PARIS Reuters - France's data privacy watchdog CNIL has ordered Clearview AI, a facial recognition company that has collected 10 billion images worldwide, to stop amassing and using data from people based in the country.
The CNIL stressed on Thursday that Clearview's collection of publicly available facial images on social media and the Internet had no legal basis and breached European Union rules on data privacy.
The software company, which is used as a search engine to help law enforcement and intelligence agencies in their investigations, did not ask for the consent of those whose images it collected online, according to the regulators.
Biometric data is particularly sensitive because they are linked to our physical identity, and allow us to be identified in a unique way, the authority said in a statement.
It said that the New York-based firm did not give the people proper access to their data, limiting access to twice a year, without justification, and limiting access to data racked up during the 12 months before any request.
Clearview didn't reply immediately to a request for comment.
The EU law allows citizens to request the removal of their personal data from a privately owned database. The CNIL said Clearview had two months to abide by its demands or it could face a sanction.
One of the complaints was made by the advocacy group Privacy International. It follows a similar order made by its Australian peer, which told Clearview to stop collecting images from websites and destroying data collected in the country.
The U.K. Information Commissioner's Office, who worked with the Australians on the Clearview investigation, also said last month it intended to fine Clearview 17 million pounds $22.59 million for alleged breaches of data protection law.