Core Viewpoint - The article highlights the concerning trend of mandatory facial recognition in hospitals, with half of the surveyed top-tier hospitals in Guangzhou requiring patients to use facial recognition for initial registration, raising issues of privacy and compliance with existing laws [1][2][4]. Group 1: Regulatory Context - The implementation of the "Facial Recognition Technology Application Security Management Measures" in June established core principles for handling facial information, emphasizing "clear purpose, minimum necessity, and strict protection" [1]. - Previous laws, such as the Civil Code and the Personal Information Protection Law, have already set clear guidelines on the use of personal information, requiring that facial recognition not be the sole method of verification [1][2]. Group 2: Hospital Practices - The study found that hospitals, particularly Guangzhou Medical University Affiliated Second and Third Hospitals, enforced strict facial recognition policies, which may not fully inform patients about the use of their facial data [1][4]. - The article argues that hospitals, as public service providers, should demonstrate a higher level of legal compliance and awareness regarding the use of facial recognition technology [3]. Group 3: Enforcement and Governance - The article stresses the need for effective enforcement of laws regarding facial recognition, suggesting that regulatory bodies must actively supervise and respond to public complaints, especially in healthcare settings where patients may struggle to protect their rights [3][4]. - It calls for the involvement of judicial authorities to ensure that hospitals do not become blind spots in the enforcement of personal information protection laws [4].

Core Viewpoint - The implementation of the "Facial Recognition Technology Application Security Management Measures" marks China's first comprehensive regulation specifically addressing the application of facial recognition technology, aiming to clarify its boundaries and enhance data protection [7][19]. Group 1: Regulation Implementation - The regulation was officially implemented on June 1, 2023, and is designed to work alongside existing laws such as the Cybersecurity Law, Data Security Law, and Personal Information Protection Law [7]. - It establishes clear boundaries for the application of facial recognition technology, requiring that its use in public places is necessary for maintaining public safety and that the collection of facial data is limited to designated areas [9][12]. Group 2: Public Concerns and Changes - Public concerns regarding privacy, security, and potential misuse of personal information have been highlighted, with citizens expressing fears about the implications of mandatory facial recognition [5][10]. - Following the regulation's implementation, many hotels have ceased the practice of collecting facial data for check-ins, reverting to traditional identification methods [9][10]. Group 3: Data Protection Measures - The regulation mandates that facial recognition data must be stored locally on devices and prohibits transmission over the internet, thereby reducing the risk of data breaches [17]. - It requires the implementation of security measures such as data encryption, access control, and regular password updates to protect facial recognition data [19][21]. Group 4: Special Management Requirements - The regulation imposes strict management requirements for special scenarios, prohibiting the installation of facial recognition devices in private spaces such as hotel rooms and public restrooms [12][13]. - Organizations must ensure that facial recognition is not the sole method of verification and must minimize the impact on individual rights [13][15]. Group 5: Data Classification and Management - The regulation continues the approach of data classification and grading, requiring organizations handling large volumes of personal information to register with cybersecurity authorities [25]. - It emphasizes the importance of responsible data management, particularly as the volume of collected data increases, to mitigate risks associated with potential data leaks [25].

Core Viewpoint - The recent surge in demand for the Labubu blind box series from Pop Mart has led to scalping and price inflation, prompting discussions about implementing facial recognition technology to combat this issue [2][3]. Group 1: Company Actions and Responses - Pop Mart's Labubu series has seen significant consumer interest, with the latest product launch resulting in sold-out statuses across various sales channels [3]. - Reports indicate that Pop Mart is considering a dual verification method of "facial recognition + mobile binding" in select stores to prevent scalping [2][3]. - However, multiple Pop Mart stores and customer service representatives have stated that they have not received any official notification regarding the implementation of facial recognition for purchases [3]. Group 2: Regulatory Context - The "Facial Recognition Technology Application Security Management Measures" came into effect on June 1, 2025, stipulating that facial recognition cannot be the sole verification method if other options are available [4]. - The regulation emphasizes the need for explicit consent from individuals before processing their facial information, highlighting the sensitivity of such data [4][5]. - Experts have raised concerns about the potential misuse of facial recognition technology, advocating for a cautious approach to its implementation in consumer transactions [5].

Core Points - The implementation of the "Facial Recognition Technology Application Security Management Measures" marks a new phase in the systematic governance of facial recognition technology in China, providing effective guidance for its legal and compliant development [1] - The regulation addresses public concerns regarding the misuse of facial recognition technology, establishing clear boundaries and principles for its application [4] Group 1: Key Regulations - The regulation introduces the principle of non-exclusive verification, prohibiting the use of facial recognition as the sole method of verification when other alternatives exist [4] - It specifies that facial recognition devices in public places must be necessary for public safety, with clear signage indicating the areas where facial data is collected, and prohibits installation in private spaces such as hotel rooms and public restrooms [4] - Special provisions are made for vulnerable groups, requiring compliance with accessibility standards for processing the facial information of disabled and elderly individuals, and parental consent for processing the facial information of minors under 14 [4][5] Group 2: Legal Framework - The legal framework surrounding facial recognition has been strengthened with the introduction of various laws, including the Civil Code, which protects personal information, and the Personal Information Protection Law [5][6] - The Supreme People's Court has issued regulations clarifying the rules for recognizing infringements related to facial information processing [6] - National standards have been established to regulate the lifecycle of facial recognition data processing, emphasizing the need for a unified standard for biometric identification systems [6] Group 3: Legal Responsibilities - Companies that unlawfully collect and process facial information may face civil, administrative, and criminal liabilities [7][8] - Civil liabilities include the obligation to cease infringement, restore reputation, and compensate for damages if personal information is processed without consent [7] - Administrative penalties can include fines and business license revocation for serious violations of consumer rights related to personal information [8]