Privacy Groups Sound the Alarm Over FBI’s Facial-Recognition Technology

Advocates are pushing Attorney General Eric Holder to assess the privacy impact of the FBI’s controversial database that is expected to become fully operational later this year.

A 3D facial recognition program is demonstrated during the Biometrics 2004 exhibition and conference October 14, 2004 in London.
National Journal
Dustin Volz
June 24, 2014, 9:09 a.m.

More than 30 pri­vacy and civil-liber­ties groups are ask­ing the Justice De­part­ment to com­plete a long-prom­ised audit of the FBI’s fa­cial-re­cog­ni­tion data­base.

The groups ar­gue the data­base, which the FBI says it uses to identi­fy tar­gets, could pose pri­vacy risks to every Amer­ic­an cit­izen be­cause it has not been prop­erly vet­ted, pos­sesses du­bi­ous ac­cur­acy bench­marks, and may sweep up im­ages of or­din­ary people not sus­pec­ted of wrong­do­ing.

In a joint let­ter sent Tues­day to At­tor­ney Gen­er­al Eric Hold­er, the Amer­ic­an Civil Liber­ties Uni­on, the Elec­tron­ic Fron­ti­er Found­a­tion, and oth­ers warn that an FBI fa­cial-re­cog­ni­tion pro­gram “has un­der­gone a rad­ic­al trans­form­a­tion” since its last pri­vacy re­view six years ago. That lack of re­cent over­sight “raises ser­i­ous pri­vacy and civil-liberty con­cerns,” the groups con­tend.

“The ca­pa­city of the FBI to col­lect and re­tain in­form­a­tion, even on in­no­cent Amer­ic­ans, has grown ex­po­nen­tially,” the let­ter reads. “It is es­sen­tial for the Amer­ic­an pub­lic to have a com­plete pic­ture of all the pro­grams and au­thor­it­ies the FBI uses to track our daily lives, and an un­der­stand­ing of how those pro­grams af­fect our civil rights and civil liber­ties.”

The Next Gen­er­a­tion Iden­ti­fic­a­tion pro­gram — a bio­met­ric data­base that in­cludes iris scans and palm prints along with fa­cial re­cog­ni­tion — is sched­uled to be­come fully op­er­a­tion­al later this year and has not un­der­gone a rig­or­ous pri­vacy lit­mus test — known as a Pri­vacy Im­pact As­sess­ment — since 2008, des­pite pledges from gov­ern­ment of­fi­cials.

“One of the risks here, without as­sess­ing the pri­vacy con­sid­er­a­tions, is the pro­spect of mis­sion creep with the use of bio­met­ric iden­ti­fi­ers,” said Jeram­ie Scott, na­tion­al se­cur­ity coun­sel with the Elec­tron­ic Pri­vacy In­form­a­tion Cen­ter, an­oth­er of the let­ter’s sig­nat­or­ies. “it’s been al­most two years since the FBI said they were go­ing to do an up­dated pri­vacy as­sess­ment, and noth­ing has oc­curred.”

The fa­cial-re­cog­ni­tion com­pon­ent of the data­base, however, is what pri­vacy ad­voc­ates find most alarm­ing. The FBI pro­jects that by 2015 the fa­cial-re­cog­ni­tion data­base could cata­log up to 52 mil­lion face pho­tos. A sub­stan­tial por­tion of those — about 4.3 mil­lion — are ex­pec­ted to be gleaned from non­crim­in­al pho­to­graphy, such as em­ploy­er back­ground checks, ac­cord­ing to pri­vacy groups.

But earli­er this month, FBI Dir­ect­or James Comey told Con­gress the data­base would not col­lect and store pho­tos of av­er­age ci­vil­ians and is in­ten­ded to “find bad guys by match­ing pic­tures to mug­shots.” But pri­vacy hawks re­main con­cerned that im­ages may be shared among the FBI and oth­er agen­cies, such as the De­fense De­part­ment and Na­tion­al Se­cur­ity Agency, and even state mo­tor-vehicle de­part­ments.

{{ BIZOBJ (video: 5040) }}

Comey, dur­ing his testi­mony, did not com­pletely re­fute the sug­ges­tion that pho­tos would be shared with states.

“There are some cir­cum­stances in which when states send us re­cords, they’ll send us pic­tures of people who are get­ting spe­cial driv­ing li­censes to trans­port chil­dren or ex­plos­ive ma­ter­i­als or something,” Comey said. “But as I un­der­stand it, those are not part of the search­able Next Gen­er­a­tion Iden­ti­fic­a­tion data­base.”

Cur­rently, no fed­er­al laws lim­it the use of fa­cial-re­cog­ni­tion soft­ware, either by the private sec­tor or the gov­ern­ment.

A 2010 gov­ern­ment re­port made pub­lic last year through a Free­dom of In­form­a­tion Act re­quest filed by the Elec­tron­ic Pri­vacy In­form­a­tion Cen­ter stated that the agency’s fa­cial-re­cog­ni­tion tech­no­logy could fail up to 20 per­cent of the time. When used against a search­able re­pos­it­ory, that fail­ure rate could be as high as 15 per­cent.

But even those num­bers are mis­lead­ing, pri­vacy groups con­tend, be­cause a search can be con­sidered a suc­cess if the cor­rect sus­pect is lis­ted with­in the top 50 can­did­ates. Such an “over­whelm­ing num­ber” of false matches could lead to “great­er ra­cial pro­fil­ing by law en­force­ment by shift­ing the bur­den of iden­ti­fic­a­tion onto cer­tain eth­ni­cit­ies.”

Fa­cial-re­cog­ni­tion tech­no­logy has re­cently en­dured heightened scru­tiny from the anti-gov­ern­ment-sur­veil­lance crowd for its po­ten­tial as an in­vas­ive means of track­ing. Last month, doc­u­ments sup­plied by Ed­ward Snowden to The New York Times re­vealed that the Na­tion­al Se­cur­ity Agency in­ter­cepts “mil­lions of im­ages per day” as part of a pro­gram of­fi­cials be­lieve could fun­da­ment­ally re­vo­lu­tion­ize the way gov­ern­ment spies on in­tel­li­gence tar­gets across the globe. That daily cache in­cludes about 55,000 “fa­cial-re­cog­ni­tion qual­ity im­ages,” which the NSA con­siders pos­sibly more im­port­ant to its mis­sion than the sur­veil­lance of more tra­di­tion­al com­mu­nic­a­tions.

When asked for com­ment, the Justice De­part­ment would only say it was re­view­ing the let­ter.

What We're Following See More »
Trump Leads Tightly Packed Group Vying for Second
2 hours ago

In one of the last surveys before New Hampshirites actually vote, a Monmouth poll has Donald Trump with a big edge on the Republican field. His 30% leads a cluster of rivals in the low-to-mid teens, including John Kasich (14%), Jeb Bush and Marco Rubio (13% each) and Ted Cruz (12%). On the Democratic side, Bernie Sanders leads Hillary Clinton 52%-42%.