Nowadays, “face brushing” has become a common way of public communication and transaction. For example, when you stay in a hotel, you have to face the camera to check your body; after ordering a meal, you can pay by looking at the camera; when you go to the public toilet, you need to look at the machine for a few seconds before you can take out the paper. However, more and more frequent face brushing also brings more and more unpredictable risks. So, does “face” belong to privacy? What is the risk of “face” leakage? Who is in charge of losing facial information? Where is the boundary of collecting facial information? < p > < p > according to media reports, on July 1, 2020, all stations of Harbin Metro Line 1 will be equipped with “face painting”. Harbin subway station uses face recognition function to reduce the pressure of passenger flow. < / P > < p > for example, public toilets in Beijing, Chongqing and other places are equipped with face washing devices. Citizens only need to stand in the identification area in front of the toilet paper machine and face the camera in front of them. After the identification process, they can get a piece of toilet paper. < p > < p > in 2019, the zoo will change the way of entering the park from fingerprint to “brush face”. Because he is not willing to use face recognition, Guo Bing, associate professor of Zhejiang University of technology, sued Hangzhou wildlife world in court. The case has also become the “first case of face recognition” sued by domestic consumers. According to Liu Deliang, a professor at the Law School of Beijing Normal University, there is no problem in using face recognition technology in the public domain. The external features of the face do not belong to the category of privacy, and there is little difference between being recognized by a machine and being recognized by other people’s eyes. However, LV Laiming, a professor at the Law School of Beijing business and Technology University, believes that compared with other personal information, biological information is unique and life-long invariable. Once the information collected by biometric technology such as face is leaked, the victim can not prevent and remedy by changing the information. As a matter of fact, many netizens also believe that facial information, like other personal privacy, belongs to personal privacy, and can’t exclude the meaning of privacy because of the new technology. In fact, at present, there are some loopholes in the storage and management of personal facial information. Tan Jianfeng, member of the National Committee of the Chinese people’s Political Consultative Conference and chairman of Shanghai Renmin Network Security Technology Co., Ltd., said that at present, the security protection of face recognition technology is not perfect. < / P > < p > recently, a reporter’s investigation found that some Internet black industry practitioners used e-commerce platforms to resell illegally acquired identity information such as faces at low prices, as well as “photo activation” tools and tutorials. In July 2019, Li Wei, director general of the science and Technology Department of the people’s Bank of China, said in public that it was necessary to correct the confusion of “abusing technology and willfulness” in some institutions. < / P > < p > that is to say, if it is not necessary, communities and institutions should not be forced to collect personal facial information under the guise of safety needs or even epidemic prevention and control needs. < / P > < p > at present, most of the commercial organizations that collect facial feature information are for the need of authentication. After enterprises collect information, they are most worried about whether they can properly keep and use the relevant information in the way that they have been told in advance. < p > < p > Lu Laiming said that in addition to the principle of “user consent”, for the application of face recognition technology, the application principle, scope and conditions, procedures, etc. should be specified through mandatory provisions, so as to limit the application field of face recognition. At the same time, the method of obtaining the user’s consent shall be restricted, and the user shall not be required to carry out general authorization or one-time authorization together with other information, but shall be authorized separately, regularly or step by step; the obligation of the party who collects and uses the face recognition information after the authorization period has expired and the specific purpose has been achieved.