Source URL: https://www.theregister.com/2025/03/23/asia_tech_news_in_brief/
Source: The Register
Title: China bans compulsory facial recognition and its use in private spaces like hotel rooms
Feedly Summary: PLUS: Zoho’s Ulaa anointed India’s most patriotic browser; Typhoon-like gang targets Taiwan; Japan debates offensive cyber-ops; and more
Asia In Brief China’s Cyberspace Administration and Ministry of Public Security have outlawed the use of facial recognition without consent.…
AI Summary and Description: Yes
Summary: The text outlines significant developments in privacy and security regulations regarding facial recognition technology in China. Organizations must now conduct impact assessments and secure consent before implementation, emphasizing a protective stance on personal data. Additionally, developments in cybersecurity across Asia, including infrastructure threats in Taiwan and new laws in Japan, highlight the evolving landscape of digital security and privacy rights in the region.
Detailed Description:
The text presents important updates on privacy and security issues primarily focusing on facial recognition in China, as well as providing insights into cybersecurity laws and challenges facing organizations in Asia.
– **Facial Recognition Regulations in China:**
– The Cyberspace Administration and Ministry of Public Security have prohibited the use of facial recognition technology without prior consent.
– Organizations planning to utilize facial recognition must conduct a “personal information protection impact assessment” evaluating the necessity and privacy implications.
– Mandatory encryption of biometric data and auditing of security practices are required to safeguard personal scans.
– The legislation restricts facial recognition usage in sensitive public areas (e.g., bathrooms, hotel rooms) but does not apply to research activities or algorithm training, potentially allowing data exploitation for AI model training.
– Questions remain regarding government exemptions from these rules, particularly regarding state interest in utilizing facial recognition for national identity verification.
– **Cyber Threats in Taiwan:**
– A new cyber-attack group, associated with the Volt Typhoon crews, is reportedly targeting critical Taiwanese infrastructure.
– This group’s tactics include using web shells and open-source tools for persistence and information theft, highlighting vulnerabilities within critical sectors like telecommunications and healthcare.
– **Cybersecurity Developments in Japan:**
– Japan’s introduction of a cybersecurity bill aimed at shifting toward an “active defense” approach includes provisions for offensive operations.
– Concerns have been raised about this legislation’s implications for privacy, despite assurances from officials regarding the preservation of personal data privacy.
– **Ongoing Tensions and Regulatory Actions:**
– Additional narratives about content regulation challenges faced by X (formerly Twitter) in India and the Australian Strategic Policy Institute’s claims of harassment by Chinese trolls underscore the tension between national security and freedom of speech across Asia.
These developments are critical for security and compliance professionals, as they indicate a tightening of privacy regulations and highlight the need for robust security measures in the face of increasing cyber threats. Compliance with new regulations will demand active engagement in privacy assessments, data encryption, and continual evaluation of organizational cybersecurity practices.