
Opt out of Clearview.ai - himynameisdave
https://clearview.ai/privacy/requests
======
6gvONxR4sf7o
As a California or EU resident, shouldn't it be illegal for it to be opt-out?

(edit: on further reading it looks like GDPR requires opt in, while CCPA seems
to only require opt in for people younger than 16, and requires opt-out for
people 16 or older, which is some bullshit)

Regardless, I should be able to say "I'm opting out" and the onus should be on
them to figure out how to do it, rather than me submitting enough pictures for
them to recognize and exclude me from their crawler. This seems against even
CCPA.

(another edit since this pisses me off so much: The page linked says
"Alternatively, you can email: privacy-requests@clearview.ai" so I'm just
going to email them to tell them I opt out. They can figure out how to comply
with my opt out)

~~~
stiray
There is a slight problem (i am not sure if this is valid case, just thinking
loud), if the data were gathered from public sources like fb, they might argue
that those data are public.

~~~
bosie
What part of fb is considered a 'public source'?

~~~
Nextgrid
If you make your profile available publicly then I'd argue it is indeed
public. As far as I'm aware, Clearview doesn't have a relationship with
Facebook to access non-public data and instead they just operate a web crawler
storing anything that's being served without requiring auth.

~~~
kennywinker
An image at the top of a news article on cnn.com is "public" in the sense that
anyone can access it. But the company and the photographer still retain rights
to that image - you can't take it and use it for whatever you like.

~~~
stiray
What is confusing here is that everyone imagines that clearview (and google,
and fb, ...) are really storing those pictures. In reallity they just train
their ai. There is no trace of that picture on their servers once you delete
it. But ai is capable of recognizing you, in case of clearview from picture.
In case of google and fb from your picture, browsing habits, contacts, gps
coordinates, your friends, semantics of your texts, ... The only difference is
that google and fb are not so stupid to advertise this. But capability is
there.

~~~
kennywinker
from a copyright perspective, is it possible a trained ai is derivative work?

------
newscracker
Should every person start keeping a list of all privacy intrusions and then
opt out? That’s never going to work out due to user fatigue, which is what all
these opt out platforms depend on (that nobody will go through the trouble of
doing it).

(Not exactly the same) Just like Facebook announced a few years ago asking
users to send it nude photos just so it could take down nude photos of that
person, this also is ripe for abuse. It’s a matter of when, not if, they opt
out information also leaks.

~~~
diebeforei485
I know the media attacked Facebook for that announcement, but everything I can
gather suggests that it was just meant to give victims more control and didn't
have any nefarious motives (unlike other 'features' offered by Facebook).

[https://twitter.com/alexstamos/status/1249202002875297792?s=...](https://twitter.com/alexstamos/status/1249202002875297792?s=21)

~~~
JustSomeNobody
Consider the absurdity of the request. Send us a nude so we can play a better
game of whack a mole. Also, consider the mental state of the person being
asked to submit such a photo.

I mean good grief.

And this is before we even get into the fact that we’re talking about
Facebook.

------
buildbot
For anyone with more legal knowledge than I have, how does scraping and
processing social media and other image sources deal with copyright license,
especially ones forbidding commercial use.

I feel like there's a meaningful legal difference between a totally public,
open to be downloaded image of you from the internet, even storing it forever,
and then using that in a product.

It would be like taking something with a GPL license - totally legit to
download and use and modify and repost, with the original license/copyright
attached - and using it in a closed source commercial product.

~~~
coopsmgoops
I've been wondering the same thing. The photo either belongs to the user or to
Facebook, just because it's viewable on the site doesn't give Clearview the
right to use it. It must be a violation of the terms of service and I'm
surprised we haven't heard anything from Facebook about it.

~~~
buildbot
They say they scraped the open web - so for example this would include many of
our personal sites, many of which have profile pictures. For myself, I took
the picture on my site, and it's under a: Attribution, NonCommercial,
NoDerivatives CC license. I'd argue that

1\. Using my/anyone's profile picture in an AI system for profit is commercial
use. 2\. A neural network is a derivative work of all images used to train
that network.

~~~
cmendel
So on point 1 I agree with you. I think point 2 is pretty iffy though. Unless
there has been some recent legal proceeding that I am unaware of, point 2
isn't true.

