Shanghai cracks down on facial recognition use by businesses

City authorities in China are seeing the first results of its crackdown on the misuse of facial recognition systems by commercial venues.

Local authorities in Shanghai announced it has inspected and rectified the use of facial recognition in more than 600 supermarkets, 6,300 hotels, 1,200 swimming facilities and fitness centers as well as 2,900 public restrooms. The first fine was issued in May after customers made complaints about a facial recognition system used at a swimming pool locker room.

The city has also tightened restrictions on the use of facial recognition in public spaces, calling for reducing the number of data collection terminals and ensuring secure data storage, according to state media outlet Yicai. One exception is public security.

The inspection drive is a result of China’s legislative pushback against the commercial use of the technology. During the past years, the country has seen a proliferation of security cameras in public and private spaces and an increased use of biometric systems by businesses such as hotels. At the same time, news of stolen data and technology misuse have regularly appeared in headlines, heightening public concerns.

In August last year, the Cyber Administration of China issued draft regulations imposing stricter regulations on facial recognition use. The Provisions on Security Management in the Application of Facial Recognition Technology targets commercial venues such as hotels, banks, museums, sports venues and other public facilities. The legislation aligns with the 2021 Personal Information Protection Law (PIPL) that tightened rules for collecting and processing biometric data.

The upcoming rulebook has already affected the hospitality industry which has been abandoning biometric facial scans for guest check-ins. In March, the president of the China Tourism Academy Dai Bin said that the use of the technology has overstepped legal boundaries, citing complaints from tourists.

Meanwhile, China is still struggling to keep online data safe.

Last month, U.S. cybersecurity firm SpyCloud revealed a black market service offering Chinese citizens’ data on messaging platform Telegram. The service allowed customers to buy phone numbers, banking details, hotel and flight records and even location data in exchange for cryptocurrency, Wired reports.

The cybersecurity researchers also found attempts from black market data brokers to recruit public security insiders, opening questions on whether state employees are using China’s huge surveillance apparatus to earn a little money on the side.

Article Topics

biometrics  |  China  |  data privacy  |  data protection  |  facial recognition  |  Shanghai  |  video surveillance