Companies ‘must be open’ about personal data collection
Published: Sep 13, 2020 09:03 PM

A visitor tries out 5G VR equipment at the China International Big Data Industry Expo held in Zunyi, Southwest China's Guizhou Province, in May. Photo: VCG

Chinese tech companies should be careful in handling the personal data they collect, ensuring that they don't harm users' rights, and they should inform users about the data collection, one expert said.

The advice followed celebrity entrepreneur Li Kaifu's comment that he had once helped procure facial data from Chinese tech giants including Ant Financial and Meitu, which triggered clarification from Ant Financial and heated controversy about China's data protection.

Li, chairman and CEO of Innovation Works and former head of Google China, said at a forum on Saturday that he had earlier helped Chinese AI company Megvii Technology obtain facial data from companies including Meitu and Ant Financial. 

Ant Financial Saturday night issued a statement on its Weibo account, saying that it never had any contact with Li regarding cooperation with Megvii Technology, nor had it provided any facial data to Megvii, adding that data security and privacy protection are the "lifeblood" of the company. Megvii Technology also clarified on Weibo that the company does not store or collect any personal data of its users. 

On Saturday, Li apologized to the involved companies for "a slip of the tongue," clarifying that although he had helped Megvii Technology seek more business partners and Megvii did provide AI technologies to those partners, there had been no data transfer in their cooperation. 

Li's comments about procuring facial data triggered discussion on China's social media about inadequate personal data protection. Some netizens said that massive collection of personal data not only infringes on personal privacy, but also poses threats to national security. Some worried if the collected facial data is being analyzed and used, and asked whether it is safe to store face data. 

Experts argued that although it's not explicitly forbidden by laws or regulations to use personal data, companies should be careful in handling the data.

"There are no laws or regulations that obviously prohibit the use of users' data in China, which has partly contributed to the fast development of the AI sector. 

"However, it is unanimous among ethicists that when using individuals' data to train AI models, they cannot harm the rights and interests of the data owners themselves," said Liu Gang, director of the Nankai Institute of Economics and chief economist at the Chinese Institute of New Generation Artificial Intelligence Development Strategies.

Liu nevertheless argued that many technologies wouldn't be feasible without the collection of personal data. He gave the example of collecting thousands of lung scan images during the COVID-19 outbreak in China to train AI to automatically identify patients. 

"Without collecting data for technology use, there was no possibility of precisely identifying patients so fast at a time when there was no nucleic acid test," he told the Global Times.

US tech giant Facebook faced penalties for allegedly breaking European data protection laws. Recently, the Irish Data Protection Commission reportedly sent a preliminary order to Facebook to suspend data transfer from the EU to the US, after European regulators raised concerns that such transfers do not provide adequate protection to that data from US government surveillance. 

According to The New York Times, Facebook could face a fine up to 4 percent of its global revenue for breaking European data protection laws. The EU and countries like Vietnam increasingly require local storage of user data, which runs counter to US requirements for data openness, Liu said. 

He pointed out that using individuals' data has two prerequisites - the use cannot harm data owners' rights and interests, and they have the right to know that their information is being collected. 

blog comments powered by Disqus