This archive report was first published on 18 December 2019.
Published on December 18, 2019, a report highlighted the alarming issue of online data leakage in China. The problem has become so severe that police have created their own company to handle data directly, bypassing third-party systems.
China's mandatory identification card system provides a wealth of personal information, including fingerprints, faces, ethnicity, and age. This data is accessible to a wide range of people and companies, often through legitimate means. Companies with police connections use facial recognition systems to track individuals, while others sell private details to fraudsters and suspicious spouses for a few dollars per person.
One such company, Shenfenbao, had access to real-time records of every person staying in over 1,200 hotels in Xiamen. In a demonstration, Lin Jiahong, a Shenfenbao salesman, searched for a common name and retrieved three guests' information, including their hotels, room numbers, time of check-in, registered address, ethnicity, and age.
“Through data on our platform, we can dig out all records of a particular person, and make a comprehensive analysis of the route of activities of this person,” said Mr. Lin. He added that his company also offered algorithms to flag women who check into multiple hotels in one night for suspicion of prostitution.
As the surveillance state expands, signs of a backlash are emerging. In Shanghai, residents pushed back against a police plan to install facial-recognition cameras in a building complex. In Zhejiang Province, a professor filed a lawsuit against a zoo after it required mandatory facial-recognition scans for its members to gain access.