Expert commentary: Professor Andrew Charlesworth on news of facial recognition company data breach

Press release issued: 13 March 2020

The Law School's Professor Andrew Charlesworth provided expert commentary in an article in the New Statesman reporting on the recent hacking of sensitive information held by a facial recognition company, Clearview AI.

Clearview AI, whose scraping of billions of ‘open source’ images from social media and work in partnership with law enforcement agencies has caused controversy, announced that someone with unauthorised access hacked the company’s sensitive information, including its client list.

Speaking to NS Tech, Professor of Law, Innovation and Society Andrew Charlesworth said:

“It’s unsurprising that they have been the target of attempts to compromise their security, as the data that appears to have been accessed would be both commercially valuable and also valuable in the ongoing PR battle over the legitimacy of the use of facial recognition technology.

“There are thus various possibilities as to attackers: someone who wants to hold the information to ransom, someone who wants to market the information to potential competitors of Clearview AI, or someone who wants to release the information to focus public attention on Clearview AI’s activities and clients.

“If the motive is one of the first two options then it may be that the data never sees the light of day. If the third option, then the data is likely to be released at some point either via social media, via selected press or civil society groups, or via an entity such as Wikileaks.

“It was interesting that Clearview AI have been at pains to deny that there was a hack of their systems, and that the compromise is described in terms of an unauthorised access resulting from a flaw. That might suggest an opportunistic insider compromise.”

To read the full article by Laurie Clarke visit the New Statesman Tech website: 'Clearview AI hack is sweet irony for privacy advocates'.

Further information

Andrew Charlesworth is Professor of Law, Innovation and Society at the University of Bristol. His research runs across a number of legal subject areas including, but not limited to, information technology law, intellectual property law, e-commerce law, public law, and socio-legal studies. He is interested in the role of the law in determining the access to, use of, and controls over all kinds of information; whether the information is software source code, personal data, information collected for research, or data held by public authorities.

The Centre for Global Law and Innovation (CGLI) brings together expertise in international trade law, innovation law, intellectual property law and digital economies to promote thought leadership on the legal challenges posed by digital economies and global trade.