• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
  • Log In
  • Member Registeration
  • Account
  • Our Services
  • Contact Us
  • Newsletter
  • Top Nav Social Icons

FindBiometrics

FindBiometrics

Global Identity Management

  • Biometrics
    • What are Biometrics?
    • FAQ
    • Biometric Associations
    • Companies
    • Premier Partners
  • News
    • Featured Articles
    • Interviews
    • Thought Leadership
    • Podcasts
    • Webinars
    • Year in Review
  • Applications
    • Biometric Security
    • Border Control and Airport Biometrics
    • Consumer and Residential Biometrics
    • Financial Biometrics
    • Fingerprint & Biometric Locks
    • Healthcare Biometrics
    • Justice and Law Enforcement Biometrics
    • Logical Access Control Biometrics
    • Mobile Biometrics
    • Other Biometric Applications
    • Physical Access Control Biometrics
    • Biometric Time and Attendance
  • Solutions
    • Behavioral Biometrics
    • Biometric Sensors and Detectors
    • Facial Recognition
    • Biometric Fingerprint Readers
    • Hand Readers & Finger Scanners
    • Iris Recognition
    • Biometric Middleware and Software
    • Multimodal Biometrics
    • Physiological Biometrics
    • Smart Cards
    • Vein Recognition
    • Voice and Speech Recognition
  • Stocks
  • Events
  • Companies
  • Podcasts

How Didi’s $1.2B Fine Complicates the Narrative Around China’s Biometric Surveillance

July 22, 2022

How Didi's $1.2B Fine Complicates the Narrative Around China's Biometric Surveillance

Chinese ride-hailing app Didi has been fined $1.2 billion by state regulators for data privacy and security violations, complicating Western political narratives that have led to warnings about China-made apps like TikTok and their data harvesting practices.

The 8 billion yuan fine came down on Didi care of the Cyberspace Administration of China, which determined that Didi had violated multiple laws with practices including the collection of 107 million facial recognition profiles, the capture of 12 million screenshots from customers’ smartphone photo albums, and collecting relationship information concerning users’ families.

In addition to the overarching fine, the Cyberspace Administration of China dinged Didi President Jean Liu and Chairman Cheng Wei about $148,000 each.

It’s an awkward and, in some respects, confusing development in the context of discussions about the threat of Chinese surveillance practices in parts of the West.

Some of the latter concerns are pretty straightforward: The United Kingdom’s Biometrics and Surveillance Camera Commissioner recently warned that China-based Hikvision’s surveillance cameras could be activated remotely to collect face and voice biometrics, and helped to convince a number of lawmakers to push for a ban on the company’s technology.

In the United States, meanwhile, some legislators have become concerned about the surveillance capabilities of the kind of China-made tech that bears much more of a family resemblance to Didi. The video-sharing social app TikTok, in particular, has come under scrutiny after it updated its privacy policy last year to get users to consent to its collection of face and voice biometrics data.

A couple of months after doing so, TikTok faced an open letter from a pair of concerned US Senators asking the company to elaborate on its collection of user data and provide information about things like whether it shares data with third parties. Earlier this month, the Federal Communications Commission took the dramatic step of asking Apple and Google to delist TikTok from their app stores, with FCC Commissioner Brendan Carr asserting that it is a vehicle for Chinese Communist Party surveillance.

TikTok has faced variations of this argument before. One line of thinking goes that even if the CCP is not explicitly using TikTok as a surveillance tool, the fact that its corporate parent, ByteDance, is based in China means that it could be subject to the whims of the Chinese government. The CCP could demand that TikTok hand over customers’ biometric data, and it would have no choice but to comply. Whatever degree of conspiracy may be involved, these kinds of concerns helped to prompt the Trump administration to order the sale of TikTok to an American company. That directive never came to fruition, but the concerns remain.

The Cyberspace Administration of China’s handling of Didi muddies the picture. This is an arm of the Chinese government levying a huge fine on a private company over its collection of sensitive user data, including biometric data.

As The Washington Post notes, that fine comes after a new consumer data protection law took effect in China last November. The law is said to be based in broad terms on the European Union’s General Data Protection Regulation (GDPR), and it places restrictions on companies’ collection of personal data without consent, and on transmitting Chinese citizens’ data outside of the country. And that piece of legislation arrived after China’s Supreme People’s Court ruled last summer that businesses couldn’t use facial recognition without their customers’ consent.

So is China actually developing a regulatory framework to protect individuals from biometric data harvesting? And if so, does that mean Americans who are concerned about TikTok can rest easy?

Not so fast.

Before extrapolating too much from the Didi fine, it’s important to consider a little more context. The Chinese government’s investigation of Didi began about a year ago, well before the new data protection law came into effect. And it came amid what has been described as a populist campaign against big tech in China, with government authorities keen to be perceived as tackling corporate greed in their bid to improve the lives of nationals.

The timing of the attack against Didi is freighted with symbolism. The Cyberspace Administration of China announced its investigation just days after Didi made its debut on the New York Stock Exchange, sending its value tumbling and ultimately compelling the company to delist from the NYSE. With Chinese President Xi Xinping having touted his regime’s goal of “common prosperity”, Didi appeared to be one of many companies that irked the government’s ire by growing too big and leaving the people behind to seek success on the international stage.

The government’s investigation into Didi and its subsequent fine therefore represent a political, rather than principled, attack. Didi may have flouted data privacy laws – at least some of which weren’t yet codified when the investigation began – but it seems to have been targeted mainly as a gesture of government control and efficacy.

