The National Center for Personal Data Protection (NCPDP), for information and application purposes, communicates about the fine in the amount of 20 million euros applied by the Hellenic Data Protection Authority (DPA) to Clearview AI for violating the principles of lawfulness and transparency of personal data processing.
Hellenic DPA examined a complaint against Clearview AI, lodged by the civil non-profit organization “Homo Digitalis” on behalf of a complainant, who claimed that s/he has objections to the realisation of the right of access s/he exercised before the aforementioned company. In conjunction with the issues deplored, it was also requested that the practices of the defendant company be examined on the whole from the point of view of ensuring personal data protection.
Following the investigations, it was found that the company, which markets facial recognition services, violated the principles of lawfulness and transparency stipulated at Art. 5 paragraphs 1(a) and (2), 6, 9 GDPR and its obligations under Articles 12, 14, 15 and 27 of the GDPR.
In this context, Hellenic DPA imposed a fine of 20 million euros to Clearview AI for violating the principles of lawfulness and transparency on personal data processing. In addition, the DPA ordered the company to conform its activity so as to realise the right of access to personal data of data subjects, while imposing (on the same company) a prohibition on the collection and processing of personal data of subjects located in the Greek territory, using methods included in the facial recognition service. Finally, with this Decision, the Hellenic DPA ordered Clearview AI Inc. to delete the personal data of those subjects located in Greece, which the defendant collects and processes using the aforementioned methods.
The NCPDP, as national supervisory authority for personal data processing, emphasizes the responsibility of personal data controllers to comply with the provisions of legal framework on personal data protection and to ensure that personal data processing operations are in accordance with the legislation in force.