A hot potato: As if facial recognition startup Clearview Ai did not have enough problems, it seems the company cannot sufficiently secure its data. It recently sent out a notice to customers, which are primarily law enforcement agencies, saying that its entire client list was stolen.
According to the memo obtained by The Daily Beast, an "intruder" gained "unauthorized access" to a database containing a list of customers, the number of accounts those clients had created, and the number of searches they had performed. The notice claims that Clearview's servers, systems, and networks were not breached.
It also said that no search histories were obtained nor was the company's cache of three billion images scraped from the internet. Clearview said it patched the vulnerability that allowed the intruder access.
"Security is Clearview's top priority," said Clearview attorney Tor Ekland. "Unfortunately, data breaches are part of life in the 21st century. Our servers were never accessed. We patched the flaw, and continue to work to strengthen our security."
The facial recognition company has made waves in the online community with the way it obtains biometric data after the New York Times reported that Clearview built its database by combing the internet for photos. Several online platforms sent the startup cease and desist letters demanding a halt to the scraping of their websites for data. Google, Facebook, Twitter, and others are among the sources that the company used to gather images for its database.
Company CEO Ton-That has maintained that the company has done nothing illegal and plans to contest the demand letters in court, citing the First Amendment as justification.
Image credit: The New York Times