On November 3, 2021, the Office of the Australian Information Commissioner (OAIC) announced that Clearview AI, Inc. was found to have breached Australians’ privacy by scraping citizens’ biometric information and disclosing it through a facial recognition tool.

In July 2020, the OAIC and the UK’s Information Commissioner’s Office (ICO) commenced a joint investigation into Clearview AI’s practices. As a result of the investigation, the OAIC determined that Clearview AI breached the Australian Privacy Act 1988 (the Privacy Act) by:

  • collecting Australians’ sensitive information without consent;
  • collecting personal information by unfair means;
  • not taking reasonable steps to notify individuals of the collection of personal information;
  • not taking reasonable steps to ensure that personal information it disclosed was accurate, having regard to the purpose of disclosure; and
  • not taking reasonable steps to implement practices, procedures and systems to ensure compliance with the Australian Privacy Principles.

Clearview AI argued that no breach of Australians’ privacy occurred, as the information it handled was publicly available and not personal information. Clearview AI also asserted that since it is a US-based company and the information was published in the US, the Privacy Act was inapplicable.

However, the OAIC was satisfied that Clearview AI was required to comply with Australian privacy law and that the information it handled was personal information covered by the Privacy Act. The OAIC therefore ordered Clearview AI to cease collecting Australians’ facial images and biometric information, and to destroy any such existing information.

The ICO is considering its next steps and has not yet taken any formal regulatory action under the UK’s data protection laws.

In addition, the OAIC is now finalizing an investigation into the Australian Federal Police’s trial use of Clearview AI’s facial recognition technology and whether such use complied with the necessary privacy requirements under the Australian Government Agencies Privacy Code.

Summary By: Steffi Tran

E-TIPS® ISSUE

21 11 24

Disclaimer: This Newsletter is intended to provide readers with general information on legal developments in the areas of e-commerce, information technology and intellectual property. It is not intended to be a complete statement of the law, nor is it intended to provide legal advice. No person should act or rely upon the information contained in this newsletter without seeking legal advice.

E-TIPS is a registered trade-mark of Deeth Williams Wall LLP.

Steffi Tran
By Steffi Tran
November 24, 2021
Privacy