[House Hearing, 115 Congress]
[From the U.S. Government Publishing Office]





         LAW ENFORCEMENT'S USE OF FACIAL RECOGNITION TECHNOLOGY

=======================================================================

                                HEARING

                               BEFORE THE

                         COMMITTEE ON OVERSIGHT
                         AND GOVERNMENT REFORM
                        HOUSE OF REPRESENTATIVES

                     ONE HUNDRED FIFTEENTH CONGRESS

                             FIRST SESSION

                               __________

                             MARCH 22, 2017

                               __________

                           Serial No. 115-52

                               __________

Printed for the use of the Committee on Oversight and Government Reform



[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]







         Available via the World Wide Web: http://www.fdsys.gov
                       http://oversight.house.gov
                       
                                   ______

                         U.S. GOVERNMENT PUBLISHING OFFICE 

28-689 PDF                     WASHINGTON : 2018 
-----------------------------------------------------------------------
  For sale by the Superintendent of Documents, U.S. Government Publishing 
  Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; 
         DC area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC, 
                          Washington, DC 20402-0001
                          
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
              Committee on Oversight and Government Reform

                     Jason Chaffetz, Utah, Chairman
John J. Duncan, Jr., Tennessee       Elijah E. Cummings, Maryland, 
Darrell E. Issa, California              Ranking Minority Member
Jim Jordan, Ohio                     Carolyn B. Maloney, New York
Mark Sanford, South Carolina         Eleanor Holmes Norton, District of 
Justin Amash, Michigan                   Columbia
Paul A. Gosar, Arizona               Wm. Lacy Clay, Missouri
Scott DesJarlais, Tennessee          Stephen F. Lynch, Massachusetts
Trey Gowdy, South Carolina           Jim Cooper, Tennessee
Blake Farenthold, Texas              Gerald E. Connolly, Virginia
Virginia Foxx, North Carolina        Robin L. Kelly, Illinois
Thomas Massie, Kentucky              Brenda L. Lawrence, Michigan
Mark Meadows, North Carolina         Bonnie Watson Coleman, New Jersey
Ron DeSantis, Florida                Stacey E. Plaskett, Virgin Islands
Dennis A. Ross, Florida              Val Butler Demings, Florida
Mark Walker, North Carolina          Raja Krishnamoorthi, Illinois
Rod Blum, Iowa                       Jamie Raskin, Maryland
Jody B. Hice, Georgia                Peter Welch, Vermont
Steve Russell, Oklahoma              Matt Cartwright, Pennsylvania
Glenn Grothman, Wisconsin            Mark DeSaulnier, California
Will Hurd, Texas                     John P. Sarbanes, Maryland
Gary J. Palmer, Alabama
James Comer, Kentucky
Paul Mitchell, Michigan

                   Jonathan Skladany, Staff Director
                    William McKenna, General Counsel
     Troy Stock, Information Technology Subcommittee Staff Director
                      Sean Brebbia, Senior Counsel
                    Sharon Casey, Deputy Chief Clerk
                 David Rapallo, Minority Staff Director
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                 
                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on March 22, 2017...................................     1

                               WITNESSES

Kimberly Del Greco, Deputy Assistant Director of Criminal Justice 
  Information Services Division, Federal Bureau of Investigation
    Oral Statement...............................................     5
    Written Statement............................................     7
Diana Maurer, Director, Homeland Security and Justice Issues, 
  U.S. Government Accountability Office
    Oral Statement...............................................    12
    Written Statement............................................    14
Charles Romine, Ph.D., Director of Information Technology Lab, 
  National Institute of Standards and Technology
    Oral Statement...............................................    36
    Written Statement............................................    38
Alvaro Bedoya, Executive Director, Center on Privacy & 
  Technology, Georgetown Law
    Oral Statement...............................................    45
    Written Statement............................................    47
Benji Hutchinson, Senior Director, NEC Corporation of America On 
  behalf of The International Biometrics + Identity Association
    Oral Statement...............................................    64
    Written Statement............................................    66
Jennifer Lynch, Senior Staff Attorney, Electronic Frontier 
  Foundation
    Oral Statement...............................................    76
    Written Statement............................................    78

