Details:
| Summary | The Hellenic DPA has imposed a fine of EUR 20,000,000 on Clearview AI Inc. The non-profit organization ‘Homos Digitalis’ had filed a complaint with the DPA on behalf of the data subject. The company holds a database of more than 20 billion facial images (including those of greek residents and nationals) from around the world. The data is collected online from publicly accessible platforms such as social networks. The company offers a search service that allows individuals be identified based on the biometric data extracted from the images. Individuals’ profiles can be enriched with information associated with those images, such as image tags and geolocation. In the course of its investigation the DPA found that the personal data contained in the company’s database had been processed unlawfully and without a valid legal basis. Also, the DPA found that the company had not provided the data subject with access to their personal data and thus violating Art. 15 GDPR. Furthermore, Cleaview had violated the principle of transparency by failing to adequately inform users about the processing of their data. |
| Link: | link |
| Related articles: | Art. 5 (1) a) GDPR, Art. 6 GDPR, Art. 9 GDPR, Art. 12 GDPR, Art. 14 GDPR, Art. 15 GDPR, Art. 27 GDPR |
| Type: | Non-compliance with general data processing principles |
| Fine: | EUR 20,000,000 |
| Sector | Industry and Commerce |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/