Processing Employee Sensitive Personal m88 casino review: What Employers Should Know

In our previous client updates, we have introduced the concept of personal m88 casino review and the basic principles and core rules for processing personal m88 casino review under the Personal m88 casino review Protection Law (“PIPL”), which takes effect on November 1, 2021.

The PIPL also provides for the first time in China a definition of “sensitive personal m88 casino review” in a national law. This update will discuss the types of m88 casino review considered to be sensitive personal m88 casino review and the special requirements for the processing of sensitive personal m88 casino review. This update will also discuss a recent case that has been hailed the “The First Facial Recognition Case of China” and its potential impact on how employers should handle sensitive personal m88 casino review of employees.

What is sensitive personal m88 casino review?

Under the PIPL, sensitive personal m88 casino review is distinguished from general personal m88 casino review by two key characteristics:

• there is a high probability that the leakage or illegal use of the personal m88 casino review would cause serious harm to the individual; and
  

• m88 casino review probable serious harm to m88 casino review individual includes infringement of m88 casino review individual’s dignity, or harm to m88 casino review safety of m88 casino review individual’s person or his/her property.
  

The PIPL lists certain types of personal m88 casino review that are considered sensitive personal m88 casino review, namely biometric m88 casino review, religious beliefs, race or ethnic groups, medical and health data, financial data, location data, as well as all personal m88 casino review of minors under the age of 14. The PIPL indicates that this list is not exclusive. Thus, government authorities and courts could have the right to deem additional types of personal m88 casino review as being sensitive and thus subject them to higher levels of protection.

There is overlap between sensitive personal m88 casino review and private personal m88 casino review (the latter is a concept under China’s Civil Code), both of which include medical and health data, financial data, sexual orientation, location data, and undisclosed criminal records. Sensitive personal m88 casino review focuses on the possibility of serious harm to individuals resulting from the m88 casino review leakage or illegal use; private personal m88 casino review focuses on m88 casino review about an individual that is not known by others. For example, personal hobbies are private personal m88 casino review. The leakage or the unlawful use of m88 casino review related to personal hobbies would usually not cause serious damage to individuals. As a result, personal hobbies would generally not be considered sensitive personal m88 casino review. In contrast, ID card m88 casino review, ethnicity, race, and religious beliefs are sensitive personal m88 casino review, because such m88 casino review could be known to a wide number of people within certain scopes. So they are usually not considered to be private personal m88 casino review.

What are the special requirements for the processing of sensitive personal m88 casino review?

The PIPL sets forth stricter requirements on the processing of sensitive personal m88 casino review when contrasted with processing of general personal m88 casino review. The stricter requirements are reflected from the following four aspects:

• Purpose of m88 casino review processing.Under the PIPL, an employer may process sensitive personal m88 casino review only if the processing is for a specific purpose and is fully necessary, which is a higher standard than required for the processing of general personal m88 casino review. While the PIPL does not provide guidance on this higher standard, the Guo v. Hangzhou Safari Park case (as discussed below) sheds light on what may be required of employers in this regard.

• Consent.Under the PIPL, when the legal basis for processing personal m88 casino review is consent, this consent could likely be in a bundled format with a single expression of consent covering multiple types of processing. In contrast, when consent is the legal basis for processing of sensitive personal m88 casino review, an m88 casino review processor (e.g., an employer) would need to get “separate consent”. While the PIPL is silent on details of this requirement, this type of consent may require notification separately listing each type of sensitive personal m88 casino review and each type of processing activity with corresponding consents for the employee to execute.

  
  

  As discussed in a previous client alert, an employer has the right to process employee sensitive personal m88 casino review without obtaining the separate consent from employees concerned if the employer has an alternative legal basis to process the sensitive personal m88 casino review certain conditions set forth in law have been satisfied, such as the processing is necessary to carry out human resource management. However, employers should pay attention to the following points:

• when collecting and processing sensitive personal m88 casino review based on the necessity for carrying out human resource management, employers should take extra caution to ensure that necessity is the primary criteria for the processing;

• keep close watch on the policy trends given that administrative and judicial authorities may limit the legal basis for processing sensitive personal m88 casino review to separate consent only.

• Additional disclosure obligations.Under the PIPL, in addition to the m88 casino review that an employer must disclose to an employee in regard to the processing of general personal m88 casino review (e.g., processing purpose, contact m88 casino review of processor), m88 casino review processors processing sensitive personal m88 casino review must inform employees of the necessity of processing the sensitive personal m88 casino review and the “impacts of the processing on the rights and interests of the individual”. These notification requirements apply regardless of the particular legal basis that supports the processing of the personal m88 casino review.
  

• More stringent security protection measures.The PIPL requires the personal m88 casino review processor to take more stringent measures to ensure the security of sensitive personal m88 casino review. Under the PIPL and the m88 casino review Security Technology-Personal m88 casino review Security Specification (GB/T 35273-2020), the following security protection measures must be taken for processing sensitive personal m88 casino review:

• security measures such as encryption measures must be taken for the storage and transmission of sensitive personal m88 casino review;
  

• personal biometric m88 casino review and personal identifiable m88 casino review must be stored separately from each other;
  

• under normal circumstance, no original personal biometric m88 casino review may be stored (e.g., summaries of personal biometric m88 casino review may be stored); and
  

• prior impact assessment of sensitive personal m88 casino review protection must be conducted and the records of the processing activities must be kept.
  