                                APPENDIX

Letter of June 23, 2016, Requesting Congressional Oversight, 
  submitted by Mr. Chaffetz......................................   132
Letter of September 6, 2016, to Mr. James B. Corney, Federal 
  Bureau of lnvestigation, submitted by Mr. Chaffetz.............   138
Response from Dr. Romine, NIST, to Questions for the Record......   141

 
         LAW ENFORCEMENT'S USE OF FACIAL RECOGNITION TECHNOLOGY

                              ----------                              


                       Wednesday, March 22, 2017

                  House of Representatives,
              Committee on Oversight and Government Reform,
                                                   Washington, D.C.
    The committee met, pursuant to call, at 9:30 a.m., in Room 
2154, Rayburn House Office Building, Hon. Jason Chaffetz 
[chairman of the committee] presiding.
    Present: Representatives Chaffetz, Duncan, Jordan, Gosar, 
Foxx, DeSantis, Ross, Grothman, Palmer, Comer, Mitchell, 
Cummings, Maloney, Norton, Clay, Lynch, Connolly, Kelly, and 
Krishnamoorthi.
    Chairman Chaffetz. The Committee on Oversight and 
Government Reform will come to order.
    Without objection, the chair is authorized to declare a 
recess at any time.
    We have an important hearing today about law enforcement's 
use of facial recognition technology. It's exciting technology. 
The world of technology offers us a lot of opportunities, but 
just because we can doesn't mean we necessarily should, and so 
there are a number of things that we need to have discussions 
about and try to figure out and tackle as a society.
    And this is one in a series of things that we're going to 
be discussing in this year and next as technology brings us to 
new frontiers and new paths and new things that we need to dive 
into and look at, because, again, while there's a lot of 
excitement and a lot of opportunity, there's also opportunities 
to have it misused or overused or create a whole other set of 
problems that maybe our Nation and our society and our 
generation have not yet dealt with.
    This happens to be one of those types of technologies. 
Facial recognition technology, it is exciting what can be done, 
but we have to look at how this affects law enforcement and our 
rights as Americans, particularly suspicion-less Americans and 
our right for privacy.
    The days of the old Sherlock Holmes dusting for 
fingerprints and looking for clues, they're being replaced by 
algorithms and software scanning millions of images at 
unprecedented speeds to match a face to a name. However, like 
many technologies used in the wrong hands or without 
appropriate parameters, it is ripe for abuse; therefore, the 
oversight of the use of this technology is essential.
    Until recently, fingerprint analysis was the most widely 
used biometric technology for positively identifying arrestees 
and linking them to previous criminal history. In 2010, the FBI 
began replacing its legacy fingerprint database with an updated 
database that incorporates advancements in biometrics, such as 
facial recognition, called the Next Generation Identification, 
or NGI. This is a database with an estimated cost of $1.2 
billion. The FBI claims the NGI system, ``brought the FBI's 
biometric identification system and criminal history 
information to the next level.''
    Unfortunately, the FBI failed--failed--to fulfill its 
statutory duty to inform the public of this new next-level 
capability and used facial recognition technology for 5 years 
without publishing the required Privacy Impact Assessment, as 
required by law. Further, agreements are in place with 18 
States that allow the FBI to request those States search their 
databases, including driver's license databases, using facial 
recognition technology.
    And if we have a graphic, let me have them put that up 
here, if we could. Just to give you--those States in the dark 
blue are the ones that have various types of relationships with 
the FBI. Those in the light blue do not have those types of 
relationships. But you can kind of get a sense of where the 
Nation is going and how States are entering into these 
memorandums of understanding.
    You can take the graphic down.
