Clearview AI Faces Criminal Complaint Over EU Privacy Breach

A European privacy advocacy group, Noyb, has escalated its action against US-based facial recognition company Clearview AI by filing a criminal complaint in Austria. The move comes after years of mounting scrutiny over the company’s controversial data practices.

Clearview AI, known for its AI-powered identity-matching service, has built a vast facial recognition database by scraping publicly available information from social media and other online sources. Its services are used by law enforcement agencies and private firms, raising concerns over privacy violations and the potential misuse of mass surveillance technologies.

Despite numerous fines under the European Union’s General Data Protection Regulation (GDPR), Clearview has largely evaded enforcement. Since February 2022, data protection authorities in Greece, France, Italy, and the Netherlands have collectively imposed €95.7 million in penalties on the company. However, without a formal presence in the EU, Clearview has struggled to pay these fines.

Noyb argues that the company has consistently ignored EU law. By pursuing a criminal case, the group hopes that Clearview’s executives could face personal liability, including jail time, if found guilty under Austrian law. GDPR provisions allow criminal sanctions in countries that have implemented them nationally, which applies in Austria.

The issue is not limited to the EU. In 2022, Clearview was fined £7.5 million (€8.6 million) in the UK for similar violations, with courts affirming that the company must comply with national data protection laws.

The case marks a significant step in Europe’s efforts to hold foreign tech companies accountable for mass data breaches, signaling that privacy authorities are increasingly willing to pursue criminal measures when regulatory fines alone fail to compel compliance.