Congress and FBI Seeking to Expand Use of Biometric Identifiers
A few months back I
posted a pretty extensive blog on Facial Recognition technology and the
threat it poses to individual privacy. As I've done in the past, because I know not everyone can read
every post, I'll repeat a few of my thoughts here today before I get to an
outstanding piece by Tana Ganeva of Alternet not JUST about the massive FBI database
- the "largest
biometric database in the world," - containing records for
over a hundred million people, but also the agency's plans for Next
Generation Identification (NGI), “a massive, billion-dollar upgrade that will
hold iris scans, photos searchable with face recognition
technology, palm prints, and measures of gait and voice recordings
alongside records of fingerprints, scars, and tattoos. - particularly in
the workplace (which is especially disturbing).”
For some backdrop on biometrics, you can check out a past post I did about another article by Tana, entitled 5 Unexpected Places You Can Be Tracked With Facial Recognition Technology. As I wrote then, this issue has particular interest to me due to California's recent fight that we (Consumer Federation of California) were deeply involved in - whether biometric identifiers should be used by the DMV (we were able, with a host of other groups, to stop them).
As for the larger concern over facial recognition technology, groups from the Privacy Rights Clearinghouse (PRC) to the ACLU to the Electronic Frontier Foundation to EPIC have all been very active in making the case that there is a very real threat to privacy at stake in determining just how, and when, this technology can be used.
Again, going back to a prior post, I wrote: "First, let me refresh everyone on the concept of biometric identifiers - like fingerprints, facial, and/or iris scans. These essentially match an individual’s personal characteristics against an image or database of images. Initially, the system captures a fingerprint, picture, or some other personal characteristic, and transforms it into a small computer file (often called a template). The next time someone interacts with the system, it creates another computer file.
There are a number of reasons why such technological identifiers should concerns us. So let's be real clear, creating a database with millions of facial scans and thumbprints raises a host of surveillance, tracking and security question - never mind the cost. And as you might expect, such identifiers are being utilized by entities ranging from Facebook to the FBI. In fact, the ACLU of California is currently asking for information about law enforcements’ use of information gathered from facial recognition technology (as well as social networking sites, book providers, GPS tracking devices, automatic license plate readers, public video surveillance cameras)."
But for today’s sake, let’s hone in on the articles by Tana Ganeva in Alternet entitled 5 Things You Should Know About the FBI's Massive New Biometric Database, as well as a piece by the Cato Institute detailing all the ways Congress is currently, and aggressively, pushing biometric identifying technologies.
First, let me list the bills, as
identified in the Cato piece that all seek to expand and promote these technologies:
- A Reauthorization and Reform Act of 2011, has passed the House and awaits action in the Senate. It says that “improved pilot licenses” must be capable “of accommodating a digital photograph, a biometric identifier, and any other unique identifier that the Administrator considers necessary.”
- H.R. 1690, the MODERN Security Credentials Act, establishes that air carriers, airport operators, and governments may not employ or contract for the services of a person who has been denied a TWIC card. “TWIC” stands for “Transportation Worker Identity Card,” the vain post-9/11 effort to secure transportation facilities from bad people. TWIC cards use biometrics.
- The Army deploys biometrics. Public Law 112-10, the Department of Defense and Full-Year Continuing Appropriations Act, 2011 (cost per U.S. family: $13,500+) allowed spending on Army field operating agencies “established to improve the effectiveness and efficiencies of biometric activities and to integrate common biometric technologies throughout the Department of Defense.”
- H.R. 1842 is an immigration bill called the Development, Relief, and Education for Alien Minors Act of 2011. (Senate version: S. 952) It would allow an otherwise qualified immigrant to get conditional permanent resident status only after submitting biometric and biographic data for use in security and law enforcement background checks.
- S. 1258 does roughly the same thing with regard to any lawful immigration status. This bill is called the Comprehensive Immigration Reform Act of 2011, one of many attempts at comprehensive reform. In addition to requiring immigrants to submit biometrics, it also requires the government to issue “documentary evidence of lawful prospective immigrant status” that includes a digitized photograph and at least one other biometric identifier. The bill would also reinforce the use of biometrics in employer background checks and at the border.
- H.R. 2463, the Border Security Technology Innovation Act of 2011, calls for continued study of mobile biometric technologies at the border. The Under Secretary for Science and Technology of the Department of Homeland Security would coordinate this research with other biometric identification programs within DHS.
- H.R. 2895, the Legal Agricultural Workforce Act, would create a nonimmigrant agricultural worker program. In the program each nonimmigrant agricultural worker would get an identification card that contains biometric identifiers, including fingerprints and a digital photograph.
- S. 1384, The HARVEST Act of 2011, is similar. In providing for the temporary employment of foreign agricultural workers, it calls for “a single machine-readable, tamper-resistant, and counterfeit-resistant document” that verifies the identity of the alien through the use of at least one biometric identifier.
- H.R. 3735, the Medicare Fraud Enforcement and Prevention Act of 2011, would establish a biometric technology pilot program. The five-year pilot program would use biometric technology seeking to ensure that Medicare beneficiaries “are physically present” when receiving items and services reimbursable under Medicare. How many biometric scanners would have to be out there for that to work?
- S. 744, the Passport Identity Verification Act, calls on the Secretary of State to conduct a study into whether people applying for or renewing passports should provide biometric information, including photographs that facilitate the use of facial recognition technology.
