What's New

PCPD revised the "Guidance on Collection and Use of Biometric Data"

The application of biometric data is increasingly prevalent. Examples include unlocking smart phones with fingerprints, identity authentication by voiceprints for telephone banking and access control at airports by facial recognition, etc. Biometric data is relatively sensitive personal data. Unlike passwords, one cannot ‘reset’ his/her biometric data if it is leaked. Extra caution is therefore warranted for its collection, use and security. The PCPD has recently revised the “Guidance on Collection and Use of Biometric Data”. We have elaborated on the good practices in collecting and using biometric data, thereby reinforcing the protection of sensitive personal data. Some noteworthy principles and measures for data collectors and users include:

Assessing the necessity and proportionality in collecting and using biometric data
Conducting Privacy Impact Assessment to avoid or minimise adverse impact on the individuals concerned
Being transparent, providing clear explanations and informed choices to individuals concerned
Ensuring data minimisation, data accuracy and data security

Individuals should also be vigilant when providing biometric data, and should not get carried away in the pursuit of novelty and convenience.

The revised “Guidance on Collection and Use of Biometric Data” can be downloaded at
https://www.pcpd.org.hk//english/resources_centre/publications/files/GN_biometric_e.pdf