~~~
buildbot
Oh yeah, I'm not sure either are true legally as I'm not a lawyer - just my
opinion.

The reasoning I follow for point 2 is: That if a neural network is not
derivative of its inputs, and given a sufficiently large gan, you could
"launder" inputs into copy-write free outputs. That's also not been done as
far as I know, but I know it's starting to be an issue in NLP.

------
concernedCity
There's something very wrong about some random company being able to collect
lots of data about you where the only way to stop it is to _somehow_ know
about the company and opt out _after_ it collects that data.

~~~
NegativeLatency
Feels pretty bad.

I suspect things will have to get worse before they get better. But then again
we have the 3 big credit reporting agencies, and they don't seem to be going
anywhere.

------
Rafuino
I made a request for data access on February 12, and I still haven't heard a
word from these asshats. Don't hold your breath on them actually honoring the
request. I realllllly can't wait for CCPA enforcement to start this summer,
though I know privacy invasive tech companies are lobbying to have enforcement
delayed.

------
bostik
This page should not be even needed. Having your data be in something like
this should be _opt-in_.

------
jennyyang
Is there a way to "poison" the results of Clearview by adding images of
yourself over a short period time that distort your features?

------
bla3
Given their justification for their product, I wonder what they'd think of
someone crawling images on the web and sending automated opt-outs for all
crawled images that contain a face...

------
cgb223
For those of us that aren’t familiar, what exactly is Clearview.ai?

~~~
stonogo
A startup: Face classification and person tracking via photo scraping social
media, as a service, offered to law enforcement agencies, and they keep
getting hacked.

~~~
cgb223
If they keep scraping does that mean I have to keep opting out?

~~~
alteria
Correct me if I'm wrong, but if you opt-out, they agree to stop adding to
stuff they can identify as yours.

That doesn't stop another company from doing the same. And that's the problem.
There are so many companies that we don't know about.

------
time0ut
Could I just say I'm a resident of CA or the EU? Clearview supposedly doesn't
have any info other than public images, so how would they know the difference?

~~~
klmadfejno
I also wonder this. Further, what if you built a bot that simply scraped
photos of people and submitted all of them to Clearview? Are they legally able
to refuse ANY of the submissions?

------
throwaway55554
Why TF should the burden be on _me_? So tired of this. Everything should be
opt-in. You don't have permission unless I explicitly give it to you!

~~~
kick
Permission isn't needed; fascists don't ask for consent.

If it really riles you up, which it should, you should go and pressure your
legislators into creating legislation that prevents them from doing what
they're doing.

~~~
rendx
This is already the case with GDPR, which is clearly ignored here since plenty
of people from GDPR regions seem to be affected.

------
annoyingnoob
An opt-out that requires you to give them exactly what they want and requires
them to keep it is crap. Its not 'opt-out' its 'make less available'.

The Ad Choices opt-out is the same thing - better not delete your cookies if
you want to 'opt-out' \- total BS.

Scumbag authoritarians.

------
pjs_
Please self-identify as a deviant by filling out this form...

------
jbverschoor
lol I dunno if I wanna send "a clear photo of you"

~~~
fyp
Use a profile picture that's already public and have been crawled a bajillion
times. E.g.
[https://twitter.com/jbverschoor/photo](https://twitter.com/jbverschoor/photo)

~~~
waihtis
The next request is your government-issued ID :-)

~~~
GordonS
I'm not sure if you're joking, but I've seen some companies actually asking
you to send a passport or driving licence copy.

~~~
rendx
Not a joke.

------
api
Knowing what I know about the sketch factor of this company I am reluctant to
interact with them in any way, as this would just give them more data.

------
hellcow
I filled this out weeks ago... never got any response.

