In a major blow to Clearview AI, a facial recognition tech company, the Dutch Data Protection Authority (DPA) has imposed a hefty fine of approximately €33 million ($39 million) for serious data privacy violations. Clearview AI has faced widespread criticism for its powerful face image search engine, which has been utilized by law enforcement agencies worldwide. The DPA found that the company illegally constructed a database with billions of unauthorized photos of faces, collected without consent, including images of Dutch citizens.

According to the Dutch DPA, Clearview AI systematically crawled the internet, pulling in over 40 billion face images without any restrictions on geographical location or nationality. Disturbingly, the company also offered facial recognition software for identifying children, thereby indiscriminately processing personal data of minors.

The technology behind Clearview AI's face database enables users to upload any photo and search for matches on the internet. The Dutch DPA determined that these searches could "unambiguously" identify individuals, raising concerns about privacy invasion. Moreover, the DPA criticized Clearview AI's broad data collection, as it subjects the majority of individuals to potential surveillance without cause or consent.

Dutch DPA Chairman, Aleid Wolfsen, expressed grave concerns about the invasive nature of Clearview AI's operations, stating that their practices resemble a "doom scenario from a scary film." Wolfsen emphasized that the company had stopped responding to requests from Dutch citizens seeking access or removal of their data. Disturbingly, Clearview AI has also ceased cooperation with such requests throughout the entire European Union.

To protect the privacy of Dutch citizens, the Dutch DPA has levied a fine of approximately €33 million on Clearview AI. If the company fails to comply with the DPA's orders on compliance, the fine could increase by around €5.5 million ($6.5 million). The DPA has also warned that any Dutch businesses attempting to use Clearview AI's services could face substantial fines since such usage is prohibited under the General Data Protection Regulation (GDPR).

Clearview AI has been given three months to appoint a representative within the European Union to cease processing personal data in the Netherlands and update its privacy policies to inform all Dutch users of their rights under GDPR. Additionally, the company has been given one month to resume processing requests for data access or removal from Dutch citizens unable to exercise their privacy rights effectively.

However, Clearview AI has shown no intention of complying with the Dutch DPA's decision. Jack Mulcaire, the company's chief legal officer, argues that Clearview AI is not subject to GDPR as it lacks a physical presence or customers in the Netherlands or the European Union. Mulcaire has labeled the DPA's decision as "unlawful, devoid of due process, and unenforceable."

Contrary to Clearview AI's claims, the Dutch DPA has affirmed that GDPR applies to the company's practices. Gathering personal information about Dutch citizens without consent and failing to notify users of data collection renders Clearview AI accountable under the regulation. The DPA asserts that individuals in the database have the right to access their data, yet Clearview AI has refused to cooperate with these requests.

In response to Clearview AI's refusal to change its data collection practices despite previous fines in other EU countries, including Italy and Greece, the Dutch DPA vows to take concerted action. In addition to the monetary penalties, the DPA is exploring ways to hold Clearview AI's directors personally responsible for the privacy violations. Wolfsen argues that liability should exist if directors are aware of GDPR violations, possess the authority to stop them, but fail to do so.

As Clearview AI's appeal window has lapsed, the company cannot contest the Dutch DPA's decision. The DPA also confirms that it is actively seeking methods to ensure Clearview AI's compliance beyond financial penalties, including investigating the personal liability of the company's directors for the violations.

The fine imposed on Clearview AI in the Netherlands serves as a powerful message from the Dutch DPA about the importance of protecting individual privacy rights in the face of unchecked and indiscriminate use of facial recognition technology.

Note: This article is written based on the provided information and does not include any additional elements or attribution that may be necessary for a complete and accurate news article.