HK Government Admits LeaveHomeSafe App Contains Facial Recognition Feature; Experts Call For Full Transparency

HK authorities said the facial recognition feature in the city’s contact tracing app was never activated despite discoveryThe Hong Kong government recently admitted that its contact tracing mobile app LeaveHomeSafe contains a facial recognition function. However, the authorities claimed that they didn’t know about it before and had never used the feature. Hong Kong residents have had concerns since the introduction of LeaveHomeSafe. Many have expressed fear of it becoming the government’s tool for implementing stricter social control or infringing on people’s privacy. Wong Ho-wa, a Hong Kong data scientist and pro-democracy activist, said the government should make the app’s source code available to the public to mitigate public concerns. Antony Leung, a senior media professional in Hong Kong, said the contact tracing app pushed by the city’s government appeared awfully similar to mainland China’s “social credit system,” a system that utilizes artificial intelligence and facial recognition to conduct mass surveillance and assign points on citizens’ behavior. LeaveHomeSafe was designed primarily to track the user’s whereabouts amid the pandemic, among other features. The Hong Kong government claims that the app is only used for COVID-19 prevention. It requires all private citizens and public officials to download the app in order to enter certain government buildings, public hospitals, and supermarkets, starting on Nov. 1, 2021. A security guard holds a QR code for the LeaveHomeSafe Covid-19 contact-tracing app at the Final Court of Appeal ahead of a ceremony to mark the opening of the legal year on January 24, 2022, in Hong Kong, China. (Anthony Kwan/Getty Images) However, the app mandate was extended to restaurants and movie theaters on Dec. 9, 2021, requiring users to show QR codes when entering most public places. Source Code FactWire, a non-profit investigative news agency based in Hong Kong, found a built-in facial detection module in the LeaveHomeSafe app after examining the source code of the app’s latest Android release, version 3.2.0, along with six previous versions, the Hong Kong Free Press (HKFP) reported on May 5. The converted source file comprises some 20 folders. One of those, named org, contains a subfolder named reactnative, which further consists of three folders titled facedetector, camera, and maskedview, respectively, according to the report. One of the java files, known originally as “FaceDetectorUtils.java” but renamed “a.java” in LeaveHomeSafe, could be used to detect the position of a person’s mouth, nose, left and right cheeks, eyes, ears, and earlobes. It can also detect the degree of a head tilt and calculate the probability that someone is smiling or has both eyes open. “The facial detection module can be found in all versions of the LeaveHomeSafe app that FactWire examined, suggesting that it has existed since the app’s early launch in 2020. This is, however, not mentioned on the app’s official website nor in mobile app store descriptions,” the article said. HK Government’s Response In response to the FactWire report, a Hong Kong IT official said the department had not previously known about the feature, nor had it conducted face recognition or collected related data. The official added that the department had asked the app’s developer to look into removing the facial recognition source code without affecting the “normal operation” of the application. However, Wong, the data scientist based in Hong Kong, told The Epoch Times that it is impossible to know whether the facial recognition function has been used judging by the source code alone. And that the source code disassembled and examined by FactWire was only a part of the complete application. Wong believes the HK government should disclose all of the relevant source code from the contact tracing app so that a transparent analysis can be done by third parties to improve the app’s safety factor and, most importantly, alleviate the public’s doubts. Follow Justin Zhang has been analyzing and writing articles on China issues since 2012. He can be contacted at [email protected]

HK Government Admits LeaveHomeSafe App Contains Facial Recognition Feature; Experts Call For Full Transparency

HK authorities said the facial recognition feature in the city’s contact tracing app was never activated despite discovery

The Hong Kong government recently admitted that its contact tracing mobile app LeaveHomeSafe contains a facial recognition function. However, the authorities claimed that they didn’t know about it before and had never used the feature.

Hong Kong residents have had concerns since the introduction of LeaveHomeSafe. Many have expressed fear of it becoming the government’s tool for implementing stricter social control or infringing on people’s privacy.

Wong Ho-wa, a Hong Kong data scientist and pro-democracy activist, said the government should make the app’s source code available to the public to mitigate public concerns.

Antony Leung, a senior media professional in Hong Kong, said the contact tracing app pushed by the city’s government appeared awfully similar to mainland China’s “social credit system,” a system that utilizes artificial intelligence and facial recognition to conduct mass surveillance and assign points on citizens’ behavior.

LeaveHomeSafe was designed primarily to track the user’s whereabouts amid the pandemic, among other features. The Hong Kong government claims that the app is only used for COVID-19 prevention. It requires all private citizens and public officials to download the app in order to enter certain government buildings, public hospitals, and supermarkets, starting on Nov. 1, 2021.

Epoch Times Photo
A security guard holds a QR code for the LeaveHomeSafe Covid-19 contact-tracing app at the Final Court of Appeal ahead of a ceremony to mark the opening of the legal year on January 24, 2022, in Hong Kong, China. (Anthony Kwan/Getty Images)

However, the app mandate was extended to restaurants and movie theaters on Dec. 9, 2021, requiring users to show QR codes when entering most public places.

Source Code

FactWire, a non-profit investigative news agency based in Hong Kong, found a built-in facial detection module in the LeaveHomeSafe app after examining the source code of the app’s latest Android release, version 3.2.0, along with six previous versions, the Hong Kong Free Press (HKFP) reported on May 5.

The converted source file comprises some 20 folders. One of those, named org, contains a subfolder named reactnative, which further consists of three folders titled facedetector, camera, and maskedview, respectively, according to the report.

One of the java files, known originally as “FaceDetectorUtils.java” but renamed “a.java” in LeaveHomeSafe, could be used to detect the position of a person’s mouth, nose, left and right cheeks, eyes, ears, and earlobes. It can also detect the degree of a head tilt and calculate the probability that someone is smiling or has both eyes open.

“The facial detection module can be found in all versions of the LeaveHomeSafe app that FactWire examined, suggesting that it has existed since the app’s early launch in 2020. This is, however, not mentioned on the app’s official website nor in mobile app store descriptions,” the article said.

HK Government’s Response

In response to the FactWire report, a Hong Kong IT official said the department had not previously known about the feature, nor had it conducted face recognition or collected related data. The official added that the department had asked the app’s developer to look into removing the facial recognition source code without affecting the “normal operation” of the application.

However, Wong, the data scientist based in Hong Kong, told The Epoch Times that it is impossible to know whether the facial recognition function has been used judging by the source code alone. And that the source code disassembled and examined by FactWire was only a part of the complete application.

Wong believes the HK government should disclose all of the relevant source code from the contact tracing app so that a transparent analysis can be done by third parties to improve the app’s safety factor and, most importantly, alleviate the public’s doubts.


Follow

Justin Zhang has been analyzing and writing articles on China issues since 2012. He can be contacted at [email protected]