Use of Clearview AI in Sweden

From Security Vision
Jump to: navigation, search
Use of Clearview AI in Sweden
Excluded from graph
Deployment Status Unknown
Deployment Start Date
Deployment End Date
Events * uses Record type Property:Has event

Start (31 October 2019, Documented, ?, No description)

City Stockholm
Country Sweden
Involved Entities Swedish Authority for Privacy Protection (IMY)
Keywords
Technology Deployed Clearview AI (Software)
Information Certainty
Primary sources
Datasets Used
Deployment Type
runs search software
managed by Swedish Police Authority
used by Swedish Police Authority
Potentially used by
Information Certainty 0
Summary 0

Graph View ↗︎


Summary
0



Location:
CityStockholm
Country Sweden
Loading map...


Description[edit | ]

Description[edit | ]

The Swedish Authority for Privacy Protection finds that the Swedish Police Authority has processed personal data in breach of the Swedish Criminal Data Act when using Clearview AI to identify individuals.

Upon news in the media of the Swedish Police Authority using the application Clearview AI for facial recognition the Swedish Authority for Privacy Protection (IMY) initiated an investigation against the Police.

The investigation concludes that Clearview AI has been used by the Police on a number of occasions. According to the Police a few employees have used the application without any prior authorisation.

IMY concludes that the Police has not fulfilled its obligations as a data controller on a number of accounts with regards to the use of Clearview AI. The Police has failed to implement sufficient organisational measures to ensure and be able to demonstrate that the processing of personal data in this case has been carried out in compliance with the Criminal Data Act. When using Clearview AI the Police has unlawfully processed biometric data for facial recognition as well as having failed to conduct a data protection impact assessment which this case of processing would require.

There are clearly defined rules and regulations on how the Police Authority may process personal data, especially for law enforcement purposes. It is the responsibility of the Police to ensure that employees are aware of those rules, says Elena Mazzotti Pallard, legal advisor at IMY.

IMY imposes an administrative fine of SEK 2,500,000 (approximately EUR 250,000) on the Police Authority for infringements of the Criminal Data Act. IMY also orders the Police to conduct further training and education of its employees in order to avoid any future processing of personal data in breach of data protection rules and regulations.

In addition, the Police are ordered to inform the data subjects, whose data has been disclosed to Clearview AI, when confidentiality rules so allows. Finally, the Police are ordered to ensure, to the extent possible, that any personal data transferred to Clearview AI is erased. 1

References

  1. ^  |  "Swedish DPA: Police unlawfully used facial recognition app". (2021) <https://edpb.europa.eu/news/national-news/2021/swedish-dpa-police-unlawfully-used-facial-recognition-app_el> Accessed: 2021-02-22

Retrieved from "https://www.securityvision.io/wiki/index.php?title=Use_of_Clearview_AI_in_Sweden&oldid=27571"