France: Issued EUR 20 millions fine against Clearview AI over its illegal biometric data collection and processing practices

Compare with different regulatory event:

Description

Issued EUR 20 millions fine against Clearview AI over its illegal biometric data collection and processing practices

On 20 October 2022, the French Data Protection Authority, Commission Nationale de l'Informatique et des Libertés (CNIL) issued a EUR 20 million fine to the facial recognition company Clearview AI after pursuing an investigation into its personal data collection and biometric data processing practices. The CNIL found that Clearview AI violated the EU General Data Protection Regulation (GDPR) by collecting and using data of individuals residing in France without an appropriate legal basis and failing to respond effectively to individuals' requests for access and erasure of their data. The company failed to comply with the CNIL ruling from 26 November 2021, ordering Clearview AI to cease processing the personal data of individuals residing in France and comply with data erasure and deletion requests. The fine issued represents the maximum financial penalty under General Data Protection Regulation.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
ML and AI development
Implementation Level
national
Government Branch
executive
Government Body
data protection authority

Complete timeline of this policy change

Hide details
2021-08-26
under deliberation

On 26 August 2020, the French Data Protection Authority, Commission Nationale de l'Informatique et …

2021-11-26
in force

On 26 November 2021, the French Data Protection Authority, Commission Nationale de l'Informatique e…

2022-10-20
in force

On 20 October 2022, the French Data Protection Authority, Commission Nationale de l'Informatique et…