~~~
enahs-sf
I'm mildly terrified that it's going into another training data set somewhere.

~~~
bonestamp2
Agreed. Depending on which option you choose, this could further improve their
model. For example, they could use it to confirm your identity and improve
recognition of you. Even if they never disclosed your id, they could use it
reject subjects that would otherwise have a possibility of being you.

------
time0ut
Their opt out system is driven by typeform.com. I'm not familiar with this
service, but it seems to have caps of at most 10k opt out requests per month
and 4GB of uploaded images. They might be on an enterprise contract with
different caps though. I know one way to find out...

Are there legal implications if you cannot submit an opt out request because
of their technical choices?

------
zbjornson
If you both opt-out and request data deletion, how do they keep you opt'ed-
out? That seems impossible for them to comply with.

------
sebastien_bois
> "This tool will not remove URLs from Clearview which are currently active
> and public. If there is a public image or web page that you want excluded,
> then take it down yourself (or ask the webmaster or publisher to take it
> down). After it is down, submit the link here."

Not much of an "opt-out".

------
throwaway837373
I have a better idea - how about instead of giving them even more identifying
information, we file a class action lawsuit instead?

------
lux
No option for people outside those regions?

~~~
bravoetch
The current law in a few areas allows them to collect all your data, then
offer you to opt-out. There's no requirement for them to not collect private
data, and there's no requirement most places for them to offer you an opt-out.

My question is how do we get people to stop working for places like clearview
and google and facebook that all work against the public good?

~~~
lux
You're totally right. The sky-high salaries + options + bonuses make it a hard
sell to get devs to follow their values in choosing employers. I just found it
telling how grudgingly this complies with the law, but you could say privacy
violation is their core service so obviously they need to protect that.

------
sixstringtheory
> There's no point acting all surprised about it; the plans and demolition
> orders have been on display at your local planning department in Alpha
> Centauri for fifty of your earth years. If you can't be bothered to take an
> interest in local affairs, that's your own lookout.

------
polymorph1sm
"Your request cannot be accepted because that link is still public." got this
message when trying to deindex my image.

Sadly for general public (the rest of the world), you can only "opt out" if
your image source was removed.

------
hoppla
I would like to exercise my rights under GDPR, but are not allowed. Why is
Norway excluded from the GFPR form? They only accept EU/UK/Switzerland

------
jcahill
Business logic fades. Being on the list of companies that pulled this shit is
forever, plus or minus an asteroid impact or two.

------
tozeur
Just submitted. Curious to see what they have

~~~
antidaily
does it show you that info?

------
lootsauce
My massive level of cynicism on this subject makes things like this seem
completely unsurprising. I generally feel that the Binney and Snowden
revelations served to normalize knowledge of being systematically monitored by
big brother. This common knowledge of being watched is absolutely necessary
for a surveillance state to function as intended. The gold mine of private
data made available to them via National Security Letters and other such
mandates to provide access. Surveillance capitalism is not really about
capitalism at all but thats just my cynical side again.

------
oefrha
What if I'm a former California resident? Does the law say they have to delete
photos of me taken in California?

~~~
irscott
My guess is that if you no longer live in CA you're no longer covered under
the CCPA so no. It's about residence, not where the photos were taken.

------
tiny_epoch
Presuming one follows through on this, how can I trust that I am in fact
opted-out?

------
hoschicz
Is there a deadline for them to reply to my Data Access Request Form?

~~~
rendx
At least under GDPR, yes:

"If your company receives a request from an individual who wants to exercise
their rights, you should respond to this request without undue delay and in
any case within 1 month of receiving the request. This response time may be
extended by 2 months for complex or multiple requests, as long as the
individual is informed about the extension. Requests should be dealt with free
of charge. If a request is rejected, then you must inform the individual of
the reasons for doing so and of their right to file a complaint with the Data
Protection Authority."

[https://europa.eu/youreurope/business/dealing-with-
customers...](https://europa.eu/youreurope/business/dealing-with-
customers/data-protection/data-protection-gdpr/index_en.htm#shortcut-9)

It's directly in the GDPR itself, which everyone should take them time and
read in full anyway. It's not very complex. And I mean everyone, including
people from non-GDPR countries!

[https://gdpr-info.eu/art-12-gdpr/](https://gdpr-info.eu/art-12-gdpr/) Article
12, Paragraph 3

------
praveenhm
To opt-out you need to upload a clear photo, this is more rishy..

------
dariusj18
Does doing this put you on a list?

------
irscott
If you're not covered under CCPA or GDPR (most of the world) then you're just
shit outta luck. Cool.

