A company famed for selling access to billions of face photographs, many taken from social media without knowledge of the faces depicted, is facing serious new limitations to its controversial business model.
On Monday, Clearview AI agreed to settle a 2020 lawsuit from the ACLU that accused the company of violating an Illinois law that prohibits the use of biometric data from individuals without their consent.
That law Biometric Privacy Act (BIPA)protects the privacy of Illinois residents, but the Clearview settlement is a clear blueprint for how the law can be used to strengthen consumer protection at the national level.
“By requiring Clearview to comply with Illinois’ groundbreaking biometric privacy law not just in the state, but nationwide, this agreement demonstrates that strong privacy laws can provide real protection against abuse,” ACLU Associate Director, Speech, Privacy Project and technologies. Nathan Fried Wessler said.
“Clearview can no longer consider people’s unique biometric identifiers as an unlimited source of profit. Other companies would be wise to take note, and other states should follow Illinois’ lead and enact strong biometric privacy laws.”
Clearview isn’t the only company entangled in Illinois’ groundbreaking privacy law. Last year Facebook was ordered to pay $650 million for violating BIPA by automatically tagging people in photos using facial recognition technology.
Under the terms of the Clearview settlement, which is still in the process of being negotiated in court, the company will be prohibited from selling or making its facial recognition database available to private companies and individuals.
While there is an exception for government contractors, Clearview works with government agencies, including National security and FBI in the USA – the company may not provide its software to any government contractors, state or local governments in Illinois for five years.
Clearview will also be forced to maintain an opt-out system allowing any Illinois resident to block their resemblance to company face search results, a mechanism that they must spend $50,000 to post online. The company should also stop the controversial practice of giving free trials to police officers if those people don’t get approval from their departments to test the software.
The broad restrictions will have a huge impact on Clearview’s ability to do business in the US, but the company also faces privacy concerns in its overseas business. Last November, the UK Information Commissioner’s Office struck Clearview with a $22.6 million fine for not getting consent from British residents before putting their photos into his huge database. Clearview has also violated privacy laws in Canada, France and Australiaand some countries require the company to delete all data obtained without the consent of their residents.
Credit: techcrunch.com /