Clearview AI

Clearview AI, a controversial facial recognition company, suffered a data breach exposing its client list, revealing secret usage by Australian law enforcement agencies. The OAIC subsequently found the company breached Australian privacy laws.

What Happened

In February 2020, an unauthorised party gained access to Clearview AI's customer database, exposing the company's entire client list including law enforcement agencies, government departments, and private companies. The breach revealed that numerous Australian police forces had been secretly using Clearview AI's facial recognition technology.

Leaked documents showed Australian federal and state police forces had conducted searches using the platform, which scraped billions of images from social media and other public websites without consent. The breach exposed not only customer information but also the extent of facial recognition surveillance being conducted in Australia without public knowledge.

Impact on Individuals

The breach raised significant privacy concerns about mass surveillance and the use of facial recognition technology by Australian authorities without transparency or legislative framework. While the breach itself exposed limited personal data, it revealed that millions of Australians' facial images had been collected without consent.

Organisational Response

Following the breach and public outcry, the Office of the Australian Information Commissioner (OAIC) launched an investigation into Clearview AI's practices. In November 2021, the OAIC found Clearview AI seriously interfered with the privacy of Australians and breached multiple Australian Privacy Principles. The Commissioner ordered Clearview AI to cease collecting Australian facial images and to destroy existing images and biometric templates of Australians.