U.S. surveillance and facial recognition firm Clearview AI has won a court appeal in the United Kingdom after being accused of alleged infractions related to the U.K’s general data protection regulation (GDPR).
Originally, the company was fined nearly $10 million for breaches of the U.K.’s GDPR in May of 2022. The recent victory will see that fine rescinded unless the U.K.’s Information Commissioner’s Office (ICO) further appeals the ruling.
Per a U.K. court tribunal led by Tribunal Judge Lynn Griffin, whether Clearview AI (called “CV” throughout the documents) ran afoul of GDPR is immaterial due to the jurisdictional limits on applying GDPR to foreign companies.
According to court documents released Oct. 17:
“Whether or not CV has infringed the Articles of GDPR or UK GDPR as alleged or at all was not the issue before us. That would be the subject of any substantive hearing were this case to go forward.”
The document goes on to state that, despite the fact that Clearview AI has billions of images in its facial recognition and AI surveillance system (including, according to experts, those sourced from “public” internet repositories originating in the U.K.) the U.K’s ICO doesn’t have the jurisdiction to offer GDPR protection to its citizenry in this case.
In reference to Clearview AI, the court document states “it is a foreign company providing its service to ‘foreign clients, using foreign IP addresses, and in support of the public interest national security and criminal law enforcement functions’, such functions being targeted at behaviour within their jurisdiction and outside of the UK.”
In essence, it appears as though the appeal’s approval sets a legal precedent wherein the U.K. court system’s stance on enforcing GDPR has been relegated to only those companies firmly within the U.K.’s purview.
In contrast, Clearview AI has been sued and fined multiple times in Europe via the E.U. ‘s GDPR with fines being levied in France, Italy, and Greece. In Sweden, the local police authority was fined more than $300K for its illegal use of Clearview AI products in 2021.
However, regarding these and other judgments, Clearview AI has managed to avoid following the court’s orders in at least some instances. Despite, for example, being fined $20 million for GDPR breaches in France in October of 2022, the company refused payment and was found in breach of that…