Summary
On 21 March 2025, the Cyberspace Administration of China (CAC) and the Ministry of Public Security (MPS) jointly introduced the Measures for the Administration of the Security of the Application of Face Recognition Technology (“FR Measures”), set to take effect on 1 June 2025. These measures aim to regulate the processing of facial data while balancing security and technological innovation.
Previously existing laws related to face information include the Personal Information Protection Law and various national standards. The new FR Measures enhance these regulations by providing specific requirements for face information processing.
Key Points
- FR Measures define “face information” as biometric data regarding facial features of identifiable individuals.
- The regulations cover uses of face recognition technology for personal identity verification and identification of individuals.
- Notification and separate consent are requisite for processing face information; individuals must be well informed.
- Conduct risk assessments and ensure lawful, necessary, and specific purposes for processing facial data.
- FR technology should not be the sole method for identity verification, and non-FR methods should be prioritized if available.
- Face information must generally remain stored within the FR device and not transmitted online without consent.
- Public installations of FR devices must be clearly indicated and legally justified for public safety.
- Filing requirements mandate PIPs to document when facial information storage exceeds 100,000 individuals.
Why should I read this?
If you’re keen on understanding the evolving regulations around facial recognition technology in China, this article is a goldmine. The new rules could significantly impact how companies manage sensitive personal data, so if you’re in tech, legal, or data privacy fields, you’ll want to be in the know. Reading this will definitely save you the hassle of sifting through lengthy regulations yourself!