FB pixel

Researchers find biometric, biographical and location data of thousands of China’s school children unprotected online

Categories Biometrics News  |  Facial Recognition  |  Schools

A database of Chinese school children’s faces and their locations on Alibaba Group Holding Ltd. servers has been found online unprotected.

According to a Wall Street Journal article, the database of thousands of students collected by Safe School Shield, a surveillance system, involved 23 schools in Sichuan province. A Netherlands-based nonprofit, GDI Foundation, which seeks Internet vulnerabilities so they can be fixed, made the discovery.

An unnamed third-party cloud service hosted on Alibaba servers had the files. Along with facial biometrics and location information, the database holds student names as well as the names and mobile telephone numbers of students’ parents.

The article says that the cache — 1.3 million bits of information — has since been secured by Alibaba, however, a criminal could have created an administrative account to retain access after it was secured.

In fact, the data had been gathered over 10 days, and the database was available via search engines used by cybersecurity developers and researchers for about a month.

Chinese residents largely favor the use of facial recognition by the government, saying it makes them safer. A surveillance state has been created in the Xinjiang region, home to 14 million Muslims, a minority in China that government officials would like to see stripped of its cultural independence.

But the Journal quoted a survey by the Nandu Personal Information Protection Research Center that shows 40 percent of respondents feel the potential for leaks was a concern.

That is a relatively mild reaction out of China, which is known for numerous domestic cybercrimes involving the theft and sale of personal information. This might be changing, however.

The article recounts the local social-media unrest raised after it was revealed that a Nanjing school had used face-scanning systems to monitor which students were paying attention.

And last spring, Chinese police put 32 people in jail — after detaining more than 50 — as part of a three-year investigation into the stealing and trading of 39 million bits of personal data.

Those jailed allegedly were part of a nationwide gang trafficking in stolen information, according to the South China Morning Post. Data was gotten from hacking personal computers as well as local government offices.

Measures are being taken in China to better protect private information stored online. In June 2017, the nation enacted the Cyber Security Law, China’s first attempt at comprehensive regulation of data.

It is a complex statute full of standards, guidance and rules, and it is still being interpreted and changed through drafts of various sections. The question is, can a government that so enthusiastically deploys surveillance systems against its own population effectively regulate its semi-private business sector?

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News


The UK’s election may spell out the future of its national ID cards

Identity cards are back among the UK’s top controversial topics – thanks to the upcoming elections and its focus on…


Challenges in face biometrics addressed with new tech and research amid high stakes

Big biometrics contracts and deals were the theme of several of the stories on that drew the most interest from…


Online age verification debates continue in Canada, EU, India

Introducing age verification to protect children online remains a hot topic across the globe: Canada is debating the Online Harms…


Login.gov adds selfie biometrics for May pilot

America’s single-sign on system for government benefits and services, Login.gov, is getting a face biometrics option for enhanced identity verification…


BIPA one step closer to seeing its first major change since 2008 inception

On Thursday, a bipartisan majority in the Illinois Senate approved the first major change to Illinois Biometric Information Privacy Act…


Identity verification industry mulls solutions to flood of synthetic IDs

The advent of AI-powered generators such as OnlyFake, which creates realistic-looking photos of fake IDs for only US$15, has stirred…


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read From This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events