The British Tribunal yesterday decided that the American company ClearView AI, which collects selfies, is not obliged to pay a fine for violation of the confidentiality of £7.5 million ($9 million). The Tribunal said that the Information Commissioner’s Office (ICO) in the UK does not have the right to fine ClearView, which collects images from open sources on the Internet to teach its AI products.
ICO imposed a fine on the company last May, claiming that the American company violated GDPR in Great Britain by not complying with high standards for the protection of biometric data, without legal grounds for collecting them, and not providing procedures to stop endless data storage.
Nevertheless, the tribunal admitted that given the size of the UK and the degree of use of the Internet and social networks, it can be concluded that there are images of UK residents in the ClearView database. However, it was decided that the processing of data by ClearView goes beyond the territorial jurisdiction of the regulations, and therefore ICO had no right to issue notifications.
ClearView AI claimed that its service is an Internet search system intended exclusively for foreign (i.e. not from the UK/EU) law enforcement agencies and national security.
Data protection lawyer James Castro-Edwards said: “ClearView provided services only to foreign law enforcement or national security authorities and their contractors. UK GDPR provides that the actions of foreign countries go beyond its framework”.
In conclusion, the ICO representative said: “ICO will consider today’s decision and carefully think about the following steps.”