Clearview AI has incurred yet another fine for its noncompliance with the General Data Protection Regulation (GDPR) in France. The CNIL (Commission nationale de l’informatique et des libertés), the country’s data protection authority, issued €5.2 million as an overdue penalty on top of the €20 million it had already sanctioned the company with last year due to infringement of local privacy regulations.
The initial determination occurred back in December 2021, when the CNIL confirmed that Clearview had unlawfully processed millions of people’s information and neglected to furnish locals with their data access rights. Furthermore, due to the company’s unwillingness to comply with the CNIL’s pre-existing order, a further breach was discovered in October 2022 resulting in the awarding of the maximum fine permissible under the GDPR.
Other EU regulators, including those based in the U.K., Italy and Greece, have also made similar rulings against Clearview, resulting in a collective few tens of millions of euros in fines thus far.
It is not certain, however, whether these sanctions will actually be paid by Clearview, as the US-based company has failed to cooperate with European data protection agencies thus far.