    To be clear, this is a database or a network of databases 
comprised primarily of law-abiding Americans. Eighty percent of 
the photos in the FBI's facial recognition network are of 
noncriminal entries, each of the photos from driver's 
licenses--they come from places like driver's licenses, 
passports, and whatnot.
    It would be one thing if facial recognition technology were 
perfect or near perfect, but it clearly is not. Facial 
recognition technology does make mistakes. For example, in a 
test the FBI conducted prior to deploying NGI, roughly one in 
seven searches of the FBI system returned a list of entirely 
innocent candidates, even though the actual target was in the 
database.
    I also have concerns about studies suggesting facial 
recognition technology may have been unintended--have 
unintended racial, gender, or age bias or deficiencies. Any 
technology biases or weaknesses correlating to race, gender, 
and age raise some serious concerns and need to be widely known 
and contemplated by law enforcement, legislative bodies, and 
the judiciary.
    Facial recognition technology is a powerful tool for law 
enforcement that can be used to protect people, their property, 
our borders, and our Nation. The private sector may use 
technology to control access to sensitive information, protect 
financial transactions, verify time and attendance, and prevent 
fraud or identity theft, among other uses.
    But it can also be used by bad actors to harass or stalk 
individuals. It can be used in a way that chills free speech 
and free association by targeting people attending certain 
political meetings, protests, churches, or other types of 
places in the public.
    Perhaps most concerning is the prospect of its real-time 
use to track people's location throughout the day, a potential 
use that would fundamentally change what it means to live in a 
free society. For those reasons and others, we must conduct 
proper oversight of this emerging technology. I appreciate the 
witnesses and what they bring here.
    One of the things that we're going to also talk about today 
is, what does it mean when you populate the database? If the 
FBI could have its way, the best I can understand it, they 
would put everybody's face in one database or a whole series of 
databases. And so what does that mean? I guess, if it's in a 
secure lockbox that nobody else can look at except the FBI, 
some people would argue that's a good thing. But we've seen the 
FBI, most recently, can't even keep the 702 information private 
and secure.
    I don't trust the Federal Government. I don't believe that 
there is such a thing where they can keep all of this 
information locked down and secure. Does anybody really trust 
and believe that they can create this massive database? Imagine 
how valuable that database is going to be if they had the 
facial recognition of every single American in their system. 
And then you could just go online and you could start figuring 
out exactly who is walking in your door. Some companies are 
actually using this type of technology. They know who you are 
before you walk in the door. And what does that mean if this 
information were to get into the wrong hands? So it poses a 
number of issues and challenges.
    I'd now like to yield such time as he may consume to Mr. 
Jordan of Ohio.
    Mr. Jordan. Thank you, Mr. Chairman, and I'll be real 
brief. I just wanted to thank you for this hearing and your 
continued focus on privacy, particularly in this digital age 
which we find ourselves a part of, and announce to the 
committee that I'm pleased to be working with, on a bipartisan 
basis, Congressman Lieu on developing a framework for facial 
recognition technology, how that is appropriate, what we hope 
is model legislation, frankly working with some of the good 
folks on our panel, like Mr. Bedoya, to develop that 
information.
    Understand the context. We learned that several Federal 
agencies used StingRay technology to conduct surveillance on 
Americans without a probable cause warrant. During that 
hearing, we also learned that the IRS several times used that 
same technology without a probable cause warrant, the same IRS 
that targeted people for exercising their First Amendment 
