More than 690,000 race photos record the passion of running and almost become an "open air square" of personal information.
Faces, number plates, names, finishing results, movement tracks… With just one click, strangers can browse, search, and download at will. This is not a data security drill, but a real hidden danger that occurred after a half marathon in Jiading, Shanghai. Fortunately, with the promotion of the procuratorate, on March 1, 2026, these more than 690,000 event photos containing contestant facial information were removed from the photo live broadcast platform on time as planned. More importantly, the rules have been rewritten – from now on, the use of facial information in this event must obtain the user's explicit consent in advance. From case rectification to rule improvement, the Jiading District Procuratorate added a "security lock" to personal information in the name of public interest litigation.
Back in 2025, the Public Interest Litigation Prosecution Department of the Jiading District Procuratorate launched an investigation into a half-marathon held in the area based on clues provided by volunteers. It was discovered that two picture live broadcast applets officially cooperated with the event contained a large number of photos of the contestants, and their faces, number plates, names and other information were clearly visible. These photos can be accessed without logging in, exposing personal information to high-risk vulnerabilities. The prosecutor in charge further scanned the official QR code of the event and found two ranking lists: the "Official Personal List" and the "Personal List of a Sports Service Software", which respectively displayed player names, participation numbers, completion time, personal rankings and other data. "If the contestants use the same nickname in the two lists, the two can be connected to each other and their personal identity can be accurately locked." Yuan Hang, assistant prosecutor of the Public Interest Litigation Prosecution Department of the Jiading District Procuratorate, said. This means that the identity, performance and even the trajectory of specific contestants can be easily locked just through public information.
In addition to the fact that information can be easily obtained by strangers, the Judicial Authentication Center of the Shanghai People's Procuratorate also discovered a deeper problem when assisting in remote investigation and evidence collection: there is a face recognition function in the photo live broadcast applet. When users search for photos, the system will detect and compare the faces in the photos, extract facial features and return matching results. "Facial information is unique and unchangeable for life. Once leaked, it will not only directly expose personal privacy, but also be easily used by criminals for precise fraud or identity theft." Yuan Hang said, "Inspection technicians discovered during the performance of their duties that the cumulative number of event photos stored in the mini program increased from more than 5,000 at the beginning to more than 600,000 in 2025." The scale of data is so huge, but relevant personal information protection measures have not been followed up at the same time.
In fact, although contestants authorize the event to use their portraits when registering, there has been controversy as to whether the authorization of the portrait is equivalent to the authorization to use facial information. At that time, a new round of marathon events was about to start. How to clarify the legal boundaries and eliminate safety hazards before the event became an urgent issue before the prosecutor. To this end, the Jiading District Procuratorate quickly organized a special seminar and invited the Municipal Procuratorate, District Court, Jiading Public Security Bureau, District Internet Information Office, event organizers, experts and scholars to conduct in-depth discussions around focus issues. Participants agreed that: on the one hand, facial information in event photos is personal sensitive information, and its storage and disclosure period exceeds the necessary limit, and no specific person can view and download it at will; on the other hand, portrait authorization does not equal authorization to use facial information. The picture live broadcast applet uses facial recognition technology in the process of retrieving photos to convert images into biometric codes, which is the processing of sensitive personal information and requires separate consent from the user. "It is recommended to upgrade from single-factor authentication to two-factor authentication, for example by adding a mobile phone verification code or generating an exclusive serial number, and then adding a lock to personal information." Experts at the meeting also proposed, "Event organizers should clearly inform players of the information collection scope and retention period, as short as possible, and delete it in time."
After the seminar, the procuratorial organ immediately issued procuratorial recommendations to relevant functional departments, recommending that the supervision and management responsibilities of personal information processing activities and data security in sports events be performed in accordance with the law: all photos of previous events should be removed from the shelves before the game, and access thresholds should be set for photos on subsequent event photo live broadcast platforms; at the same time, contestants should be clearly informed of their right to know and the right to withdraw consent, and the collection, storage, and disclosure of personal information during events should be promoted in an orderly manner.
After receiving the suggestions, the organizer acted quickly and a series of corrective measures were fully implemented before the gun was fired. On the day of the event, police officers from the Public Interest Litigation Procuratorial Department and Shanghai TV reporters carried out a "look back" operation to verify the effectiveness of rectifications on the spot. The results showed that the photo live broadcast applet has removed the photos of previous events and added the "last four digits of the ID number plus the number plate" double verification in the new round of event photo live broadcast. Strangers cannot retrieve and download the photos at will. At the same time, the platform clearly informs users of the scope of photo collection, usage methods, and storage period before the game, allowing players to make authorizations based on full knowledge.
At the "Looking Back" scene, reporters followed the prosecutor and visited many contestants. When it comes to the protection of personal information, a player who just crossed the finish line said bluntly: "I still don't want to make all my whereabouts, face and even identity information public." Now, with the implementation of measures such as double verification and expiration removal, players have a significantly stronger sense of security about their personal information. "Everyone should pay attention to the event organizer's notice on the handling of personal information. If the organizer does not make it clear, you can take the initiative to ask. We have the right to refuse to be photographed, and we also have the right to request that our information not be disclosed. This is the right given to everyone by the law." Wang Bin, business director of the public interest litigation and prosecution department of the Jiading District Procuratorate, reminded.
In response to the risk of historical data, the event organizer has removed more than 800,000 photos of previous contestants from the shelves, and will remove more than 690,000 event photos in 2026 from the shelves on March 1. At this point, the "safety lock" was finally added to the personal information involving marathon runners, driven by the prosecutor's office.