What employers can learn from Guo vs. Hangzhou Safari Park

A landmark case addressing sensitive personal m88 casino review was Guo vs. Hangzhou Safari Park, which was decided in April 2021 by the Hangzhou Intermediate People’s Court. While this case was a commercial dispute decided on the basis of the former General Principles of the Civil Law and the Consumer’s Rights and Interests Protection Law, and was decided before the effective date of the PIPL, the case gives an important indication on how employers can be expected to treat employee sensitive personal m88 casino review.

• Case Summary:In April 2019, Guo Bing purchased two annual passes from m88 casino review park for himself and wife, who was identified in m88 casino review court decision only as Ms. Ye. In accordance with m88 casino review park’s annual pass rules, Guo submitted his and Ye’s fingerprints and photos. m88 casino review park later changed m88 casino review entrance procedure of annual pass holders from fingerprint recognition to facial recognition, and asked Guo and Ye to enter m88 casino reviewir facial images into m88 casino review park computer system. m88 casino review park also attempted to use m88 casino review photos Guo and Ye had submitted for m88 casino review new park entrance system.

  
  

  Guo and Ye refused this request, deeming facial recognition images as highly sensitive matters of personal privacy. After the park refused to give him a refund for the cost of the annual passes, Guo sued for damages and deletion of the personal m88 casino review that was submitted.

• Court Decision:The second trial immediate court upheld a lower court the decision of first trial court that the park did not have the unilateral right to change the park entrance method and thus was liable for breach of contract. In addition, the park’s attempt to turn the photos of Guo and Ye into facial recognition m88 casino review exceeded the original purpose for the collection of the photos and therefore violated the “principle of justification” (which has been supplemented in the new Civil Code and PIPL by “principle of necessary”). As a result, in addition to awarding damages, the court ruled that all facial recognition m88 casino review including the photos of Guo and Ye should be deleted. Moreover, as the park stopped using the entrance method of fingerprint recognition, the fingerprint m88 casino review should also be deleted.

• Case Comments

• Facial recognition m88 casino review is typical sensitive personal m88 casino review. As a renowned scholar has pointed out, facial recognition m88 casino review belongs to “core privacy”, and it is often related to other types of private personal m88 casino review (e.g., some bank accounts are tied to facial recognition m88 casino review). Furthermore, facial recognition m88 casino review can be obtained without direct contact with or even knowledge of the individual concerned and the underlying characteristics of images cannot be easily changed without surgery. These factors make facial recognition m88 casino review highly sensitive, requiring a high level of legal protection. Any personal m88 casino review processor must inform and obtain separate consent from an individual before processing facial recognition m88 casino review.

• The park had implemented an entrance procedure based on fingerprint recognition, which was agreed to by Guo. Thus, with an existing, agreed entrance procedure in place, it was not necessary for the park to collect additional sensitive personal m88 casino review for a new entrance procedure. This principle of necessity is also a key requirement in the PIPL. Therefore, employers should not collect employee facial recognition m88 casino review unless it is necessary to achieve the processing purpose. In particular, employers should carefully take necessity into consideration when deciding whether to adopt facial recognition as the method of recording employee attendance or building access.

• The park attempted to turn the photos of Guo and Ye into facial recognition m88 casino review, which is beyond the purpose of the collection of the photos. Use of facial images shall not be permitted if the purpose of use is different from the purpose for which the images are collected. If it is necessary to use facial images of employees for a different purpose, employers should first inform the employees of the new purpose and obtain their separate consent.

Takeaways

Based on the above discussion, we suggest that employers pay attention to the following important issues when processing employee sensitive personal m88 casino review in order to mitigate legal risks.

• Conduct data mapping of employee personal m88 casino review so as to identify sensitive personal m88 casino review.Employers should conduct data mapping of employee personal m88 casino review that needs to be processed for conducting human resource management to identify sensitive personal m88 casino review involved. In so doing, employers can further meet the special requirements for processing sensitive personal m88 casino review.

• Strictly define the scope of employee sensitive personal m88 casino review to be processed.Although employers may process employee sensitive personal m88 casino review without obtaining consent if an alternative legal basis is applicable (such as based on the necessity of conducting human resource management), employers should take extra caution and have necessity as the primary criteria in determining the scope of the sensitive personal m88 casino review to be processed. Because facial recognition m88 casino review could be deemed to belong to core privacy interests, employers must not only fulfill adequate disclosure obligations, they may also be required to obtain employee separate consent in most employment scenarios.

• Additional disclosure obligations.Regardless of the legal basis for processing the sensitive personal m88 casino review, employers should fulfill not only the disclosure obligations to process general personal m88 casino review, they should also inform employees of the necessity of processing sensitive personal m88 casino review and the impacts of the processing on the rights and interests of the employees.

• Adopt more stringent security measures.When processing employee sensitive personal m88 casino review, employers should adopt more stringent security measures in accordance with the requirements under the PIPL and the Personal m88 casino review Security Specification.