- …S. 1604, the Emergency Port of Entry Personnel and Infrastructure Funding Act of 2011, establishes a grant program in which the Department of Homeland Security would give cash out to state and local law enforcement for the purchase of various technologies including “biometric devices.”
Clearly, biometrics is on the “to do” list of our Congress.
But it gets worse, and that’s where the FBI’s massive database, and its plans
to expand it, comes in.
NGI will expand the type and breadth of information FBI
keeps on all of us," says Sunita Patel of the Center for Constitutional
Rights. "There should be a balance between gathering information for law
enforcement, and gathering information for its own sake."
Here are 5 things you should probably know about NGI:
1. Face Recognition
Here are 5 things you should probably know about NGI:
1. Face Recognition
This month, the FBI is giving police departments in 4 states
access to face recognition technology that lets them search the agency's
mugshot database with only an image of a face. Police can repay the favor
by feeding the FBI mugshots they collect from local arrests, bulking up the
agency's database with images of more and more people.
…
2. Iris Scans
Iris-scanning technology is the centerpiece of the
second-to-last stage in the roll-out of NGI (scheduled for sometime before
2014). Iris scans offer up several advantages to law enforcement, both in
terms of identifying people and fattening up databases.
The pattern of an iris is so unique it can distinguish
twins, and it allegedly stays the same throughout a person's life. Like
facial recognition, iris scans cut out the part where someone has to be
arrested or convicted of a crime for law enforcement to grab a record of their
biometric data.
…
3. Rap-Back System
A lot of the action in the FBI's fingerprint database is in
background checks for job applicants applying to industries that vet for
criminal history, like taking care of the elderly or children, hospital work,
and strangely, being a horse jockey in Michigan. As Cari Athens, writing for
the Michigan Telecommunications and Law Review points out,
if a job applicant checks out, the FBI either destroys the prints or returns
them to the employer. But that's no fun if the goal is to collect vast amounts
of biometric data!
…
4. Data Sharing Between Agencies
The roll-out of NGI advances another goal: breaking down
barriers between databases operated by different agencies. One of the
directives of the billion-dollar project is to grease information swapping
between the Department of Homeland Security, the State Department, the
Department of Justice, and the Department of Defense. The DOJ and DHS have
worked toward "interoperatibility" between their databases
for years. In 2009, the Department of Defense and DOJ also signed on
to an agreement to share biometric information.
…
5. NGI and Secure Communities (S-Comm)
One recent test run in interagency data-sharing has not gone
particularly well: Secure Communities, a DHS program that lets local law
enforcement officials run the fingerprints of people booked in jails against
the IDENT database to check their immigration status and tip off ICE to
undocumented immigrants.
Like many policies targeting America's immigrant population,
Secure Communities (S-Comm) -- pitched as protection against violent criminals
-- devolved into dragnets and mass deportations, with people getting
dragged in for minor offenses like missing business permits and even for
reporting crimes. In one incident a woman called the police about a
domestic violence incident, only to be ensnared in deportation proceedings
herself. As Marie Diamond points out in Think
Progress, DHS's immigration databases have so many errors that the program
"routinely flags citizens as undocumented immigrants."
…
What could possibly go wrong?
Advancements in the collection of biometric data are
double-edged: there's the threat of a massive government surveillance
infrastructure working too well -- e.g., surveillance state
-- and there are concerns about its weaknesses, especially in keeping data
secure.
A breach of a sophisticated, multi-modal biometric database
makes for a nightmarish scenario because the whole point of biometric data is
that it offers unique ways to ID people, so there's no easy fix -- like a password
change -- for compromised biometric data. Pointing to the dangers of
identify theft of biometric data, Patel observes that, "Unlike a password,
the algorithm of an iris can't be changed."
As I have often stated, "What concerns me is
what are the side effects of living in a society without privacy. Where are we
left when the power of corporate or government interests to monitor everything
we do is absolute?
Whether its the knowledge that everything we do on the internet is followed and stored, that we can be wiretapped for no reason and without a warrant or probable cause, that smart grid systems monitor our daily in home habits and actions, that our emails can be intercepted, that our naked bodies must be viewed at airports and stored, that our book purchases can be accessed (particularly if Google gets its way and everything goes electronic), that street corner cameras are watching our every move, and that RFID tags and GPS technology allow for the tracking of clothes, cars, and phones (and the list goes on)...what is certain is privacy itself is on life support in this country...and without privacy there is no freedom. I also fear how such a surveillance society stifles dissent and discourages grassroots political/social activism that challenges government and corporate power...something that we desperately need more of in this country, not less."
Whether its the knowledge that everything we do on the internet is followed and stored, that we can be wiretapped for no reason and without a warrant or probable cause, that smart grid systems monitor our daily in home habits and actions, that our emails can be intercepted, that our naked bodies must be viewed at airports and stored, that our book purchases can be accessed (particularly if Google gets its way and everything goes electronic), that street corner cameras are watching our every move, and that RFID tags and GPS technology allow for the tracking of clothes, cars, and phones (and the list goes on)...what is certain is privacy itself is on life support in this country...and without privacy there is no freedom. I also fear how such a surveillance society stifles dissent and discourages grassroots political/social activism that challenges government and corporate power...something that we desperately need more of in this country, not less."
No comments:
Post a Comment