Homeland Security sued over secretive use of face recognition
The American Civil Liberties Union (ACLU) is suing the Department of Homeland Security (DHS) over its failure to cough up details about its use of facial recognition at airports.
Along with the New York Civil Liberties Union, the powerful civil rights group filed the suit in New York on Thursday. Besides the DHS, the suit was also filed against US Customs and Border Protection (CBP), Immigration and Customs Enforcement (ICE), and the Transportation Security Administration (TSA).
The ACLU says that the lawsuit challenges the secrecy that shrouds federal law enforcement’s use of face recognition surveillance technology.
Ashley Gorski, staff attorney with the ACLU’s National Security Project, said in a release that pervasive use of face surveillance “can enable persistent government surveillance on a massive scale.”
The public has a right to know when, where, and how the government is using face recognition, and what safeguards, if any, are in place to protect our rights. This unregulated surveillance technology threatens to fundamentally alter our free society and is in urgent need of democratic oversight.
The ACLU had filed Freedom of Information Act (FOIA) requests to find out how the agencies are using the surveillance technologies at airports – requests that the agencies ignored.
In its suit, the ACLU demands that the agencies turn over records concerning:
- Plans for further implementation of face surveillance at airports;
- Government contracts with airlines, airports, and other entities pertaining to the use of face recognition at the airport and other ports of entry;
- Policies and procedures concerning the acquisition, processing, and retention of our biometric information; and
- Analyses of the effectiveness of facial recognition technology.
As the ACLU’s complaint tells it, in 2017, CBP began a program called the Traveler Verification Service (TVS) that involves photographing travelers during entry or exit from the country.
The program involves the use of facial recognition technology to compare the photographs with faceprints that the government already has – a huge collection of biometrics that just keeps getting bigger. In June 2019, the General Accountability Office (GAO) said that the FBI’s facial recognition office can now search databases containing more than 641 million photos, including 21 state databases (a number that’s ballooned from the 412 million images the FBI’s Face Services unit had access to at the time of a GAO report from three years prior).
CBP’s piece of that burgeoning pie: as of June 2019, the agency had processed more than 20 million travelers using facial recognition, the ACLU says.
Major airlines and airports have partnered with CBP on TVS. As of August 2019, 26 airlines and airports had committed to employing CBP’s face-matching technology, and several airlines have already incorporated it into boarding procedures for outbound international flights.
It’s being done behind closed doors, the ACLU says. The public knows little about the nature of these partnerships, nor about the policies and privacy safeguards governing the processing, retention, and dissemination of data collected or generated through TVS.
It’s certainly not the first time that CBP has kept details about its images to itself. In June 2019, hackers managed to steal photos of travelers and license plates from a CBP database. In violation of CBP policies, the database had been copied by a subcontractor to its own network. Then, the subcontractor’s network had been hacked.
Initial reports indicated that the breach involved images of fewer than 100,000 people in vehicles coming and going through a few specific lanes at a single port of entry into the US over the previous one-and-a-half months.
While the image data wasn’t immediately put up for sale on the Dark Web, the breach showed that this type of data is of interest to hackers… and that government agencies are capable of losing control of it.