Australian privacy laws by collecting information about individuals without those individuals’ providing consent.

The ruling also said Clearview failed to take steps to notify individuals of the collection of their personal information.

As a result of the breaches, the OAIC ordered Clearview to stop the collection of scraped images and destroy any images collected to date that contravened Australian privacy laws.

The ICO said it is considering its next steps and whether any formal regulatory action is required under UK data protection laws. The ICO set out rules for the use of facial recognition technology in public places earlier this year. 

Angelene Falk, Australian information commissioner and privacy commissioner, said: “The issues raised by Clearview AI’s business practices presented novel concerns in a number of jurisdictions.

“By partnering together, the OAIC and ICO have been able to contribute to an international position, and shape our global regulatory environment.”

Elizabeth Denham, UK information commissioner, said: “Our digital world is international and so our regulatory work must be international too, particularly where we are looking to anticipate, interpret and influence developments in tech for the global good.

“That doesn’t mean sharing the same laws or approaches, but on finding ways for our different approaches to work side by side and to coordinate and share the regulatory challenge where technologies impact our citizens across international borders.”

Mark Love, attorney for Clearview AI, said: “Clearview AI intends to seek review of the commissioner’s decision by the (Australian) Administrative Appeals Tribunal. Not only has the commissioner’s decision missed the mark on the manner of Clearview AI’s manner of operation, the commissioner lacks jurisdiction.

“To be clear, Clearview AI has not violated any law nor has it interfered with the privacy of Australians. Clearview AI does not do business in Australia, does not have any Australian users.”