TL;DR: Eyematch.ai, a Singapore-based startup, launched a facial recognition search engine on March 10, 2026. Upload a photo, find every publicly indexed image of that face across the web. The company pitches it as a tool for protecting your privacy: find out where your face appears online. But here’s the problem: anyone can upload anyone’s face. Stalkers. Doxxers. Abusive exes. The company says it offers “opt-out options” but won’t explain how they work. Sound familiar? It should. PimEyes faced enforcement action in Poland. Clearview AI has €100 million in unpaid fines. Now there’s another one.
The Pitch
Eyematch.ai launched with press releases on March 10, 2026 [1]. The marketing sounds reasonable:
“Help users discover where their photos appear online... privacy-focused design, scanning only publicly accessible content.”
The platform uses AI to match facial features, not just identical images, but photos taken at different angles, lighting conditions, or after editing. Upload a face, get results in seconds linking to every website where that face appears.
Subscription options available for “expanded use and monitoring.” What that costs, they don’t say.
Director Aneta Grochowska told press the tool is about “clarity and control over online presence” and emphasized “ethical practices, transparency, and clear communication around limitations” [1].
The Problem
The problem isn’t searching for your own face. The problem is searching for anyone’s face.
There’s nothing stopping:
- A stalker uploading their target’s photo to find all their social accounts
- An abusive ex tracking where someone has been photographed
- Doxxers connecting a face to a name to an address
- Employers running facial searches on job candidates before interviews
- Landlords checking if an applicant appears in photos they don’t like
“But they scan only public content.” That’s the point. You post a photo at a protest. You post a photo at a bar. You post a photo anywhere. Now anyone can search your face and find it.
The “Opt-Out” Mystery
Eyematch.ai says it offers “opt-out options for individuals who do not want their faces indexed” [2].
What it doesn’t say:
- Where the opt-out form is
- How you prove you’re the person in the photos
- How long removal takes
- Whether your face gets removed from their database or just hidden from searches
- Whether removal is permanent or whether you get re-indexed when new photos appear
Privacy advocates have noted this gap. ID Tech Wire reported that Eyematch.ai “has not disclosed which data protection frameworks govern its operations or how opt-out requests are processed and verified” [2].
The company is based in Singapore. Singapore has no comprehensive data protection law covering biometric data in the way GDPR does. If you’re in the EU or a US state with biometric privacy laws (Illinois, Texas, Washington), good luck enforcing your rights against a Singapore entity.
The Company It Keeps
Eyematch.ai enters a market with established players who’ve already shown how this goes wrong:
PimEyes launched as a “personal safety tool.” Then journalists found it being used to identify porn performers, locate abuse victims, and harass women who rejected advances. Poland’s data protection authority opened enforcement proceedings. PimEyes now operates under “personal use restrictions” which are effectively unenforceable [3].
Clearview AI also claimed legitimate uses. Law enforcement! Finding missing children! What actually happened: mass scraping of billions of faces without consent, fines totaling €100 million across Europe (none paid), and multiple wrongful arrests of Black Americans based on facial recognition mismatches [4].
The pattern is consistent. Launch with privacy messaging. Attract users. Let bad actors abuse the tool. Express concern. Change nothing.
What Makes This Different (Not Much)
Eyematch.ai does have one technical distinction from image-matching tools: it analyzes facial features rather than matching exact pixel copies [2]. That means it can find photos of you even if:
- The photo was cropped or edited
- The lighting is different
- You’re photographed from a different angle
- You’ve aged since the photo
More sophisticated matching means fewer hiding places.
The platform also “does not make automated identity statements about people found in results.” Translation: it shows you where a face appears but doesn’t automatically tell you the person’s name. As if clicking through to the source website where the photo appears wouldn’t reveal that immediately.
Who Actually Benefits
The company lists target users: “individuals, content creators, journalists, investigators, and businesses” for “privacy monitoring, reputation management, and online investigation” [2].
That “investigation” use case is doing a lot of work. Investigators can include:
- Private investigators hired by stalkers
- Corporations researching employees without consent
- Governments who can’t legally build their own facial recognition databases
- Random people who want to identify the stranger they photographed on the subway
“Available globally,” the company notes, “though regulatory landscape varies significantly by jurisdiction” [2]. That’s a polite way of saying: some places outlaw this. We operate anyway.
What You Can Do
Honestly? Not much. But here’s what limited options exist:
- Search yourself: If you’re going to be indexed anyway, at least know what’s out there. Use PimEyes free tier or Eyematch.ai to see what turns up.
- Lock down social media: Private accounts won’t be indexed. Photos on public accounts will be.
- Request removal: Good luck, but try. Send removal requests to Eyematch.ai at their contact email ([email protected]). Document everything.
- Check your state laws: If you’re in Illinois, Texas, or Washington, you may have legal recourse under biometric privacy laws, though enforcing them against a Singapore company is another matter.
- Limit new photos: Won’t help for what’s already scraped, but reduces future exposure.
The Bottom Line
Eyematch.ai is not unique. It’s another entry in a growing industry of facial recognition search engines that market privacy protection while enabling privacy destruction.
The pitch is always the same: “Find out where your photos appear!” The reality is always the same: anyone can find out where your photos appear.
We’ve seen this playbook with PimEyes. We’ve seen it with Clearview AI. We’ll see it again. Until there’s federal regulation of facial recognition (which isn’t coming anytime soon) these services will keep launching, keep indexing, and keep enabling exactly the harms they claim to prevent.
Your face is biometric data. It’s not a search query.
References
- Newsfile: Eyematch.ai Launches Facial Recognition Search Platform (March 10, 2026)
- ID Tech Wire: Eyematch.ai Launches Facial Recognition Search for Online Image Discovery (March 2026)
- Reclaim The Net: Privacy Concerns Escalate With Launch of New Facial Search Engine (March 2026)
- State of Surveillance: At Least 8 Wrongful Arrests: Clearview AI’s 2026 Casualty Count