China’s Cyberspace Administration and Ministry of Public Security has outlawed the use of facial recognition without consent.
The two orgs last Friday published new rules on facial recognition and an explainer that spell out how orgs that want to use facial recognition must first conduct a “personal information protection impact assessment” that considers whether using the tech is necessary, impacts on individuals’ privacy, and risks of data leakage.
Organizations that decide to use facial recognition must data encrypt biometric data, and audit the information security techniques and practices they use to protect facial scans.
Chinese that go through that process and decide they want to use facial recognition can only do so after securing individuals’ consent.
The rules also ban the use of facial recognition equipment in public places such as hotel rooms, public bathrooms, public dressing rooms, and public toilets.
The measures don’t apply to researchers or to what machine translation of the rules describes as “algorithm training activities” – suggesting images of citizens’ faces are fair game when used to train AI models.
The documents linked to above don’t mention whether government agencies are exempt from the new rules. The Register fancies Beijing will keep using facial recognition whenever it wants to as its previously expressed interest in a national identity scheme that uses the tech, and used it to identify members of ethnic minorities.
Source: China bans facial recognition in hotels, bathrooms • The Register
Robin Edgar
Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft