Original title: Unauthorized collection of surface information constitutes theft
On December 1, the 24th meeting of the 17th Standing Committee of the Tianjin Civic People’s Congress voted and passed “The Tianjin Social Credit Regulations.” Article 16 states: Market credit information providers will not collect religious beliefs, blood types, natural persons. Ill health and medical history, biometric information, and other personal information prohibited by administrative laws and regulations. The so-called market credit information provider is a concept comparable to government and other public organizations, including credit service organizations, industry associations, chambers of commerce, and other enterprises and organizations. Passing this law in Tianjin means that surface data, as a kind of biological information, is also prohibited from being collected by market entities.
Before Tianjin, there were occasional regulations on the collection of facial information. For example, the “Hangzhou Municipal Property Management (Revised Draft) Regulations” submitted for consideration in October stipulated that the property service provider should not force the owner to pass a fingerprint or face recognition. Use shared facilities and equipment as biological information. Recently, Nanjing, Xuzhou, etc. issued notices asking developers not to collect visitor face information due to the facial recognition problem caused by “wearing a helmet to the sales department”.
However, these regulations and notices are only solutions to one-point problems, and the scenarios to deal with them are very limited. The reality is that surface information collection has been widely used in shopping and supermarket charges, park access, access control of office buildings, and the like. The favorable temptation of traders and high-pressure “choose one of the privacy / service” clauses of powerful companies, either unknown or forced to transmit key surface data extensively. The reason why the Tianjin “Regulations” have attracted widespread attention is that they provide a complete set of solutions, that is, impose uniform restrictions directly on the collection of biometrics data such as facial recognition, which give laws to individual users. Guarantee, comprehensively regulate the collection behavior of market entities.
Among the biometric information such as fingerprints, palm prints, veins, and iris, facial information is undoubtedly the most important. Recognizing each other through faces and establishing mutual trust is the most primitive and natural way for human beings to deal with interpersonal relationships. Before the digital age, “seeing is believing” is the most reliable form of cognition, but in the digital age, personal identity information needs to be digitized to be passed on in the virtual world. Even the subtle personal information on the periphery can allow individuals to steal data. Leakage damage, the simple information combination of “name + phone number” can deceive the victim’s trust. If the surface information is leaked, it corresponds to the personal identity of the cloned digital world. If used by software such as Face Changing AI, its potential damage will be difficult to estimate. Even if there is no fraud, and the merchant masters the facial information, it can result in precisely “consumer surplus” capture, and the phenomenon of wearing a helmet can spread from the sales department to other use scenarios.
The importance of facial recognition data determines that it must be used with care. In practice, traders have the advantages of technology and information. Individuals willing to actively transfer surface data may not understand the complex authorization terms, let alone how these data are stored and used. This is not a fair transaction; traders can also use consumers The disadvantage of difficult rights protection is that forcing consumers to receive facial recognition services is not a fair deal; businesses such as real estate sales offices that collect personal face data without the user’s consent, the equivalent of data theft are also an asset. , Also valuable. Before resolving these problems, the use of facial recognition should be strictly restricted.
Using facial recognition technology is more important to “getting it right” than “doing it quickly.” This requires legislation to establish regulations quickly rather than slowly, sooner rather than later, and give consumers timely legal protection. In the newly published “first face recognition”, Safari Park only repaid the loss of contractual benefits and the user’s transport expenses, but Safari Park’s behavior did not require users to “accept facial recognition, otherwise they could not enter the park ”illegally. . If there are laws and regulations like Tianjin first, would the ruling be completely different?