CNIL (France) - SAN-2023-005: Difference between revisions

From GDPRhub
No edit summary
No edit summary
 
Line 61: Line 61:
}}
}}


Clearview AI remains out of reach for the French DPA. Without reaction from Clearview after an order to comply and a €20,000,000 fine, the DPA imposed the payment of a €5,200,000 penalty.
Since Clearview did not comply with a previous order to comply issued together with a €20,000,000 fine, the French DPA imposed the payment of a €5,200,000 penalty.


== English Summary ==
== English Summary ==

Latest revision as of 11:44, 16 May 2023

CNIL - SAN-2023-005
LogoFR.png
Authority: CNIL (France)
Jurisdiction: France
Relevant Law:
Article 44 décret n° 2019-536 du 29 mai 2019 pris pour l'application de la loi n° 78-17 du 6 janvier 1978 relative à l'informatique, aux fichiers et aux libertés
Type: Other
Outcome: n/a
Started:
Decided:
Published:
Fine: n/a
Parties: Clearview AI
National Case Number/Name: SAN-2023-005
European Case Law Identifier: n/a
Appeal: Unknown
Original Language(s): French
Original Source: Légifrance (in FR)
Initial Contributor: n/a

Since Clearview did not comply with a previous order to comply issued together with a €20,000,000 fine, the French DPA imposed the payment of a €5,200,000 penalty.

English Summary

Facts

This decision is a follow-up on a decision of 17 October 2022 (available on GDPRhub) in which the French DPA (CNIL) had fined Clearview AI €20,000,000 for several GDPR-related violations and ordered it to comply within two months with different measures under a penalty of €100,000 per day.

On 9 February 2023, the CNIL informed the company that without any proof of compliance, it would impose an overdue payment of €5,200,000 for the period between December 2022 (two months after the initial decision) and February 2023.

Holding

Without reaction from Clearview, on 13 April 2023, the CNIL effectively imposed the payment of the €5,200,000 penalty.

Comment

As a reminder, Clearview's business is to use photographs from websites, including social networks, and to market them for facial recognition. The US-based company has reportedly not paid the first fine and remains silent. It is disappointing to observe Clearview AI, even though it is established that it violates EU citizen's right to data protection, remains out of reach. The company denies the application of the GDPR to its activities.

This case shows (once again) the difficulties of enforcing European regulations on foreign companies. It will be interesting to follow the next steps the CNIL is going to take in that matter.

Further Resources

Share blogs or news articles here!

English Machine Translation of the Decision

The decision below is a machine translation of the French original. Please refer to the French original for more details.