Some items on our site have recently moved. Visit our News Hub for selected articles, special reports, podcasts and other resources.
Clearview invokes Section 230 legal shield for social media companies in fighting Vermont suit
21 May 2020 00:00 by Amy Miller
Clearview AI is invoking a legal shield used by social media companies hoping to defeat Vermont’s lawsuit alleging that the company illegally collected and stored residents’ photos to build a facial-recognition database without their permission.
The company’s facial-recognition search engine is an interactive computer service, just like any social media company that’s protected from legal liability for the content its users post, the company argues.
Vermont is “targeting Clearview for performing the exact same functions as corporations like Google and Microsoft,” Clearview attorney Tor Ekeland* wrote in opposition to Vermont’s request for a preliminary injunction filed in April.
But Vermont counters that Section 230 of the Communications Decency Act does not stop Clearview from being sued for its surreptitious "scraping” of billions of photos from social media companies.
Section 230 curtails Internet companies’ legal liability for the content users post on their platforms, because under the law, they aren't considered the publisher or speaker of third-party content.
Clearview is entitled to Section 230 immunity because its public photo search engine is an interactive computer service that uses third-party content, the company argued. Multiple users can access Clearview's servers “like other search engines hosting online message boards, gossip sites, or online marketplaces,” Clearview argued, and courts have “routinely” granted immunity to search engines under Section 230.
Vermont’s claims would treat Clearview as the publisher of the information, which it is not, Clearview said, because it did not create the photos. It republished them, as the result of its search engine algorithm, “which in this instance happens to be a biometric facial algorithm,” Clearview said.
“The underlying technology does not transform Clearview into an internet content provider that would be ineligible for CDA immunity,” Clearview said.
Vermont counters that Clearview may be an interactive computer service, but Section 230 doesn't confer the kind of broad immunity that Clearview claims. And it doesn't apply to the practices at issue in the case, Vermont said in opposing Clearview's motion.
The technology Clearview uses has existed for more than a decade, but no American company was willing to use it “because they recognized that to do so would be unconscionable,” Assistant District Attorney Ryan Kriger wrote.
Section 230 requires that the information at issue be provided by the third-party, and the photos weren't provided to Clearview, they were scraped, Kriger said. The biometric fingerprints at issue in the case, in fact, were created by Clearview through its facial-recognition algorithms, he said.
Clearview’s argument that its photo search engine is protected by Section 230 is also wrong, Vermont argued. The Clearview software app that’s used to identify people is not a search engine as the term is generally understood, and it is not a search engine like Google or Bing, Kriger said.
“Clearview’s App does something that no other company operating in the United States, including search engine companies, has ever done,” Kriger said. “In fact, search engine companies that are capable of creating a product like Clearview’s refused to do so for ethical reasons.”
Even if it were a search engine, there is no “search engine immunity” under Section 230, he said.
Vermont’s claims also do not rely on Clearview being the publisher or speaker of the information at issue, as Clearview argues, Kriger said. The photographs themselves do not give rise to any of these claims.
Vermont's claims are for unfairness, deception, and fraudulent acquisition of data “in a manner meant to violate privacy and infringe civil rights,” Kriger said, and for “providing access to the database to whomever wanted it without concern for the safety or rights of the public.”
*Corrected on May 23, 2020 at 14:34 GMT: Corrects spelling of Ekeland's name
24 June 2022 06:27 by Laurel HenningStanding between insurers and the unimpeded use of data collected by a smart watch is industry regulation
23 June 2022 15:37 by Sam ClarkEU-based websites mustn't use Google Analytics because of rules against transferring personal data to the US, the Italian privacy watchdog ruled.