FOIA Documents Detail DHS/CBP's Rules-Free Rollout Of Biometric Scanning Program
from the where-we're-going-we-don't-need-rules dept
The push is on to implement biometric screening at major US airports. The DHS has been pushing this for awhile, telling concerned travelers all they need to do to opt out is not travel. The pilot programs don't seem to have produced anything in the way of actionable results, but the administration's insistence that the US is surrounded by terrorists has dropped a lead foot on the DHS's gas pedal, resulting in an accelerated process that ignores both concerns about biometric scanning tech and the concerns of the traveling public that will be subjected to it.
EPIC's numerous FOIAs have resulted in an impressive stash of documents detailing the DHS's biometric scanning surge.
According to 346 pages of documents obtained by the nonprofit research organization Electronic Privacy Information Center — shared exclusively with BuzzFeed News and made public on Monday as part of Sunshine Week — US Customs and Border Protection is scrambling to implement this “biometric entry-exit system,” with the goal of using facial recognition technology on travelers aboard 16,300 flights per week — or more than 100 million passengers traveling on international flights out of the United States — in as little as two years, to meet Trump's accelerated timeline for a biometric system that had initially been signed into law by the Obama administration. This, despite questionable biometric confirmation rates and few, if any, legal guardrails.
The documents contain little that suggests the DHS will be addressing the numerous concerns that have resulted from its biometric scanning rollout. Nothing delivered by the CBP shows any limits placed on partnerships with the private companies supplying the tech, including their use of the wealth of data supplied by travelers. Data-sharing appears to be part of the CBP's plan, and there's nothing in the paperwork suggesting the government will deter private companies from exploiting the biometric data their scanners collect.
What little the CBP did have to say about its biometric scanning program is that it's definitely going to happen and it's definitely going to keep expanding. And it's going to do this under the cover of darkness as the CBP moves forward with the program it sells as a "convenience for travelers."
The documents also suggest that CBP skipped portions of a critical “rulemaking process,” which requires the agency to solicit public feedback before adopting technology intended to be broadly used on civilians, something privacy advocates back up.
Minimal oversight meets minimal transparency. It's the sort of officious brushoff we've come to expect from terrorism-related government programs. The less the public knows, the less likely it is to express its concerns in actionable ways. The rollout also has the advantage of operating in a legal vacuum. There's not a lot of casework on the suspicionless gathering of biometric data. It could be argued someone's face has no privacy expectations when it's being worn out in public, but it doesn't necessarily follow that the government should be able to collect this data en masse and hold onto it for an indefinite period of time.
So far, data shows facial recognition tech isn't the miracle proponents believe it is. Deployed systems have tended to produce a large number of false positives. And if they're kicking out false positives on a regular basis, they're also likely missing the people the systems are supposed to identify and remove from circulation. The government's refusal to discuss the limitations and use of this tech publicly only adds to the problem. The public's best source of info comes from documents sued out of the agency's hands. Forced transparency isn't really transparency.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: airports, biometric scanning, cbp, dhs, facial recognition, homeland security, surveillance, travel
Reader Comments
Subscribe: RSS
View by: Time | Thread
Yeah, saw this in "Total Recall".
It's as though we live the 21st century and all the sci-fi is coming true.
But since Schwarzenegger foiled not only facial recognition but the X-ray gadget, so can anyone. Don't panic. But keep towels handy.
[ link to this | view in thread ]
Do we really want to encourage violent sociopaths to kill people, steal their faces, and wear the stolen faces in public?
[ link to this | view in thread ]
DHS left part of their rump uncovered?
So, they skipped part of the rulemaking process? That sounds like an APA (Administrative Procedure Act) violation if you ask me....now, is there anyone around with standing to challenge this?
[ link to this | view in thread ]
I'm sure Hitler would be proud!
[ link to this | view in thread ]
They could tie this in with their "social score" data and ding you every time you are seen not smiling, because as we all know it is required to be happy as there is nothing wrong.
[ link to this | view in thread ]
Re:
We already have social scores. They're called bank accounts.
[ link to this | view in thread ]
Re: Re:
"We already have social scores. They're called bank accounts."
and that is huge part of the problem.
Soon, your credit score will become a method used to determine your societal worth, based solely upon bullshit.
[ link to this | view in thread ]
Like Eleanor Rigby?
Eleanor Rigby wears a face she keeps in a jar by the door.
[ link to this | view in thread ]
I sense a new rise in punk, metal and Hip Hop
Soon everyone will wear KISS / ICP make up while they travel.
It's part of my religion. It can be part of yours too.
[ link to this | view in thread ]
Re: I sense a new rise in punk, metal and Hip Hop
Either that or V for Vendetta masks. Can you imagine an airport full of masked mustached would-be passengers?
[ link to this | view in thread ]
Biometrics...
Biometrics DONT work unless you do them properly..
1..
You have to do more then 1 thing..Facial ID is abit simple..in the past and now, it dont work well. 1 bald man can look like another, very easily.
2.
Hand prints, can help, the WHOLE HAND, not 1-2 fingers.
3.
there has to be a 3rd, even if its tattoo, Foot size, body scan, An x-ray...
3 points of reference.
If the USA keeps pissing off everyone int the world, it might be nice.
But it also leads to every person in the USA being Bagged/tagged,. to have Proof of ID..
[ link to this | view in thread ]
Re: Like Eleanor Rigby?
They will outlaw make-up at some point when travelling. It make eventually happen that many will opt out of life on earth because the assholes are so thick.
[ link to this | view in thread ]
Re: Re: I sense a new rise in punk, metal and Hip Hop
Hooky/hokey/hockey Mask, shoot it..
[ link to this | view in thread ]
Setting aside the actual topic of this article completely (and make no mistake, I am firmly in camp stop-spying-on-me-and-my-fellow-air-travelers), I want to point out that this probably isn't correct.
Facial recognition technology relies on machine learning to use information from images to assign a probability that a particular image is of a particular person. (E.g., Picture A has an 87% probability of being Joe Shmoe.) So whoever is getting the results here has to set a threshold, above which they accept that Picture A is of Joe Shmoe.
Thus, the false positive rate is likely due to setting a low threshold for classifying a match (although there is a VERY DISTINCT possibility that it's also because the people training the facial recognition technology did it stupidly), which means that they are actually not likely to be missing the people they're looking for (if you predict everyone's a terrorist, you won't miss any terrorists). Of course, that leads into another problem TechDirt has discussed in the past, which is finding a needle in a haystack of needles, further emphasizing how stupidly pointless this whole exercise is.
[ link to this | view in thread ]