FOIA Documents Detail DHS/CBP's Rules-Free Rollout Of Biometric Scanning Program

from the where-we're-going-we-don't-need-rules dept

The push is on to implement biometric screening at major US airports. The DHS has been pushing this for awhile, telling concerned travelers all they need to do to opt out is not travel. The pilot programs don’t seem to have produced anything in the way of actionable results, but the administration’s insistence that the US is surrounded by terrorists has dropped a lead foot on the DHS’s gas pedal, resulting in an accelerated process that ignores both concerns about biometric scanning tech and the concerns of the traveling public that will be subjected to it.

EPIC’s numerous FOIAs have resulted in an impressive stash of documents detailing the DHS’s biometric scanning surge.

According to 346 pages of documents obtained by the nonprofit research organization Electronic Privacy Information Center — shared exclusively with BuzzFeed News and made public on Monday as part of Sunshine Week — US Customs and Border Protection is scrambling to implement this “biometric entry-exit system,” with the goal of using facial recognition technology on travelers aboard 16,300 flights per week — or more than 100 million passengers traveling on international flights out of the United States — in as little as two years, to meet Trump’s accelerated timeline for a biometric system that had initially been signed into law by the Obama administration. This, despite questionable biometric confirmation rates and few, if any, legal guardrails.

The documents contain little that suggests the DHS will be addressing the numerous concerns that have resulted from its biometric scanning rollout. Nothing delivered by the CBP shows any limits placed on partnerships with the private companies supplying the tech, including their use of the wealth of data supplied by travelers. Data-sharing appears to be part of the CBP’s plan, and there’s nothing in the paperwork suggesting the government will deter private companies from exploiting the biometric data their scanners collect.

What little the CBP did have to say about its biometric scanning program is that it’s definitely going to happen and it’s definitely going to keep expanding. And it’s going to do this under the cover of darkness as the CBP moves forward with the program it sells as a “convenience for travelers.”

The documents also suggest that CBP skipped portions of a critical “rulemaking process,” which requires the agency to solicit public feedback before adopting technology intended to be broadly used on civilians, something privacy advocates back up.

Minimal oversight meets minimal transparency. It’s the sort of officious brushoff we’ve come to expect from terrorism-related government programs. The less the public knows, the less likely it is to express its concerns in actionable ways. The rollout also has the advantage of operating in a legal vacuum. There’s not a lot of casework on the suspicionless gathering of biometric data. It could be argued someone’s face has no privacy expectations when it’s being worn out in public, but it doesn’t necessarily follow that the government should be able to collect this data en masse and hold onto it for an indefinite period of time.

So far, data shows facial recognition tech isn’t the miracle proponents believe it is. Deployed systems have tended to produce a large number of false positives. And if they’re kicking out false positives on a regular basis, they’re also likely missing the people the systems are supposed to identify and remove from circulation. The government’s refusal to discuss the limitations and use of this tech publicly only adds to the problem. The public’s best source of info comes from documents sued out of the agency’s hands. Forced transparency isn’t really transparency.

Filed Under: , , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “FOIA Documents Detail DHS/CBP's Rules-Free Rollout Of Biometric Scanning Program”

Subscribe: RSS Leave a comment
ECA (profile) says:


Biometrics DONT work unless you do them properly..


You have to do more then 1 thing..Facial ID is abit the past and now, it dont work well. 1 bald man can look like another, very easily.
Hand prints, can help, the WHOLE HAND, not 1-2 fingers.
there has to be a 3rd, even if its tattoo, Foot size, body scan, An x-ray…

3 points of reference.

If the USA keeps pissing off everyone int the world, it might be nice.
But it also leads to every person in the USA being Bagged/tagged,. to have Proof of ID..

Anonymous Coward says:

And if they’re kicking out false positives on a regular basis, they’re also likely missing the people the systems are supposed to identify and remove from circulation

Setting aside the actual topic of this article completely (and make no mistake, I am firmly in camp stop-spying-on-me-and-my-fellow-air-travelers), I want to point out that this probably isn’t correct.

Facial recognition technology relies on machine learning to use information from images to assign a probability that a particular image is of a particular person. (E.g., Picture A has an 87% probability of being Joe Shmoe.) So whoever is getting the results here has to set a threshold, above which they accept that Picture A is of Joe Shmoe.

Thus, the false positive rate is likely due to setting a low threshold for classifying a match (although there is a VERY DISTINCT possibility that it’s also because the people training the facial recognition technology did it stupidly), which means that they are actually not likely to be missing the people they’re looking for (if you predict everyone’s a terrorist, you won’t miss any terrorists). Of course, that leads into another problem TechDirt has discussed in the past, which is finding a needle in a haystack of needles, further emphasizing how stupidly pointless this whole exercise is.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...