Would TikTok face the same regulatory scrutiny if it was found to be overreaching in its collection Chinese nationals’ data? Perhaps more to the point, would it be fined for collecting foreigners’ data? The answers aren’t clear. TikTok does not appear to have ticked off the CCP thus far, and theoretically its social media app remains a useful tool for surveillance purposes. Whether its collection of biometric data is ever restrained by the government probably won’t depend on principles of privacy and consent, but rather on whether the CCP perceives TikTok as a political problem or a strategic asset.

Much the same reasoning can be applied on the other side of the Pacific. A private US company would surely come under fire if it was found to be unlawfully collecting biometric data, and many have – especially in Illinois, with the state’s severe Biometric Information Privacy Act. But privacy protections aside, various government authorities have continued to pursue and deploy biometric technologies, sometimes in the face of criticism from privacy and civil rights advocates. Even Clearview AI, which is at this point more famous for its illegal collection of citizens’ biometric data than for its technology or any other selling point, remains a contractor for Immigration and Customs Enforcement, despite facing a range of fines and lawsuits in America and around the world. As in China, there are regulations in place in America aimed at protecting consumer privacy and biometric data, but they don’t necessarily have much bearing on how the government decides to use biometric technology.

Regulations and rights are one thing; state power is another. The Cyberspace Administration of China’s massive fine against Didi may tell us something about the state of privacy protections in China, but it doesn’t necessarily tell us anything about what kind of a “national security threat”, if any, TikTok represents to the US.

In any case, the fine certainly tells us something about what the CCP thinks of Didi.

Sources: The Washington Post, Shine, Bloomberg

–

July 22, 2022 – by Alex Perala

Related News

  • Visa and Mastercard Are Using Biometric Tech Sourced From a Sanctioned Chinese FirmVisa and Mastercard Are Using Biometric Tech Sourced From a Sanctioned Chinese Firm
  • MTA Halts Surveillance Camera Pilot Over China Links, Facial Recognition ConcernsMTA Halts Surveillance Camera Pilot Over China Links, Facial Recognition Concerns
  • Chinese State Court Reaffirms Facial Recognition Ruling, But Big Questions RemainChinese State Court Reaffirms Facial Recognition Ruling, But Big Questions Remain
  • Chinese Real Estate Agents Use Biometric Facial Recognition to Identify ClientsChinese Real Estate Agents Use Biometric Facial Recognition to Identify Clients
  • Hong Kong Police Refuse to Confirm or Deny Use of Facial Recognition on ProtestorsHong Kong Police Refuse to Confirm or Deny Use of Facial Recognition on Protestors
  • Sensetime Partnership Brings Chinese Cell Tower Company Into Biometric SurveillanceSensetime Partnership Brings Chinese Cell Tower Company Into Biometric Surveillance

Filed Under: Featured Articles, News Tagged With: Biometric, biometric surveillance, biometrics, China, Cyberspace Administration of China, Didi, face biometrics, facial recognition, government surveillance, ID Tech, national security, privacy issues, TikTok

Primary Sidebar

Register For This Finance-Focused LIVE Webinar

Sponsored Links

facetec logo

FaceTec’s patented, industry-leading 3D Face Authentication software anchors digital identity, creating a chain of trust from user onboarding to ongoing authentication on all modern smart devices and webcams. FaceTec’s 3D FaceMaps™ make trusted, remote identity verification finally possible. As the only technology backed by a persistent spoof bounty program and NIST/iBeta Certified Liveness Detection, FaceTec is the global standard for Liveness and 3D Face Matching with millions of users on six continents in financial services, border security, transportation, blockchain, e-voting, social networks, online dating and more. www.facetec.com

TECH5 logo

TECH5 is an international technology company founded by experts from the biometrics industry, which focuses on developing disruptive biometric and digital ID solutions through the application of AI and Machine Learning technologies.

TECH5 target markets include both Government and Private sectors with products powering Civil ID, Digital ID, as well as authentication solutions that deliver identity assurance for various use cases. 

Learn more: www.tech5.ai

Mobile ID World Logo

Mobile ID World is here to bring you the latest in mobile authentication solutions and application providers. Our company is dedicated to providing users with the best content and cutting edge information on technology, news, and mobile solutions for your mobile identity management needs.

HID logo

HID powers the trusted identities of the world’s people, places and things. Our trusted identity solutions give people convenient and secure access to physical and digital places and connect things that can be identified, verified and tracked digitally. Millions of people use HID products to navigate their everyday lives, and billions of things are connected through HID technology. https://www.hidglobal.com/

Prove Logo

As the world moves to a mobile-first economy, businesses need to modernize how they acquire, engage with, and enable consumers. Prove’s phone-centric identity tokenization and passive cryptographic authentication solutions reduce friction, enhance security and privacy across all digital channels, and accelerate revenues while reducing operating expenses and fraud losses. Over 1,000 enterprise customers use Prove’s platform to process 20 billion customer requests annually across industries including banking, lending, healthcare, gaming, crypto, e-commerce, marketplaces, and payments. https://www.prove.com/

Recent Posts

  • A Bill, an Honor, and a Big BIPA Question – Identity News Digest
  • AI Update: New Rules Tackle AI Risks
  • TECH5’s Touchless Fingerprint Solution Reaches PAD Level 1
  • China Strives for Super SIMs – Identity News Digest
  • UK Parliament Passes a Potentially Impactful Bill – Identity New Digest

Biometric Associations

IBIA and fido

Footer

  • About Us
  • Company Directory
  • Advertise With Us
  • Contact Us
  • Privacy Policy
  • Terms of Use
  • Archives
  • CCPA: Do not sell my personal info.

Follow Us

Copyright © 2023 FindBiometrics