In the wake of jarring revelations about how United States law enforcement agencies have deployed facial recognition, Congress seemed, for a moment, galvanized to act. Based on a Homeland Security Committee hearing in the House Wednesday, that moment appears to be fading—as hundreds of local, state, and federal law enforcement officials continue to amass and access the controversial data every day.
Some municipalities—San Francisco and Somerville, Massachusetts, among them—have proactively banned law enforcement’s use of facial recognition. And more localized entities, like the New York State Education Department, have barred it in certain circumstances as well. And even police bodycam maker Axom has declined to incorporate it into its products. But the longer Congress declines to act on a broader level, the more entrenched the technology becomes and the harder it will be for opponents to overcome its inertia.
Lily Hay Newman covers information security, digital privacy, and hacking for WIRED.
That tension played out on Capitol Hill Wednesday, where legislators seemed alternately wary of facial recognition’s civil rights implications and enthusiastic about its benefits to law enforcement. Some representatives seemed impressed by the technology’s accuracy. But others noted that those statistics vary widely based on whether a system is assessing images that are well lit and show full faces, as well as factors like race and sex. The mixed reaction to a panel of Customs and Border Protection, Transportation Security Administration, and Secret Service officials was a stark contrast to two recent House Committee on Oversight and Reform hearings, in which lawmakers expressed deep concern about facial recognition’s potential for misuse and abuse.
“Each of these methods present unique privacy considerations, but also clear security benefits,” Representative Mike Rogers (R-Alabama) said in Wednesday’s hearing. “DHS’s primary focus is facial recognition at TSA and CBP checkpoints where travelers are already providing IDs to government employees … Automating this process with biometric technology will improve transportation security.”
A major focus of Wednesday’s hearing was the May data breach of Customs and Border Protection contractor Perceptics, which exposed photos of travelers and license plates related to about 100,000 people. But that’s just one in a sea of recent troubling reports. Georgetown Law’s Center on Privacy and Technology disclosed findings on Sunday, first published by The Washington Post, that the FBI and Immigration and Customs Enforcement both access millions of US citizens’ photos through state driver’s license databases. Separately, local police forces have been caught experimenting with using unconventional data, like sketches or photos of celebrities that resemble suspects, to feed facial recognition systems.
Absent Congressional traction, privacy and civil liberties groups among others have redoubled their efforts to rein facial recognition in. On Wednesday, ACLU of Massachusetts announced that it is suing the Massachusetts Department of Transportation to find out more about how its driver’s license database is used for facial recognition. Previously, the organization shared emails with WIRED, obtained from a Freedom of Information Act request, that exposed the Massachusetts State Police’s lack of oversight regarding the technology’s use. Among other questions, ACLU of Massachusetts requested information on how many times the agency’s facial recognition database had been queried, by whom, and for what reasons.
“While the auditing feature does allow us to track users, it is not fully comprehensive,” wrote Massachusetts State Police Privacy Officer Jason Stelmat to the ACLU in April. “Our toolset does capture many of the user functions, but it does not cleanly capture every user function performed … There is no direct feature within the administrative tool to produce the information you are requesting related to Face Match usage.”
Kade Crockford, director of ACLU of Massachusetts’ Technology for Liberty Program, says findings like these surprise her even given the chaotic, unregulated intersection of law enforcement and facial recognition. “I found it shocking that the State Police has a facial recognition program that can access four million mugshots and not only do they not know how many times users have queried that Face Match system, but they cannot know. It means nobody is even curious internally about implementing these types of tools. I find that to be, frankly, appalling.”
“This technology is dangerous.”
Evan Greer, Fight for the Future
Elsewhere, the digital rights advocacy group Fight for the Future announced on Tuesday that it was launching a campaign to call for a total federal ban of facial recognition surveillance technology. And in advance of Wednesday’s hearing, the Electronic Privacy Information Center published a coalition letter to the House Homeland Security Committee calling for DHS to suspend its use of facial recognition on the general public.
“This technology is dangerous, it has the potential to exacerbate existing forms of discrimination, automate racial profiling, and expand other inequities that already exist,” says Evan Greer, deputy director of Fight for the Future. “Congress has the authority to pass a law that says law enforcement agencies can’t use this technology. That’s absolutely within the purview of the legislature.”
First, though, Congress needs to agree not only on if it should draw a line, but where. John Wagner, deputy executive assistant commissioner in CBP’s Office of Field Operations, argued Wednesday that CBP’s use of facial recognition as part of immigration processing for US citizens does not constitute a “surveillance program,” since those travelers would have their photo IDs assessed by a CBP agent anyway. The added layer of facial recognition, the logic goes, is simply a more efficient way to implement existing screening measures. No one on the committee challenged Wagner’s assertion, and many legislators seemed emboldened about the promise of facial recognition technology as the hearing went on.
“It’s always a balance in this Committee when we deal with security issues—we deal with privacy and civil liberties—we always have to balance these as Americans,” said Representative Michael McCaul (R-Texas). “And I think it’s important that we balance those factors. But I wouldn’t want to throw the baby out with the bathwater.”
Privacy advocates, perhaps not surprisingly, see instead an effort to normalize facial recognition’s unregulated expansion in law enforcement. But they also say that it’s not too late to make radical changes to how it’s used.
“I absolutely think you can roll back the clock,” says ACLU of Massachusetts’ Crockford. “This technology was built and deployed by human beings and can be dismantled by human beings. My major concern is whether the political will exists to do it.”
Additional reporting by Louise Matsakis.