A hot potato: As if there were not enough issues with facial recognition startup Clearview Ai, it seems the company can’t secure the data sufficiently. It also sent a notice to customers, who are mostly law enforcement agencies, saying its entire list of clients has been stolen.
According to The Daily Beast’s memo, an “intruder” has gained “unauthorized access” to a database containing a list of customers, the number of accounts created by those customers, and the number of searches they have conducted. The notification says there was no violation of Clearview’s servers, infrastructure, and networks.
It also said no search history was obtained, nor was the company’s 3 billion image cache scraped from the internet. Clearview said that it patched the vulnerability that allowed access to the intruders.
“Safety is the top priority for Clearview,” Clearview attorney Tor Ekland said. “Unfortunately, data breaches are part of 21st century life. Our servers have never been accessed. We’ve patched the flaw, and we’re still working to strengthen our security.”
After the New York Times reported that Clearview built its database by combing the internet for photos, the facial recognition firm has made waves in the online community with the way it obtains biometric data. Several online platforms have sent a stop to the startup and desist letters demanding a halt to the data scraping of their websites. Google, Facebook, Twitter and others are among the tools the company used for its database to collect images.
Company CEO Ton-That has argued that the company has done nothing unconstitutional and plans to fight the letters of demand in court, citing the First Amendment as evidence.