Skip to main content
  • Sections
  • Search

Center for Strategic & International Studies

User menu

  • Subscribe
  • Sign In

Topics

  • Climate Change
  • Cybersecurity and Technology
    • Cybersecurity
    • Data Governance
    • Intellectual Property
    • Intelligence, Surveillance, and Privacy
    • Military Technology
    • Space
    • Technology and Innovation
  • Defense and Security
    • Counterterrorism and Homeland Security
    • Defense Budget
    • Defense Industry, Acquisition, and Innovation
    • Defense Strategy and Capabilities
    • Geopolitics and International Security
    • Long-Term Futures
    • Missile Defense
    • Space
    • Weapons of Mass Destruction Proliferation
  • Economics
    • Asian Economics
    • Global Economic Governance
    • Trade and International Business
  • Energy and Sustainability
    • Energy, Climate Change, and Environmental Impacts
    • Energy and Geopolitics
    • Energy Innovation
    • Energy Markets, Trends, and Outlooks
  • Global Health
    • Family Planning, Maternal and Child Health, and Immunizations
    • Multilateral Institutions
    • Health and Security
    • Infectious Disease
  • Human Rights
    • Building Sustainable and Inclusive Democracy
    • Business and Human Rights
    • Responding to Egregious Human Rights Abuses
    • Civil Society
    • Transitional Justice
    • Human Security
  • International Development
    • Food and Agriculture
    • Governance and Rule of Law
    • Humanitarian Assistance
    • Human Mobility
    • Private Sector Development
    • U.S. Development Policy

Regions

  • Africa
    • North Africa
    • Sub-Saharan Africa
  • Americas
    • Caribbean
    • North America
    • South America
  • Arctic
  • Asia
    • Afghanistan
    • Australia, New Zealand & Pacific
    • China
    • India
    • Japan
    • Korea
    • Pakistan
    • Southeast Asia
  • Europe
    • European Union
    • NATO
    • Post-Soviet Europe
    • Turkey
  • Middle East
    • The Gulf
    • Egypt and the Levant
    • North Africa
  • Russia and Eurasia
    • The South Caucasus
    • Central Asia
    • Post-Soviet Europe
    • Russia

Sections menu

  • Programs
  • Experts
  • Events
  • Analysis
    • Blogs
    • Books
    • Commentary
    • Congressional Testimony
    • Critical Questions
    • Interactive Reports
    • Journals
    • Newsletter
    • Reports
    • Transcript
  • Podcasts
  • iDeas Lab
  • Transcripts
  • Web Projects

Main menu

  • About Us
  • Support CSIS
    • Securing Our Future
Photo: NICOLAS ASFOURI/AFP/Getty Images
Blog Post - Trustee China Hand
Share
  • LinkedIn
  • Facebook
  • Twitter
  • Email
  • Printfriendly.com

Coming into Focus: China’s Facial Recognition Regulations

May 4, 2020

Trustee Chair in Chinese Business and Economics > Trustee China Hand 

By Seungha Lee

This past February, China introduced new facial recognition technology that can identify faces even when wearing a mask, though with a slightly lower accuracy rate. This technology not only highlights China’s technological advances, but it also deepens Chinese citizens’ growing concerns over how the widespread use of facial recognition threatens their privacy.

In October 2019, China had its first lawsuit over the use of facial recognition technology. In this case, which is still unsettled, a university professor accused a wildlife park of “compulsorily collecting visitors' individual characteristics” via facial recognition, triggering a widespread debate in China. China’s government and the private sector have made efforts to address society's concerns on the abuse of facial recognition technology. While much progress still needs to be made, the recent developments reflect the country’s gradual steps toward greater regulation on facial recognition and data protection.

New Chinese facial recognition technology can identify faces with masks.

Source: Hanvon’s Website

The Development of China’s Facial Recognition Regulatory Ecosystem

Facial recognition in China is regulated by a broader data protection framework – the Cybersecurity Law of the People’s Republic of China. The law imposes legal obligations on network operators by stating the requirements for the collection, use, and protection of personally identifiable information (PII), which includes biometric data. However, biometric data is not the central focus of the law, and it is not discussed beyond the definition section. To this end, China’s formulation of the “Personal Information Security Specification” and efforts in developing a new data privacy law deserve further attention. 

The Specification covers data protection with a higher degree of granularity, but it is nonbinding. It specifies guidelines on data-handling and protection to prevent PII – including biometrics – from illegal collection, abuse, and access. Despite its lack of penalties, the Specification is considered to establish best practices and to serve as an important reference for government agencies. Additionally, China recently released the newest version of the Specification in March 2020, and it will take effect on October 1, 2020. Notably, the updated version strengthens privacy protection and revises the “exceptions to soliciting consent" and refinements for personal biometric information.

Meanwhile, the Chinese legislature has been drafting a new data privacy law with a stronger focus on biometrics. At the moment, the details of the new data privacy law are unavailable, and the enactment timeline is unclear. However, according to a statement by the National People’s Congress (NPC), the Chinese government is aware of the need and demand for a centralized data protection law. For this reason, the initiative itself still marks a major step towards protecting its citizen’s personal data.

Self-regulation Efforts

China’s private sector has also been addressing privacy concerns through self-regulation. Two major initiatives are led by Megvii and SenseTime respectively.