liberties, targeted people for their political beliefs.
    That is the context we find ourselves in today, and now we 
have this system in all those States that the chairman just put 
up. This is a critical issue at the appropriate time. And so I 
just, again, wanted to thank the chairman and look forward to 
hearing from our witnesses today, and appreciate this hearing 
and just how critically important it is to Americans' First 
Amendment and Fourth Amendment liberties.
    With that, I yield back.
    Chairman Chaffetz. I thank the gentleman.
    Again, one of the key questions, seminal questions, before 
us is, is it the right public policy to populate a database 
with everybody's face in it, even the suspicion-less Americans? 
Is that the American way? Or--or--should they maybe be building 
a database of known criminal elements, people who maybe earned 
it, rather than the suspicion-less people who went in to get 
their driver's license and didn't know that they were also 
giving that information to the Federal Government and that the 
Federal Government would be using it for who knows what?
    And as Mr. Jordan pointed out, there is technology, more--
almost 500 units of these cell phone simulators, where the 
government is using cell phone simulators to track suspicion-
less Americans in their very geolocation and their very 
location. You combine that with facial recognition technology, 
where somebody's walking down the street and they can be 
recognized and identified into a database that has been built 
by the FBI; it does pose questions.
    The technology will also show us, the statistical data will 
show us the bigger the database, the more difficult it is for 
the facial recognition technology to get it right. If the 
database was smaller to known criminals, wanted criminals, 
people that are here illegally, maybe those are the types of 
things that we should be focused on, as opposed to everybody. 
And that's one of the questions that--and why we have a 
distinguished panel today.
    So I will hold the record open for 5 legislative days for 
members who would like to submit their written statement.
    And I would now like to recognize our panel of witnesses. 
We're pleased to welcome Ms. Kimberly Del Greco, who is the 
Deputy Assistant Director of the Criminal Justice Information 
Services Division of the Federal Bureau of Investigation. We do 
appreciate you being here.
    We also have Diana Maurer--did I pronounce that right? I 
hope so--Director for Homeland Security and Justice Issues at 
the United States Government Accountability Office. She was 
just in Judiciary yesterday. So we appreciate the quick 
turnaround in being here again today.
    Mr. Charles Romine, the Director of Information Technology 
Lab at the National Institute of Standards and Technology.
    Mr. Alvaro Bedoya is the executive director for the Center 
of Privacy & Technology at Georgetown Law. Great mind and 
thought on this topic, and we appreciate you being here, sir.
    Mr. Benji Hutchinson, senior director for the NEC 
Corporation of America, testifying on behalf of the 
International Biometrics + Identity Association.
    And Ms. Jennifer Lynch, senior staff attorney for the 
Electronic Frontier Foundation. We thank you for being here as 
well.
    Pursuant to committee rules, all witnesses are to be sworn 
before they testify. If you could please rise and raise your 
right hand. We also get to get your picture. Do you solemnly 
swear or affirm that the testimony you're about to give will be 
the truth, the whole truth, and nothing but the truth so help 
you God?
    Thank you. Let the record reflect that all witnesses 
answered in the affirmative.
    In order to allow time for discussion, we would appreciate 
it if you would limit your verbal testimony to 5 minutes. Your 
entire written record and the attachments will be made part of 
the official record.
    But Ms. Del Greco, let's start with you, and you are now 
recognized for 5 minutes.
    Can I tell you all: these microphones in this committee, 
you've got to straighten them out, bring them right up 
uncomfortably close, and then there we go.
    Ms. Del Greco, you're now recognized for 5 minutes.

