China’s cyberspace regulator said on Tuesday it has issued draft rules to oversee the security management of facial recognition technology in the country, following concerns raised in public about overuse of the technology.
The Cyberspace Administration of China (CAC) said facial recognition technology can only be used to process facial information when there is a specific purpose and sufficient necessity, and with strict protective measures.
The use of the technology will also require individual’s consent, the CAC said in a statement. It added that non-biometric identification solutions should be favored over facial recognition in cases where such methods are equally effective.
Biometric identification, especially facial recognition, has become widespread in China. In 2020, local media reported that facial recognition was used to activate toilet roll dispensers in public toilets, which triggered both public and regulatory concerns at the time.
Many Chinese courts and local governments have since ruled against and fined companies for facial recognition overuse, according to the South China Morning Post.
CAC’s draft rules on Tuesday said image capturing and personal identification devices should not be installed in hotel rooms, public bathrooms, changing rooms, toilets, and other places that may infringe upon others’ privacy.
The regulator added that image capturing devices should be installed in public places for only public safety purposes and with prominent warning signs next to them.
The draft rules come amid Beijing’s effort to tighten data regulation by issuing an array of rules and laws. Most notably, China introduced its first law focusing on user privacy, the Personal Information Protection Law, in 2021 in a bid to rein in companies’ overuse of user data.