CNIL (France) - SAN-2023-005: Difference between revisions
(Created page with "{{DPAdecisionBOX |Jurisdiction=France |DPA-BG-Color= |DPAlogo=LogoFR.png |DPA_Abbrevation=CNIL |DPA_With_Country=CNIL (France) |Case_Number_Name=SAN-2023-005 |ECLI= |Original_Source_Name_1=Légifrance |Original_Source_Link_1=https://www.legifrance.gouv.fr/cnil/id/CNILTEXT000047527412?init=true&page=1&query=SAN-2023-005&searchField=ALL&tab_selection=all |Original_Source_Language_1=French |Original_Source_Language__Code_1=FR |Original_Source_Name_2= |Original_Source_Lin...") |
No edit summary |
||
(One intermediate revision by the same user not shown) | |||
Line 61: | Line 61: | ||
}} | }} | ||
Clearview | Since Clearview did not comply with a previous order to comply issued together with a €20,000,000 fine, the French DPA imposed the payment of a €5,200,000 penalty. | ||
== English Summary == | == English Summary == | ||
=== Facts === | === Facts === | ||
This decision is a follow-up on a decision of 17 October 2022 (available | This decision is a follow-up on a decision of 17 October 2022 (available [[CNIL (France) - Délibération SAN-2022-019|on GDPRhub]]) in which the French DPA (CNIL) had fined Clearview AI €20,000,000 for several GDPR-related violations and ordered it to comply within two months with different measures under a penalty of €100,000 per day. | ||
On 9 February 2023, the CNIL informed the company that without any proof of compliance, it would impose an overdue payment of €5,200,000 for the period between December 2022 (two months after the initial decision) and February 2023. | On 9 February 2023, the CNIL informed the company that without any proof of compliance, it would impose an overdue payment of €5,200,000 for the period between December 2022 (two months after the initial decision) and February 2023. | ||
=== Holding === | === Holding === | ||
Without reaction from Clearview, on 13 April 2023, the CNIL effectively imposed the payment of the €5,200,000 penalty. | |||
== Comment == | == Comment == | ||
As a reminder, Clearview's business is to use photographs from websites, including social networks, and to market them for facial recognition. The US-based company has reportedly not paid the first fine and remains silent. It is disappointing to observe Clearview AI remains out of reach. This case shows (once again) the difficulties of enforcing European regulations on foreign companies. | As a reminder, Clearview's business is to use photographs from websites, including social networks, and to market them for facial recognition. The US-based company has reportedly not paid the first fine and remains silent. It is disappointing to observe Clearview AI, even though it is established that it violates EU citizen's right to data protection, remains out of reach. The company denies the application of the GDPR to its activities. | ||
This case shows (once again) the difficulties of enforcing European regulations on foreign companies. It will be interesting to follow the next steps the CNIL is going to take in that matter. | |||
== Further Resources == | == Further Resources == |
Latest revision as of 11:44, 16 May 2023
CNIL - SAN-2023-005 | |
---|---|
Authority: | CNIL (France) |
Jurisdiction: | France |
Relevant Law: | Article 44 décret n° 2019-536 du 29 mai 2019 pris pour l'application de la loi n° 78-17 du 6 janvier 1978 relative à l'informatique, aux fichiers et aux libertés |
Type: | Other |
Outcome: | n/a |
Started: | |
Decided: | |
Published: | |
Fine: | n/a |
Parties: | Clearview AI |
National Case Number/Name: | SAN-2023-005 |
European Case Law Identifier: | n/a |
Appeal: | Unknown |
Original Language(s): | French |
Original Source: | Légifrance (in FR) |
Initial Contributor: | n/a |
Since Clearview did not comply with a previous order to comply issued together with a €20,000,000 fine, the French DPA imposed the payment of a €5,200,000 penalty.
English Summary
Facts
This decision is a follow-up on a decision of 17 October 2022 (available on GDPRhub) in which the French DPA (CNIL) had fined Clearview AI €20,000,000 for several GDPR-related violations and ordered it to comply within two months with different measures under a penalty of €100,000 per day.
On 9 February 2023, the CNIL informed the company that without any proof of compliance, it would impose an overdue payment of €5,200,000 for the period between December 2022 (two months after the initial decision) and February 2023.
Holding
Without reaction from Clearview, on 13 April 2023, the CNIL effectively imposed the payment of the €5,200,000 penalty.
Comment
As a reminder, Clearview's business is to use photographs from websites, including social networks, and to market them for facial recognition. The US-based company has reportedly not paid the first fine and remains silent. It is disappointing to observe Clearview AI, even though it is established that it violates EU citizen's right to data protection, remains out of reach. The company denies the application of the GDPR to its activities.
This case shows (once again) the difficulties of enforcing European regulations on foreign companies. It will be interesting to follow the next steps the CNIL is going to take in that matter.
Further Resources
Share blogs or news articles here!
English Machine Translation of the Decision
The decision below is a machine translation of the French original. Please refer to the French original for more details.