                       WITNESS STATEMENTS

                STATEMENT OF KIMBERLY DEL GRECO

    Ms. Del Greco. Thank you, Chairman Chaffetz and Ranking 
Member Cummings and the members of the committee for this 
opportunity, along with our colleagues from NIST, with whom we 
have worked closely on a number of efforts.
    I have submitted a written statement for record and will 
not take the committee's time to repeat all of the report. The 
statement provides a good description of the authorized 
programs we have in place. These programs utilize face 
technology to provide law enforcement partners with the needed 
capabilities to safeguard the American people.
    It is crucial that authorized members of the law 
enforcement and national security communities have access to 
advanced biometric technologies to investigate, identify, 
apprehend, and prosecute terrorists and criminals.
    The services and performance improvements in speed and 
accuracy delivered by the FBI's Next Generation Identification 
system, which includes face recognition technology, have 
enhanced our ability to solve crimes across the country.
    With that said, the FBI's core value is strict adherence to 
the U.S. Constitution. The protection of the privacy and civil 
liberties of all persons in this country remains integral to 
the development and implementation of any new technology. The 
FBI's use of face recognition technology is confined within the 
same statutory, regulatory, and policy framework as all 
investigative initiatives by the FBI.
    Today, I will discuss the following FBI programs which use 
face recognition technology for law enforcement purposes. They 
are, one, the FBI's Next Generation Identification Interstate 
Photo System; and two, the FACE Services Unit, both located at 
the FBI Criminal Justice Information Services Division.
    Specifically, the Next Generation Identification Interstate 
Photo System allows for the searching of criminal mugshots 
authorized by law enforcement agencies. It is a search of law 
enforcement photos by law enforcement agencies for law 
enforcement purposes.
    Law enforcement has performed photo lineups and manually 
reviewed mugshots for decades. Face recognition software allows 
this to be accomplished in an automated manner. Automated face 
recognition is an effective means of locating potential 
candidates for further investigation, but it remains an 
investigative lead only, and the candidates must be further 
reviewed by specialized face examiners and/or the relevant 
investigators.
    The FBI has promulgated policies and procedures to 
emphasize that photos returned from the Next Generation 
Identification Interstate Photo System are not to be considered 
positive identifications and that the searches of the mugshots 
merely result in a ranked listing of candidates that require 
further investigation to determine a subject's true identity.
    This guidance has been provided in the Next Generation 
Identification Interstate Photo System Policy and 
Implementation Guide, which has been made available to 
authorized law enforcement users who receive candidate photos 
from the Next Generation Identification Interstate Photo 
System.
    FACE Services: The FACE Services Unit provides 
investigative lead support to the FBI field offices, 
operational divisions, and legal attaches by comparing the face 
images of persons associated with an open FBI assessment or an 
active investigation against face images available in State and 
Federal photo repositories.
    The FACE Services Unit only accepts probe photos that have 
been collected pursuant to appropriate legal authorities as 
part of an authorized FBI investigation. Upon receipt of the 
photo, the FACE Services Unit searches the photo using face 
recognition software against the database authorized for use by 
the FBI, which results in a photo gallery of potential 
candidates.
    The FACE Services Unit performs comparisons of candidate 
photos against the probe photo to determine the candidate's 
value as an investigative lead. If a most likely candidate is 
found, it will be provided to the requesting FBI personnel; 
however, the FBI does not retain any photos that are not a most 
likely candidate.
    As with the Next Generation Identification Interstate Photo 
System, this service does not provide a positive identification 
but rather an investigative lead and analysis to support that 
lead.
    Finally, the FBI's strength is directly attributed to the 
dedication of its people who work for and on behalf of their 
fellow citizens. Our adversaries and the threats we face are 
relentless. The FBI must continue to identify and use new 
capabilities, such as an automated facial recognition system, 
to meet the high expectations for the FBI to preserve our 
Nation's freedom.
    I want to thank my colleagues for their support and each 
and every FBI employee for their dedicated service. Thank you.
    [Prepared statement of Ms. Del Greco follows:]
    
    
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]

   
    Chairman Chaffetz. Thank you.
    Director, you're now recognized for 5 minutes.

