Why is it common to use facial recognition system in Hong Kong? We use face unlock and fingerprint recognition daily through our innovative mobile or laptop as personal devices. It is not very common to use biometrics in Hong Kong workplaces. However, employers must be aware of the challenges faced by using facial recognition systems.
Employers are finding the potential benefits of using biometric systems such as fingerprint and facial recognition systems in the workplace. These include enhanced security (restricting access), enhanced efficiency (eliminating the need for passwords, keys, and cards), and monitoring employee well-being and performance (monitoring track assets and performance activity and stress levels). However, the importance of the nature of biometric data and sensitivities around its use, and importantly, those significant challenges, need to be known and overcome while using them.
Here are the five tips you need to consider before navigating the biometrics landscape.
Five Necessary Facts to Help Hong Kong Employers Navigate the Complex Facial Recognition System
Collect with necessary data protection requirements.
The use and collection of biometric data are based on the Personal Data (Privacy) Ordinance regulation that relates to the data directly or indirectly of a living individual. It is practicable to ascertain individuals’ identities directly or indirectly. Employers must be up-to-date and familiar with the Ordinance and the guidance notes issued by the Privacy Commissioner from time to time.
The Ordinance is principle-based. The three principles are those given below according to the Privacy Ordinance.
- Organisations must collect biometric data for lawful purposes related to their functions and activities
- Organisations must not use the collected data for any purpose other than biometric-related functions.
- Prevents employers from using the biometric data without for a new purpose and along with the voluntary consent of the employee.
Biometric Time-keeping, Smarter Workdays with our Effective Time And Attendance Management Software!
Conduct a privacy impact assessment (PIA)
Employers should check a private analysis before taking and using biometric data. A PIA is a systematic process that analyses a proposal in terms of the impact of personal data privacy, and it follows as seen below:
A PIA should be
- Finding the necessity and proportionality of using biometric data
- Consider less privacy intrusive options
- Identify and finalize whose data the organization should collect or exclude.
Regularly monitoring and reviewing the PIA related to ongoing compliance can assist with emerging issues.
Learn more about the evolution of security in access control system in Hong Kong.
Key 2025 Biometric Privacy Statistics (Facial Recognition and Fingerprint)
- $8 Billion in Privacy Lawsuits
By 2025, privacy lawsuits and claims related to biometric information processing and cyber-physical systems are projected to exceed $8 billion in fines and settlements.
- 1.46 Billion Individuals Affected by Biometric Data Breaches
Forecasts predict that biometric data breaches will impact approximately 1.46 billion individuals by 2025, highlighting the escalating risks associated with storing and securing biometric data.
- Declining Trust in Tech Companies
In 2024, only 5% of consumers expressed a high level of trust in companies’ ability to safeguard their biometric data, a significant drop from 28% in 2022.
- Consumer Concerns About Biometric Technologies
Between 2022 and 2024, concerns about the misuse of biometric data increased from 69% to 88%, and concerns about biometric data breaches rose from 69% to 86%.
- Rise in Biometric Authentication Usage
By 2025, an estimated 1.4 billion individuals will be using facial biometrics to make payments, rising from 671 million in 2020.
Manage biometric data accuracy
Sometimes, the biometric technologies can be varied, and the precision and accuracy cannot always be reliable. For instance, some are probabilistic and give an identical match to the “likely” database. Data inaccuracies can lead to serious problems. For example, systems collect biometric data to record attendance, and inaccurate data might lead the employer to believe the employee is absent from work, potentially resulting in disciplinary action or even termination.
Therefore, employers should take all reasonable steps to ensure that the biometric data held is accurate and allow human intervention in the automatic decision-making processes. Employers must regularly review biometric data (such as facial recognition or fingerprints) and delete any data they no longer need. Keeping unnecessary data increases security risks and may breach the Data Protection Act.
Refer to the advantages and risks of using facial recognition system in Hong Kong.
Build trust and be transparent
When employers use employee biometric data for unofficial purposes, they exert undue influence based on presumptions that can be challenged and disproven. Employers must plan and prepare clear privacy policies and procedures explaining what biometric data they collect, why, when, how, and where they use it. They must also ensure employees can access and understand these privacy policies. It understands and empowers the employees if the employers give detailed information.
Thus, employees can control, evaluate, and know the benefits and potential risks of delivering their personal information. When employers handle data responsibly and securely, employees can understand the process and help build trust and transparency in data development.
Implement strong security measures
Unlike passwords or pins, if biometric data is once compromised, it remains compromised. Employers should take all necessary practicable steps to ensure that all biometric data is protected against unauthorised, accidental access, processing, loss or erasure and not used by anyone. This can be enhanced by regular site audits, encryptions, and access controls. The cybersecurity team should give access control to the particular users of the team so they do not permit or lose control of their data.
The authorised personnel must use and give training to the accessed personnel about collecting the biometric data. With a notable increase of cyberattacks, employers and cyber security teams must be regularly review and update security measures to address beyond the technological threats.
Face The Future Of Smart Door Access Systems In Hong Kong!
Key takeaways
By following these tips, employers in Hong Kong can effectively use biometric data by respecting employee privacy and the Ordinance. This approach not only sustains workplace security but also builds efficiency, promoting trust and transparency among employees.
Ready to switch to an advanced facial recognition system in Hong Kong? Why wait? Try to solve your queries and have a personal discussion with our experts! Call us today!
