The U.K. Information Commissioner’s Office (ICO) has decided to challenge a British court’s recent decision overturning a £7.5 million fine imposed on Clearview AI, a controversial facial recognition company. In October, the tribunal sided with Clearview, stating that the ICO’s actions exceeded the material scope of the General Data Protection Regulation (GDPR).
While the tribunal acknowledged some of ICO’s arguments, it ruled that Clearview is mostly exempt from the GDPR, as only law enforcement agencies outside of the U.K. use its products. The court also stated that British privacy regulations do not cover companies collaborating with law enforcement.
In response to the court’s decision, John Edwards, head of the ICO, announced on Friday that he would challenge the judgment to determine whether commercial enterprises processing digital images of UK citizens can claim engagement in ‘law enforcement.’ Clearview AI argued that its work in the U.K. supported the public interest activities of foreign governments and agencies, particularly in national security and criminal law enforcement functions.
Edwards condemned Clearview’s practices, stating that it is his duty to protect the data rights of the UK citizens affected by Clearview’s extensive scraping of personal information. Clearview AI, on the other hand, praised the court’s decision, asserting that it is not subject to the ICO’s jurisdiction and opposing the ICO’s appeal as “meritless”.
The ICO emphasized that while the tribunal focused on jurisdictional issues, it seemed to align substantively with the ICO’s position that Clearview was processing personal information related to monitoring individuals through the collection of billions of facial images, offered for access and analysis using AI to foreign subscribers. The ICO stressed the importance of courts recognizing that foreign companies are subject to U.K. data protection laws concerning the monitoring of U.K. residents, asserting that Clearview, when providing services commercially, will be subject to the ICO’s jurisdiction.
Reference:
