Canadian regulators on Wednesday said facial-recognition-software company Clearview AI Inc. violated federal and provincial privacy laws in the country by offering its services there, though they acknowledged having limited enforcement powers in penalizing the New York-based company and others like it.
Regulators said Clearview collected “highly sensitive biometric information without the knowledge or consent of individuals,” affecting millions of Canadians. Clearview has a database of about 3 billion photos it scraped from the internet, allowing it to search for matches using facial recognition algorithms. The practices violated federal and provincial laws, regulators said, including in Quebec where express consent is required to use biometric data.
Officials with four Canadian regulatory agencies said they completed an investigation into Clearview that began last February, finding that the company served 48 accounts for law enforcement agencies and other organizations across the country, including a paid subscription by the Royal Canadian Mounted Police.
Clearview said its technology is no longer available in Canada and that it will remove data on Canadian citizens upon their requests.
The investigation is the latest case involving Clearview and privacy regulators, the most prominent in this case being the Office of the Privacy Commissioner of Canada. Last week the The Hamburg Data Protection Authority said Clearview’s activities are illegal under the European Union’s General Data Protection Regulation.