Error prone, insecure, inevitable: Say hello to today's facial recog tech
If you want a picture of the future, imagine a database with every human visage
Facial recognition technology represents a valuable, and likely inevitable, method of identification for cops and Feds. Unfortunately, it's largely unregulated, error prone, and insecure.
During a hearing held by the US House Committee on Oversight and Government Reform on Wednesday, Chairman Jason Chaffetz (R-Utah) acknowledged the potential utility of facial recognition technology even as he expressed concern about the way it is being used.
Chaffetz said the technology makes mistakes, with one in seven FBI facial recognition searches incorrectly returning a list of innocent people as matches, despite the presence of the actual matching image in the database. Chaffetz also expressed doubts about the government's ability to secure such data. "I don't believe they can keep all this information locked down and secure," he said.
At issue is whether US citizens can avoid being subject to facial recognition scans in public and which laws will govern such systems.
"Is it the right public policy to populate a database with everybody's face in it…or [just those] who have 'earned it'?" mused Chaffetz.
The hearing comes on the heels of a May 2016 Government Accountability Office report, "Facial Recognition Technology," which happens to include a spoiler in its subtitle: "FBI Should Better Ensure Privacy And Accuracy."
The GAO reviewed the FBI's Next Generation Identification-Interstate Photo System (NGI-IPS) and found that the agency failed to publish data on the privacy risks, failed to adequately evaluate the error rate of the technology, and failed to assess the accuracy of systems operated by external partners, such as states and other federal agencies.
Legislators also revisited the findings of a report published last year by Georgetown Law's Center on Privacy and Technology. According to that report, the faces of 125 million US adults have been stored in criminal facial recognition databases, most of them innocent of any crime.
EFF senior staff attorney Jennifer Lynch during her testimony observed, "An inaccurate system will implicate people for crimes they didn't commit," shifting the burden onto those individuals to prove their innocence. And those falsely implicated are more likely to be minorities because of their disproportionate representation in facial recognition databases, Lynch said.
Lynch urged the committee to introduce legislation to require a warrant for accessing non-criminal facial recognition databases and for using real-time facial recognition tracking.
Plans for that are already underway. Earlier in the hearing, Jim Jordan (R-Ohio) said he was working with lawmakers including Ted Lieu (D-Ca.) to developing a legal framework that will limit how facial recognition is used.
In prepared remarks, Alvaro Bedoya, executive director of the Center on Privacy & Technology at Georgetown Law, said law enforcement agencies in Chicago, Dallas, Los Angeles, New York and West Virginia either have brought real-time facial recognition systems, have announced plans to use the technology, or are actively exploring it. An agency in Seattle has such as system, Bedoya said, but does not use it for real-time identification.
Responding to questions during the hearing, Bedoya added that about a quarter of police body camera vendors are making provisions to implement facial recognition support in their devices.
Bedoya concluded his remarks on an optimistic note. "We do not need to choose between safety and privacy. Americans deserve both," he said.
In China, meanwhile, authorities have deployed face scanning to limit excessive use of toilet paper. ®
Sponsored: Becoming a Pragmatic Security Leader