PimEyes: Facial Recognition Available to Anyone Online
How PimEyes offers facial recognition search to the general public, allowing anyone to upload a photo and find where that face appears across the internet, enabling stalking and harassment.
Unlock Full Privacy Intelligence
Get deep-dive reports on every company that touches your data. SeekerPro members see breach timelines, DSAR success rate...
Learn MoreAudit Your Site Free
Run a full privacy and compliance audit on any website in 60 seconds. NexusBro scans cookie consent, tracker behavior, a...
Learn MoreAutomate Privacy Compliance
Stop wasting hours on manual DSAR filings and cookie consent management. BliniBot handles the busywork so your team can ...
Learn MoreKey Findings
- #1Publicly available facial recognition with no meaningful identity verification
- #2Used by stalkers and abusive partners to identify and locate victims per NYT
- #3Indexes billions of faces scraped from publicly accessible web pages
- #4Poland DPA fined PimEyes for GDPR violations in 2022
- #5Self-search restriction unenforceable — any photo can be uploaded
Investigation Details
PimEyes operates a publicly available facial recognition search engine that allows anyone to upload a photo of a face and find matching images across the internet. According to a 2022 New York Times investigation, the service was used by stalkers to identify and locate victims, by abusive partners to track ex-spouses, and by individuals to unmask anonymous adults in compromising situations. PimEyes claims to only allow users to search for their own face, but the enforcement mechanism is minimal — any photo can be uploaded with no verification. The service reportedly indexes billions of faces from publicly accessible web pages. Poland's data protection authority fined PimEyes in 2022 for GDPR violations, and multiple privacy regulators have investigated the service.
pimeyes has been the subject of increasing scrutiny over its facial recognition use practices. Privacy researchers and regulatory bodies across multiple jurisdictions have documented concerns about how the company handles user data, particularly regarding consent, transparency, and data minimization principles. The findings suggest a pattern of prioritizing business metrics over user privacy, a trend observed across the broader technology industry. Users affected by these practices have limited recourse without proactive intervention such as filing formal complaints with data protection authorities or submitting DSAR requests.
Regulatory responses have varied significantly. European data protection authorities have been more aggressive in enforcement under GDPR, while US enforcement remains fragmented across state-level privacy laws. The investigation highlights the need for stronger federal privacy legislation and more transparent corporate data practices. Affected users should consider reviewing their privacy settings, submitting data deletion requests, and exploring privacy-preserving alternatives recommended by independent researchers.
Related Scandals
Take Action
Protect Your Data Across Every Platform
Tools trusted by thousands of privacy-conscious users worldwide
No card charged today. Cancel anytime.
Frequently Asked Questions
What data does pimeyes collect?
Our investigation reveals pimeyes engages in facial recognition use. How PimEyes offers facial recognition search to the general public, allowing anyone to upload a photo and find where that face appears across the internet, enabling stalking and harassment.
Is pimeyes's facial recognition use legal?
The legality of pimeyes's practices varies by jurisdiction. Under GDPR, companies must have a lawful basis for data processing. Under CCPA, California residents can opt out of data sales.
How can I protect myself from pimeyes?
You can submit a data subject access request (DSAR) to pimeyes, opt out of data collection through their privacy settings, or use privacy-preserving alternatives.