It was Clearview’s failure to comply with the CNIL’s December 2021 order that led, in October 2022, to the French watchdog adding a third breach finding to its tally - lack of cooperation with the regulator - and issuing the biggest fine it possibly could under the GDPR. That 2022 order followed an earlier finding, in December 2021, when - after investigating complaints - the CNIL decided Clearview had breached the GDPR by unlawfully processing several tens of millions of citizens’ data and failing to provide locals with data access rights. In a press release today, the CNIL said Clearview has failed to complied with the order it issued last October - when it imposed the maximum possible size of penalty it could (€20 million) for three types of breaches of the GDPR. Whether Clearview will ever pay any of these fines remains an open question, since the US-based company has not been cooperating with EU regulators. Clearview has been found to have breached a number of requirements set out in law - by France’s CNIL and several other regional data protection authorities, including authorities in the U.K., Italy and Greece, garnering several tens of millions in total fines to date. The European Union’s General Data Protection Regulation (GDPR) sets out conditions for processing personal data lawfully. The overdue penalty payment of €5.2 million has been issued by the French regulator, the CNIL - on top of a €20 million sanction it slapped the company with last year for breaching regional privacy rules. startup that’s attracted notoriety in recent years for a massive privacy violation after it scraped selfies off the internet and used people’s data to build a facial recognition tool it pitched to law enforcement and others, has been hit with another fine in France over non-cooperation with the data protection regulator.
0 kommentar(er)
