Clearview AI faces £17 million fine for violating UK data protection laws

The ICO has voiced "significant concerns" that the company has processed UK personal data without people's knowledge

The Information Commissioner's Office (ICO) has issued a provisional fine of £17 million to controversial Australian firm Clearview AI over its handling of UK personal data. 

Related Resource

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Prevent fraud and phishing attacks with DMARC - whitepaper from MimecastFree download

Despite no longer operating in the country, the firm has also been told to stop processing UK personal data and delete any it has. 

The company, which provides mass databases and facial recognition technology for law enforcement agencies, has already been found to have broken Australian privacy law and been hit with cease and desist notices from the likes of Facebook and Twitter for scraping public images for its systems. 

After a joint investigation with the Australian ICO, the UK's data regulator found that Clearview had violated "several" data protection laws in the UK. It also found the company may be "continuing to process significant volumes of UK people's information" without their knowledge. 

"I have significant concerns that personal data was processed in a way that nobody in the UK will have expected," said Information Commissioner Elizabeth Denham said.

"It is therefore only right that the ICO alerts people to the scale of this potential breach and the proposed action we're taking. UK data protection legislation does not stop the effective use of technology to fight crime, but to enjoy public trust and confidence in their products technology providers must ensure people's legal protections are respected and complied with."

In response, Clearview called the regulator's claims "factually and legally incorrect". The company's founder and CEO, Hoan Ton-That, also said that the ICO had "misinterpreted" his technology and intentions.  "My company and I have acted in the best interests of the UK and their people by assisting law enforcement in solving heinous crimes against children, seniors, and other victims of unscrupulous acts. We collect only public data from the open internet and comply with all standards of privacy and law," Ton-That said, according to the BBC Clearview can challenge the proposed fine before a final decision is made midway through 2022. 

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now


Senator reintroduces federal data protection bill
data protection

Senator reintroduces federal data protection bill

17 Jun 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
How to speed up Windows 11
Microsoft Windows

How to speed up Windows 11

7 Jan 2022
Synology DiskStation DS2422+ review: A cube of great capacity
network attached storage (NAS)

Synology DiskStation DS2422+ review: A cube of great capacity

10 Jan 2022