                   STATEMENT OF DIANA MAURER

    Ms. Maurer. Good morning, Mr. Chairman, Ranking Member 
Cummings, and other members and staff. I'm pleased to be here 
today to discuss the findings from our review of the FBI's use 
of facial recognition.
    We're all familiar with the general idea behind this 
technology, and it's a good one: Instead of relying on books of 
mugshots from the ``Hill Street Blues'' era, law enforcement 
can use ``CSI''-era computers to nearly instantly identify a 
criminal from a grainy crime scene photo. Of course, that's the 
idea. The reality is far from what we currently see in movies 
or TV.
    Face recognition is relatively new for the FBI, and there 
are significant technical and legal limitations on what it can 
do. Even so, it's a valuable tool that can greatly enhance the 
efficiency and effectiveness of Federal law enforcement.
    The FBI uses face recognition in two ways: First, it 
developed a system that currently has over 50 million images 
for State, local, and FBI use; second, the FBI accesses other 
systems at the Departments of Defense and State as well as 
driver's license photos from 18 States, with total potential 
access to over 400 million images.
    Used properly, face recognition can help make us all safer. 
However, the pictures of millions of Americans, including 
millions with no criminal convictions, are being searched by 
the FBI, which is why attention to privacy and accuracy is so 
important. We found that the FBI needs to do a better job on 
both fronts.
    First, we'll talk about privacy. Federal law requires 
agencies to publicly share how they plan to use personal 
information, such as facial images, when they roll out a new 
capability and when they update it. We found that the 
Department of Justice and the FBI did not do so in a timely 
manner.
    Specifically, DOJ initially published a Privacy Impact 
Assessment for the Interstate Photo System in 2008; however, 
the FBI did not update or publish a new assessment before it 
began using the system or made significant changes to it. DOJ 
also did not approve a privacy assessment when the FBI began 
accessing other systems to support its own investigations.
    The FBI eventually issued privacy assessments in 2015 
during our review and over 3 years after they began using both 
systems. During that time, the public remained unaware of how 
facial images were being used because the assessments were not 
published as required.
    We also had several concerns about the FBI's efforts to 
ensure accuracy. There are two key aspects to accuracy for 
facial recognition: the detection rate, how often it correctly 
generates a match; and the false positive rate, how often it 
incorrectly generates a match. We have concerns about how the 
FBI approaches both measures.
    In tests, the FBI system generated a correct match 86 
percent of the time, 1 percent more than the requirement. How 
the FBI defined a match is important. For each query, the 
system generated 50 potential images. If the correct image was 
among the 50, it was scored as a match. In the real world, 
however, users frequently only generate the top handful of 
images, which requires a much higher degree of accuracy for the 
results to be useful to investigators.
    Further, the FBI does not test for false positives. So it 
doesn't know how often a system incorrectly identifies someone 
as the potential suspect. High levels of false positives could 
hinder criminal investigations with false leads. Further, 
innocent people could bear the burden of being falsely accused, 
including the implications of Federal investigators showing up 
at their home or place of business.
    Finally, the FBI has not assessed the accuracy of face 
recognition systems operated by external partners to ensure 
they are sufficiently accurate to support FBI investigations. 
We made six commonsense recommendations to help address these 
problems, but we were, frankly, concerned when the Department 
and the FBI only fully agreed with one.
    The good news is that the FBI has begun taking steps to 
address two of our recommendations. My hope is that, in the 
aftermath of today's hearing, the FBI and the Department will 
decide to take action to fully address all six.
    Face recognition could prove to be an immensely valuable 
tool in solving crime and enhancing national security, but the 
FBI and DOJ need to take further action to address privacy and 
accuracy concerns. Doing so will help inform the public on how 
facial images are being used, enhance the efficiency of law 
enforcement, and avoid wasting valuable investigative 
resources, and unnecessarily involving innocent people.
    Mr. Chairman, thank you for the opportunity to testify 
today. I look forward to your questions.
    [Prepared statement of Ms. Maurer follows:]
    
    
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]

    
    Chairman Chaffetz. Thank you.
    Mr. Romine, you're now recognized for 5 minutes.

               STATEMENT OF CHARLES ROMINE, PH.D.

