64d415c7a310352610ba6cf2.jpg

A visitor tries 3D facial recognition tech on Tuesday at the Light of Internet Expo of the sixth World Internet Conference in Wuzhen, Zhejiang province. [Photo by Zhu Xingxin/China Daily]

China's cyberspace authorities published a draft regulation for management of facial recognition technology on Tuesday to solicit public opinion, which serves like a curtain-raiser for governance of the facial recognition system.

Although the technology will improve efficiency and convenience, it brings with it deep security risks. The draft regulation is aimed at improving standardized application and compliance of facial recognition technology in order to effectively protect personal information and property rights, and maintain social order and public safety.

The draft requires that while using the technology, entities abide by laws and regulations, follow public order and social ethics, fulfill personal information protection obligations and not use it to engage in prohibited activities that endanger national security, harm public interests, disrupt social order, and infringe on the legitimate rights and interests of individuals and organizations. It is like drawing a redline for facial recognition technology application.

Given that the technology is prone to abuse, the draft makes clear that the technology to process facial information can be used only when there is a specific purpose and necessity, and strict protection measures are in place.

It also says that when other non-biometric identification technology solutions that can achieve the same purpose are available, they should be preferred over facial recognition technology application.

The draft law also focuses on building a process governance framework for the application of facial recognition technology. From equipment installation to image collection, from the processing and storage of data to the provision and deletion of data, from the responsibility and obligation of the user of facial recognition technology to the product or service provider, it all strives to achieve compliance application of all elements.

The draft also pays attention to the introduction of a special mechanism for facial recognition technology application, stipulating that users of the technology should conduct an impact assessment of personal information protection in advance. Those using the technology at public places, or storing facial information of more than 10,000 people, are also required to file with local cyberspace authorities within 30 working days. All these reflect how the regulatory authorities are trying to minimize security risks in the application of the technology.

The authorities can consider more detailed designs of the relevant system and mechanism in order to achieve the further improvement of the technology's governance.


- BEIJING NEWS

The World Internet Conference (WIC) was established as an international organization on July 12, 2022, headquartered in Beijing, China. It was jointly initiated by Global System for Mobile Communication Association (GSMA), National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT), China Internet Network Information Center (CNNIC), Alibaba Group, Tencent, and Zhijiang Lab.