The American Civil Liberties Union (ACLU) is taking Clearview AI to court, claiming the company’s facial surveillance activities violate the Illinois Biometric Information Privacy Act (BIPA) and “represent an unprecedented threat to our security and safety”.
The legal action, brought on by lawyers at the ACLU of Illinois and the law firm Edelson PC, is on behalf of organisations that represent survivors of sexual assault and domestic violence, undocumented immigrants, and other vulnerable communities.
Clearview AI, founded by Australian entrepreneur Hoan Ton-That, provides facial recognition software, marketed primarily at law enforcement.
See also: Data breach exposes Clearview AI client list
The ACLU said not stopping Clearview AI would “end privacy as we know it”.
“Face recognition technology offers a surveillance capability unlike any other technology in the past. It makes it dangerously easy to identify and track us at protests, AA meetings, counselling sessions, political rallies, religious gatherings, and more,” the ACLU wrote in a blog post.
“For our clients — organisations that serve survivors of domestic violence and sexual assault, undocumented immigrants, and people of colour — this surveillance system is dangerous and even life-threatening. It empowers abusive ex-partners and serial harassers, exploitative companies, and ICE agents to track and target domestic violence and sexual assault survivors, undocumented immigrants, and other vulnerable communities.”
In its complaint, ACLU is seeking to put a stop to Clearview AI’s alleged “unlawful surreptitious capture and storage of millions of Illinoisans’ sensitive biometric identifiers”. It has also requested for a court order to compel Clearview to delete faceprints gathered from Illinois residents without consent, and to stop capturing new faceprints unless it complies with Illinois law.
The union said the company’s actions violate BIPA, which requires companies that collect, capture, or obtain an Illinois resident’s biometric identifier to first notify that individual and obtain their written consent.
“Clearview’s practices are exactly the threat to privacy that the legislature intended to address, and demonstrate why states across the country should adopt legal protections like the ones in Illinois,” ACLU wrote.
“Clearview has violated and continues to violate the BIPA rights of Plaintiffs’ members, clients, and program participants and other Illinois residents at staggering scale.”
The ACLU alleges that by using face recognition technology, Clearview has captured more than 3 billion faceprints from images available online, all without the knowledge or consent of those pictured.
“Clearview claims that, through this enormous database, it can instantaneously identify the subject of a photograph with unprecedented accuracy, enabling covert and remote surveillance of Americans on a massive scale,” it said. “This technology is so dangerous, in fact, that this little-known startup ‘might end privacy as we know it’.”
The ACLU said that Clearview has “created the nightmare scenario that we’ve long feared, and has crossed the ethical bounds that many companies have refused to even attempt” and accused the company of building a mass database of billions of faceprints without knowledge or consent.
“Neither the United States government nor any American company is known to have ever compiled such a massive trove of biometrics,” it wrote.
“Adding fuel to the fire, Clearview sells access to a smartphone app that allows its customers — and even those using the app on a trial basis — to upload a photo of an unknown person and instantaneously receive a set of matching photos.”
Clearview AI was in January exposed in a New York Times report of selling access to “faceprints” and facial recognition software to law enforcement agencies across the United States. The startup claimed it could identify a person based on a single photo, revealing their real name, general location, and other identifiers.
A separate class action in New York was filed in January against Clearview AI.
Meanwhile, Facebook earlier this year agreed to pay $550 million to settle claims in Illinois for violating BIPA..