Clearview AI, known for its persistent view that privacy laws don’t apply to them, has raised its impertinence to a new level ignoring France’s regulator, CNIL, altogether. CNIL, which deemed Clearview in violation of GDPR and ordered it to stop processing French citizen data, responded by imposing its maximum fine of €20 million. This follows €20 million fines each from Italy and Greece against Clearview, and a lesser amount from the UK. Problem is that regulators' limited legal resources make it difficult to enforce these. But that may change once plans for the EU bloc’s AI Act moves forward.

Data privacy company Compliant has published, “2022 Data Privacy: The Compliance Illusion,” a white paper resulting from an audit of 500+ EU and US advertiser- and publisher-owned websites in which they found the majority unwittingly acquire data without appropriate consent. This is true even when companies employ a Consent Management Platform (CMP). For example, of 92% of EU publishers surveyed that operate a CMP, 81% were found to pass user data on to third parties before consent was obtained.