Facial Recognition just to use a Phone: China Sets a Dangerous Global Precedent
According to reports from yesterday, Chinese citizens now have to have their faces scanned when registering new mobile phone services, as the authorities seek to verify the identities of all Internet users. This creates a restraint on all people who merely seek to do as people everywhere do: to communicate freely.
This is a particularly worrying development as it builds an unreliable, pervasive, and unnecessary technology on top of an unnecessary and exclusionary SIM card registration policy. Forcing people to register to use communication technology eradicates the potential for anonymity of communications, enables pervasive tracking and communications surveillance.
Building facial recognition on top of a SIM card registration system sets an extremely dangerous global precedent. Some countries, like Pakistan were outliers for requiring fingerprint registration for SIM registration. China is taking this to the next level.
Just like every other government with their spurious claims about SIM registration, the Chinese government states that their policy will “protect the legitimate rights and interest of citizens in cyberspace”. Experience shows otherwise. SIM registration has not been effective in curbing crime , but instead has fueled it. States that have adopted SIM card registration have seen the growth of identity-related crime, and have witnessed black markets quickly pop up to service those wishing to remain anonymous. Moreover, SIMs can be illicitly cloned. In many countries, criminals use foreign SIMs, or internet and satellite telephones, to circumvent SIM registration requirements.
The Chinese policy is setting a dark precedent. A recent police case in Peru gave us a scary example of the kind of risks we could be facing in the near future. As our partner Hiperderecho explains here:
The National Police dismantled a criminal organization that impersonated their victims to buy expensive cellphones on credit. To accomplish their crimes, they first obtained a list of people with good credit scores by querying publicly available databases from credit reporting agencies, then made counterfeited IDs with those names but different photos, and finally printed silicon 3D-copies of the fingerprints of their victims to wear as finger gloves and fool biometric scans. According to press reports, they obtained the original fingerprint and signature images from the National Registry of Identity, a mandatory registry for every Peruvian citizen that lists both birth and biometric information. Their whole criminal scheme was facilitated by the surveillance and mandatory registering policies enacted precisely to keep Peruvians safe.
This is a global phenomenon: several African and Asian states are increasingly adopting SIM card registration mandates, as illustrated by this timeline.
This is happening in absence of robust and adequately enforced data protection laws: while the majority of countries in Africa mandatory SIM card registration laws have been passed, only 43% of African countries have any data privacy laws. In countries that do have data privacy laws, critics and advocates have raised concerns about the lack of sufficient protections and safeguards.
This, coupled with a widespread use of prepaid SIM card use, it can allow for a more pervasive system of mass surveillance of people, as well as exclusion from important civic spaces, social networks, and education and health care.
If the Chinese Government is truly pre-occupied with the protection of the rights of citizens, it would limit data collection by enforcing strong data protection laws. Instead, it is subjecting Chinese mobile phone users to new forms of surveillance, with new risks to their data and identity, and setting yet another bad example for other countries.