US Postal Service's Social Media Surveillance Program Uses Clearview's Facial Recognition Tech
from the bad-idea-with-even-worse-execution dept
Late last month, it was discovered the United States Postal Service was operating a social media surveillance program. The “why” of this was never explained. Apparently, the USPS has time and money to blow, so it has something called an “Internet Covert Operations Program” (iCOP) which it uses to investigate crimes that definitely are not of a postal nature.
According to the two-page bulletin first reported on by Yahoo News, iCOP was trawling social media looking for “threats.” And the “threats” observed in the report shared with the DHS and its many, many (mostly useless) “Fusion Centers” was that the threats weren’t credible.
Great, I guess, but why is the Postal Service surveilling communications that aren’t being sent through the mail? I’m sorry if it feels a bit left out by the move to email and other electronic communication methods, but wandering around Twitter and Facebook looking for crimes seems to be both a waste of its limited resources and something that really isn’t covered by the directives of the Post Office’s investigative wing.
Well, there’s even worse news to report. Again, Yahoo News is on top of it. It appears the iCOP program makes use of facial recognition tech. And not just any facial recognition tech. It uses the worst, most questionable offering out there at the moment.
Among the tools used by the analysts is Clearview AI, a facial recognition software that scrapes images off public websites, a practice that has raised the ire of privacy advocates. The U.S. Postal Inspection Service uses Clearview’s facial recognition database of over 3 billion images “to help identify unknown targets in an investigation or locate additional social media accounts for known individuals,” according to materials reviewed by Yahoo News.
What was first just confounding is now also stupidly dangerous. Clearview’s tech has never been independently tested. Multiple law enforcement agencies have tried out the product and most feel it’s mostly useless, prone to generating false positives or just a wealth of irrelevant information.
Adding a questionable tool to a questionable surveillance program sounds exactly like the sort of thing you’d get when you ask the people in charge of the snail mail to get online. Yahoo reports other tools are in the mix as well, including software that uses keyword searches to dip into the social media firehose. And there’s one that lets investigators pretend to be people they aren’t while extremely online.
It also uses Nfusion, another software program, to create and maintain anonymous, untraceable email and social media accounts.
For what? So far, all we’ve seen is a lot of time, money, and wtf-ness produce a determination that some threats weren’t actually threats. That doesn’t exactly build confidence in a surveillance program no one outside of the federal government believes the USPS should be engaged in.
Yahoo’s report notes the program dates back to 2018, when the USPS got more involved in tracking criminal activity on the dark web. It apparently expanded its purview to the regular web. According to a USPS statement, surveilling social media platforms and users is essential to protecting postal workers from dangerous situations and threats. But there’s no evidence this program has ever accomplished that goal. All it appears to have accomplished at this point is the surveillance.
And that surveillance is being used unwisely.
Beginning last spring, following the death of George Floyd, iCOP analysts began monitoring social media to track potential violence at racial justice protests. After the Jan. 6 riot at the Capitol by Trump supporters, the analysts turned their attention to right-wing accounts, according to documents, including an intelligence bulletin previously obtained and published by Yahoo News.
There’s your First Amendment concerns. I’m sure the USPS expected its covert surveillance operations to remain covert and it would never have to address this publicly. But the program is now public knowledge and the USPS needs a better explanation than “we’re just being careful.” Any number of federal and local law enforcement agencies engage in the same surveillance. We may not like that, but at least they’ve got some jurisdiction and justification for doing so. Erecting an NSA-lite in USPS data centers makes zero sense when you’re the entity in charge of handling physical mail.