China’s biometric data protection push prompts hospitality industry changes

China’s hotel industry is backing off from facial recognition “overuse” as the country’s authorities put more emphasis on protecting biometric data privacy.

Hilton, Marriott and H World are some of the hotel chains in Shanghai that have already discontinued the practice of scanning their guests’ face biometrics during check-in, Yicai Global reports.

China has been making a legislative pushback against commercial use of the technology and hotels and leisure have been among the first industries in line. The pause in using facial recognition technology for hotel guest verification comes after the country’s top tourism official called the hospitality industry to prioritize the privacy of travelers. In March, president of the China Tourism Academy Dai Bin said that the sector’s use of the technology has overshot legal boundaries for purposeful use, citing complaints from tourists.

Public complaints over privacy violations have also been recorded in banking, transportation, logistics, IT and other areas.

In August, the country’s cyberspace regulator issued draft regulations addressing biometrics use by businesses. According to the draft rulebook titled “Provisions on the Security Management of FRT Application” and devised by the Cyberspace Administration of China (CAC), facial recognition technology can only be used to process facial information when there is a specific purpose and sufficient necessity. Strict protective measures must be employed.

The CAC draft rules are backed by China’s landmark law on data privacy, the Personal Information Protection Law (PIPL) which was brought in 2021. Under the law, business operators are required to protect consumers’ personal information with fines for companies reaching up to 50 million yuan (US$6.9 million), or 5 percent of last year’s annual revenue.

PIPL also opens the options for prosecutors to initiate civil public interest litigation with more than 160 cases brought during 2023.

Article Topics

biometric data  |  biometrics  |  China  |  Cyberspace Administration of China (CAC)  |  data privacy  |  facial recognition  |  hospitality  |  Personal Information Protection Law (PIPL)