Clearview AI, the high-profile and controversial facial recognition company, has admitted that its entire client list has been stolen.
The New York-based startup has reportedly compiled a database of over three billion photos, scraped from public social media pages on Facebook, Instagram and YouTube. It then uses artificial intelligence to help law enforcement agencies match photos of unknown faces with the images stored in its vast database.
- San Francisco is first US city to ban government use of facial recognition tech
- Oakland bans police use of facial recognition
- It's time to get used to cameras watching us in our cars
Scraping billions of images from users' profiles promoted cease-and-desist requests from Facebook, Google and Twitter. Earlier this month, Canadian authorities launched an investigation into Clearview to determine whether its use of facial ID tech complies with national privacy laws.
Smart Indoor Security Camera - Netatmo Welcome
Now, Clearview AI has contacted its clients to say an intruder "gained unauthorized access" to its entire list of customers, reports The Daily Beast. The intruder also gained access to the number of user accounts each customer had set up, and to the number of times each customer searched Clearview's database. But the company claims the intruder did not view the image database itself.
In the note sent to customers, Clearview said there was no compromise of its systems or network, and that the vulnerability which led to the client list being stolen has now been patched. But the company will not offer any further information about what was compromised, including images.
Clearview AI violated Facebook's terms of service by downloading huge quantities of photos from the publicly-accessible profile pages of Facebook users, according to The New York Times.
London's Metropolitan Police Department announced in January it would begin using Clearview AI's surveillance technology, prompting widespread concern over how facial recognition systems could be used to violate the public's right to privacy.
Clearview's database of over three billion images reportedly also came from YouTube, which is owned by Google, and Venmo, which is owned by PayPal, and that Clearview's services drew the attention of hundreds of law enforcement agencies, including the Federal Bureau of Investigations (FBI) and the Department of Homeland Security.
"Security is Clearview's top priority," Tor Ekeland, Clearview's attorney told The Daily Beast. "Unfortunately, data breaches are a part of life in the 21st century. Our servers were never accessed. We patched the flaw, and continue to work to strengthen our security."
Fears over how facial recognition systems could be used are widespread. In May 2019, San Francisco became the first US city to ban the use of facial recognition technology by the government. That move was quickly followed by adoptions in Somerville, Massachusetts and in Oakland, California.However, an amendment to San Francisco's ban was rolled out in December 2019, as the overall ban made the use of iPhones, and its use of the Face ID system by government employees, technically a crime. That change to the ban demonstrated how broad facial recognition technology already is in the world, and how regulating this technology is growing increasingly difficult.
Night Owl Security 2 Pack Add-On 1080P Wired Bullet Cameras, Black (CAM-2PK-HDA10B-BU)