If you run a company in a foreign country, then the laws of that country apply of course. Why should it be different just because they have scraped internet data containing images of Euroepeans? If that's legal in the home country of the business (as it would in, say, America) then its none of the EU's business.
Imagine the reverse, if China was fining European companies for not censoring CCP-offensive terms on the internet. Or America was fining them for dealing with US-blocklisted entities like Iran.
> If that's legal in the home country of the business (as it would in, say, America) then its none of the EU's business.
The data pertain to EU's citizens, that is covered under the GDPR, if your business deal with private data from EU's citizens you are under the GDPR even if you don't operate in the EU (such as the case of Clearview). Of course, without an office/representation in the EU it's impossible for the EU to collect the fines and apply other punishments, still the business will be judged under the terms of the GDPR in the EU.
It's the business of the EU since the data is from EU's citizens. Like I mentioned before, if a business was defrauding people (i.e.: identity theft) in the USA while operating outside of the USA, the American justice system has all the prerogative to defend its citizens rights even if it wasn't possible to stop the operation, collect fines, etc. There would be an investigation, there would be a prosecution and eventual punishment. Depending on how egregious the rights violating behaviour was it could escalate into the international sphere.
It's the same case here, Clearview AI is processing private data from EU's citizens even if outside of the EU it is against EU laws.
> Or America was fining them for dealing with US-blocklisted entities like Iran.
The USA does punish companies outside of the USA for dealing with US-blocklisted entities, how the hell do you think sanctions work? Why do you think most of the world avoid dealing with Iran, North Korea, etc.?
Clearview has been targeted before by other DPAs in the EU [0][1][2][3][4].
I think there is merit to both side of the argument here.
On the one hand, yes, each nation can stick to their lane. Who is to say their rules and culture and regulations are "correct". Undefined. That another nation may well believe themselves to be the correct one. Under that principle it's wrong to go nosing about other nations. The example of CCCChinaCCCP's arm reaching out censorship wise was made here.
On the flipside, the defending of one's nation's citizens against foreign obnoxiousness is well reasonable. For example, if USA did a better job defending against scammers from India, I think we'd all be happier for it. Now, is India right/correct in believing spam calling is a god given human right to be embedded into their own bill of rights? I don't know, but what I do know is US citizens would be happier if US defended there interests here, as the EU is doing for his citizens.
Imagine the reverse, if China was fining European companies for not censoring CCP-offensive terms on the internet. Or America was fining them for dealing with US-blocklisted entities like Iran.