This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Insights Insights
| less than a minute read

Facial Recognition Company Fined €20M for GDPR Violations in Italy

The Italian data regulator has fined Clearview AI nearly $22M and ordered it to delete data deemed to violate the GDPR and banning use of its offending facial recognition technology in Italy. The regulator found that Clearview lacked an adequate legal basis for processing faceprints, as well as violating several technical requirements of the GDPR such as purpose and re-use limitations, transparency, and deletion.  

The UK data regulator had ordered Clearview to stop processing data in the fall of 2021, warning of potential fines in that country. Sweden last year fined a customer of Clearview's facial recognition technology for violation of data protection laws.    

Why It Matters

European regulators seem increasingly inclined to issue eyebrow-raising fines for violations of GDPR. Although Facebook and Google have garnered the most attention, and ire, it is clear that regulators do not hesitate to pursue other American companies as well.  Anyone with data from the EU is advised to examine their notice, security, transfer, and other procedures to ensure that they are GDPR-friendly.  A multi-million-Euro fine would be crippling to many small tech companies.  

Italy’s data protection agency today announced a €20 million penalty for breaches of EU law — as well as ordering the controversial company to delete any data on Italians it holds and banning it from any further processing of citizens’ facial biometrics.


insights, hill_mitzi, data security and privacy