Megvii, a leading Chinese facial recognition company, issued the foremost guidelines on AI applications (人工智能应用准则). Consisting of six parts, the guidelines provide corresponding intervention measures for each dimension. For example, the guidelines claim that AI should “make accurate decisions while providing adequate protection of the public from potential security risks.” In addition, the guidelines emphasize the necessity of strict data security and privacy protection.

Separately, a larger initiative is being taken by 27 tech companies—including SenseTime, Tencent, and Xiaomi—to draft the country’s first industry standards for facial recognition. According to SenseTime, the standards “will be guidance and foundation for the yardsticks of facial recognition in all fields.” Industry standards do not have the force of law in China, but tech companies’ ongoing efforts to guide the appropriate use of facial recognition is expected to be critical in building a sustainable environment for facial recognition technology.

Visitors being filmed by a security camera with facial recognition technology.
Source: Photo by NICOLAS ASFOURI/AFP via Getty Images.

In all, China has made tentative progress, but it is still too soon to predict the ultimate outcome. This is because the effort is largely top-down, led by the government and tech giants. Although there is a growing public concern (as witnessed by the reaction to the lawsuit), civil society has limited means to shape policies during the drafting process. In the end, as with many initiatives, the outcome will depend on how the new regulations and standards are implemented.

Trustee Chair in Chinese Business and Economics > Trustee China Hand 

Seungha Lee is a research intern with the Trustee Chair in Chinese Business and Economics at CSIS.

                                           

 

 

Media Queries
Contact H. Andrew Schwartz
Chief Communications Officer
Tel: 202.775.3242

Contact Paige Montfort
Media Relations Coordinator, External Relations
Tel: 202.775.3173
Related
Asia, China, Chinese Business and Economics, Cybersecurity, Cybersecurity and Technology, Data Governance, Intelligence, Surveillance, and Privacy, Technology and Innovation, Trustee China Hand

More from this blog

Blog Post
Passing But Incomplete: Grading President Biden’s Asia Trip
By Scott Kennedy, John L. Holden, Claire Reade, Deborah Seligsohn, Ilaria Mazzocco, Paul Triolo, Jeannette Chu
In Trustee China Hand
May 26, 2022
Blog Post
Bridging Differences with Friends on China
By Scott Kennedy
In Trustee China Hand
May 19, 2022
Blog Post
Paul Triolo: A Career Tracking China’s High-Tech Drive
By Shayla Gibson
In Trustee China Hand
May 9, 2022
Blog Post
Data Dive: The Private Sector Drives Growth in China’s High-Tech Exports
By Scott Kennedy
In Trustee China Hand
April 28, 2022
Blog Post
China’s Two Sessions: Ready, Aim, Spend
In Trustee China Hand
March 9, 2022
Blog Post
Two Years In, How Does the STAR Market Measure Up?
In Trustee China Hand
January 24, 2022
Blog Post
First Takes: Our Initial Reactions to USTR Tai’s CSIS Speech on China Policy
By Scott Kennedy, Ilaria Mazzocco, Daniel H. Rosen, Claire Reade, Deborah Seligsohn, Jeannette Chu, John L. Holden
In Trustee China Hand
October 5, 2021
Blog Post
Ilaria Mazzocco: An Interview with Our New Fellow
In Trustee China Hand
September 30, 2021

Related Content

Report
Questions about Facial Recognition
By James Andrew Lewis
February 3, 2021
Report
Facial Recognition Technology: Responsible Use Principles and the Legislative Landscape
By James Andrew Lewis
September 29, 2021
Commentary
Regulating Facial Recognition Technology
By James Andrew Lewis
June 28, 2021
Blog Post
Transparency with Chinese Characteristics: Xiaomi’s First Report
In Trustee China Hand
September 16, 2021
Blog Post
Brazil’s Data Protection Law
In Strategic Technologies Blog
September 23, 2020
Report
Digital Governance: It Is Time for the United States to Lead Again
By Daniel F. Runde, Sundar R. Ramanujam
August 2, 2021
Commentary
AI Regulation: Europe’s Latest Proposal is a Wake-Up Call for the United States
By Meredith Broadbent
May 18, 2021
Report
Data Protection or Data Utility?
By Alexander Kersten
February 18, 2022
Footer menu
  • Topics
  • Regions
  • Programs
  • Experts
  • Events
  • Analysis
  • Web Projects
  • Podcasts
  • iDeas Lab
  • Transcripts
  • About Us
  • Support Us
Contact CSIS
Email CSIS
Tel: 202.887.0200
Fax: 202.775.3199
Visit CSIS Headquarters
1616 Rhode Island Avenue, NW
Washington, DC 20036
Media Queries
Contact H. Andrew Schwartz
Chief Communications Officer
Tel: 202.775.3242

Contact Paige Montfort
Media Relations Coordinator, External Relations
Tel: 202.775.3173

Daily Updates

Sign up to receive The Evening, a daily brief on the news, events, and people shaping the world of international affairs.

Subscribe to CSIS Newsletters

Follow CSIS
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram

All content © 2022. All rights reserved.

Legal menu
  • Credits
  • Privacy Policy
  • Reprint Permissions