French watchdog thinks a stern letter will get Clearview AI to delete data

French privacy watchdog CNIL (that is: Commission Nationale de l'informatique et des libertés) wants Clearview AI to scrub its servers of all facial recognition data. You know, the same Clearview AI that’s completely ignored repeated cease-and-desist orders from some of the world’s most powerful organizations. Good luck with that, CNIL.

The CNIL put out a public statement on its website last week (h/t TechCrunch). The group alleges that Clearview’s unconventional image-scraping methods violate Europe’s General Data Protection Regulation (GDPR). Clearview has two months to delete any user data or face legal consequences.

Clearview AI has gained international notoriety in the last few years for its scary-accurate facial recognition technology and for its brash forward momentum in the face of pushback from all sides. Activists have voiced immense concerns over the company’s mission to scrape the internet of every image available without permission. Clearview, meanwhile, maintains that the U.S. Constitution grants it every right to take advantage of publicly available media.

More to come — The CNIL is not the first regulatory body to call Clearview AI out for its privacy-shunning practices. And it surely won’t be the last.

The watchdog’s investigations found that Clearview had breached two sections of the GDPR by collecting biometric data for no legal reason and for breaching public privacy in general. The CNIL says its investigation was compounded by multiple reports made about people facing difficulties in accessing the data scraped by Clearview.

The CNIL’s reach is limited to French denizens, but that doesn’t necessarily mean other countries in the EU won’t issue similar ultimatums in the future. Any countries that follow the GDPR could potentially bring the same charges against Clearview. And CNIL says it’s already been working with other authorities to share its findings.

A global response — Clearview is not universally hated. Plenty of government entities, including ICE and local law enforcement offices, have paid the company for its services. Those who benefit from the unwieldy power of an enormous facial recognition database, in other words.

Clearview’s official response to the CNIL’s statement denies any responsibility to EU law. “Clearview AI does not have a place of business in France or the EU, it does not have any customers in France or the EU, and does not undertake any activities that would otherwise mean it is subject to the GDPR,” said the company, in a statement attributed to founder Hoan Ton-That.

Ton-That goes on to say that his intentions with Clearview have always been “to help communities and their people to live better, safer lives.” This claim is difficult to swallow, given the company’s deep ties to white supremacists.

And so it seems Clearview will not comply, at least for now. Perhaps a hefty fine — the CNIL can issue one as high as 4 percent of a company’s annual revenue — will change its mind. But threats have never worked well against Clearview.