How would you react if a requirement of renewing your driver’s license was having your fingerprints put in a law enforcement database? Not happy?
Fingerprints, after all, are associated with criminal suspects.
And when the Department of Motor Vehicles staffer told you not to smile for your driver’s license photo, you thought it looked like an arrest mug shot.
What you weren’t told was that photo is now in a law enforcement database — among 170 million from 18 states, including Iowa, accessible to the FBI and other law enforcement agencies as part of a facial recognition program.
The FBI began its Next Generation Identification program, an advanced biometric database, in 2010, adding facial recognition and other capabilities to complement fingerprint and DNA databases. The FBI collects fingerprints and DNA after an arrest, but driver’s license photos don’t require interaction with law enforcement.
According to Georgetown Law School’s Center on Privacy & Technology, the Iowa Department of Transportation and Department of Public Safety agreed in 2014 the DPS would pay to upgrade the DOT’s facial recognition system in return for the photos. The FBI also received access.
Some murky guidelines exist.
“According to DPS, personnel need reasonable suspicion of criminal activity before running a face recognition search,” the Center on Privacy & Technology reported. “However, DPS ‘has not yet adopted a final policy’ governing law enforcement face recognition searches on the grounds that it is waiting to determine ‘what uses may be accurate or inaccurate, reliable or unreliable, appropriate or inappropriate.’”
The FBI never told the public what it was doing. Nor did it publish the legally required privacy impact assessment for five years. The GAO report gets to the crux of some major problems in its title, “Face Recognition Technology: FBI Should Better Ensure Privacy and Accuracy.”
The House Committee on Oversight and Government was unhappy to learn, all told, 400 million photos of Americans’ faces are archived in local, state and federal law enforcement facial recognition databases. An estimated 80 percent of those faces belong to people never criminally charged.
“I’m frankly appalled,” Rep. Paul Mitchell, R-Mich., told Kimberly Del Greco, the FBI deputy assistant director of criminal justice, during a hearing. “I wasn’t informed when my driver’s license was renewed my photograph was going to be in a repository that could be searched by law enforcement across the country.”
Rep. Stephen Lynch, D-Mass., wanted warrants required for facial recognition searches using the databases, stating, “This is really Nazi Germany here, what we’re talking about.”
Committee chairman Jason Chaffetz, R-Utah, warned the technology — together with police body cameras — “can be used in a way that chills free speech and free association by targeting people attending certain political meetings, protests, churches or other types of places in the public. … In the wrong hands, nefarious hands … it does scare me.”
He asked Del Greco, “Are you aware of any other country that does this?” She didn’t respond.
Chaffetz added, “Facial recognition technology does make mistakes.”
He’s correct. The facial recognition algorithms are inaccurate about 15 percent when attempting to identify matches. It’s far more prone to misidentify people with darker skin. Yet, according to the GAO, the real accuracy isn’t known because the FBI didn’t track failures during more than 36,000 searches.
“It doesn’t know how often the system incorrectly identifies the wrong subject,” said the GAO’s Diana Maurer. “Innocent people could bear the burden of being falsely accused, including the implication of having federal investigators turn up at their home or business.”
Del Greco said the system has generated investigative leads and “enhanced the ability to solve crimes.” One notable success was the arrest of alleged child molester Charles Hollin, a fugitive for 18 years identified through a passport photo on file.
It’s nonsensical to scrap investigations involving facial recognition, which can be a valuable tool to apprehend dangerous felons (as depicted on countless TV and movie law enforcement dramas). But parameters must be established to protect privacy.
Alvaro Bedoya, executive director of Center on Privacy & Technology, recommended:
Consent from state legislatures to search databases, but only when there’s probable cause — as in wiretap cases —to implicate the subject in a felony.
The FBI scrubs its databases to remove the innocent.
The FBI is transparent and allows audits by federal agencies to ensure it is meeting privacy requirements.
While it remains an affront to basic privacy concerns the facial recognition program has gotten this far without a public airing, those recommendations are a good start. But much more discussion is needed.