    Mr. Romine. Chairman Chaffetz, Ranking Member Cummings, and 
members of the committee, thank you for the opportunity to 
discuss the NIST role in standards and testing for facial 
recognition technology.
    Biometric technologies, including face recognition, can 
provide a means for uniquely recognizing humans based upon one 
or more physical or behavioral characteristics and can be used 
to establish or verify identity of individuals.
    For decades, biometric technologies were used primarily for 
homeland security and law enforcement applications. But, today, 
the marketplace for biometric solutions includes private sector 
applications, including physical security and retail 
applications.
    NIST has more than five decades of experience improving 
human identification systems. NIST responds to government and 
market requirements for biometric standards, including facial 
recognition technologies, by collaborating with other Federal 
agencies, law enforcement, industry, and academic partners to 
support the timely development of scientifically valid fit-for-
purpose standards; develop the required conformance testing, 
architectures, and tools; research measurement, evaluation, and 
interoperability; and develop common models and metrics for 
identity management.
    NIST work improves the accuracy, quality, usability, 
interoperability, and consistency of identity management 
systems and ensures that United States interests are 
represented internationally. NIST research provides state-of-
the-art technology benchmarks and guidance to industry and U.S. 
Government agencies that depend upon biometrics recognition.
    NIST encourages and coordinates Federal agency use of 
voluntary consensus standards and participation in the 
development of standards. NIST works with other agencies to 
coordinate standards issues and priorities with the private 
sector through industry-led consensus standards-developing 
organizations.
    Starting in 1986 and under accreditation by the American 
National Standards Institute, or ANSI, NIST has developed a 
succession of standards for the interchange of biometric data. 
This standard used around the world facilitates interoperable 
biometric data exchange across jurisdictional lines and between 
systems developed by different manufacturers.
    From the inception of the International Organization for 
Standardization's Subcommittee on Biometrics, NIST has led and 
provided technical expertise to develop international biometric 
standards that have received widespread international and 
national market acceptance.
    For more than a decade, NIST has been organizing and 
conducting large biometric technology challenge programs and 
evaluations. NIST biometric evaluations measure the core 
algorithmic capability of biometric recognition algorithms and 
report the accuracy, throughput, reliability, and sensitivity 
of algorithms to image characteristics, for example, noise or 
compression, and subject characteristics, for example, age or 
gender.
    NIST biometric evaluations advance the technology by 
identifying and reporting gaps and limitations of current 
biometric recognition technologies. NIST evaluations also 
provide quantitative data to facilitate development of 
consensus-based standards.
    NIST's face recognition vendor tests, or FRVT, assess 
capabilities of prototype face recognition systems for one-to-
many identification and one-to-one verification and provides 
independent evaluations of commercially available and prototype 
face recognition technologies.
    FRVT provides the U.S. Government with information to 
assist in determining where and how facial recognition 
technology can best be deployed. FRVT results also help 
identify future research directions for the face recognition 
community. The latest FRVT will measure face recognition 
performance gains on an ongoing basis to align evaluation and 
development schedules.
    NIST research has helped enhance identity systems, 
including the Federal Bureau of Investigation's Next Generation 
Identification system, the Department of Homeland Security 
Automated Biometric Identification System, the Department of 
Defense Automated Biometric Identification System, the 
Department of State biometrics visa program, and the 
intelligence community systems. For example, virtually all law 
enforcement biometric collections worldwide use the ANSI NIST 
standard for data interchange.
    NIST is proud of the positive impact it has had in the last 
54 years on the evolution of biometrics capabilities. With 
NIST's extensive experience and broad expertise, both in its 
laboratories and in successful collaborations with the private 
sector and other government agencies, NIST is actively pursuing 
the standards and measurement research necessary to deploy 
interoperable, secure, reliable, and usable identity management 
systems.
    Thank you for your--for the opportunity to testify in NIST 
activities in facial recognition and identity management. I'd 
be happy to answer any questions you may have.
    [Prepared statement of Mr. Romine follows:]
    
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]

    
      
    Chairman Chaffetz. Thank you. I do appreciate it.
    Mr. Bedoya, you're now recognized for 5 minutes.

                   STATEMENT OF ALVARO BEDOYA

    Mr. Bedoya. Thank you, Mr. Chairman, Ranking Member 
Cummings, and members of the committee.
    Why should people care about face recognition? Well, 
historically, law enforcement, when they wanted to identify 
someone, they had to approach them; they had to talk to them 
and ask them for ID. Face recognition lets law enforcement 
identify someone from far away and in secret--and not just one 
person. The latest generation of this technology will allow law 
enforcement to scan the face of every man, woman, and child 
walking in front of a street surveillance camera or police 
body-worn camera.
    This technology raises some serious questions, some basic 
questions. Do you have the right to walk down the street 
without the government secretly scanning your face? Is it a 
good idea to give government so much power with so few limits? 
Let me say this: with the right protections for privacy, civil 
liberties, and civil rights, this technology can and will be a 
tool for good.
    Mr. Chairman, our center spent a year studying whether 
those protections were in place. They are not. No Federal law 
controls this technology. No court decision limits it. With a 
few important exceptions, this technology is not under control.
    What do I mean by that, ``not under control''? Well, start 
with the databases. Whose faces are in face recognition 
databases? You would hope that they'd mostly be made up of 
known or suspected criminals. In fact, just by having a 
driver's license, one out of two American adults have been 
enrolled in a criminal face recognition network. That's 125 
million people, 51 percent of adults, and 32 out of 44 members 
of this committee. Twenty-six of those are searchable by FBI.
    This has never happened before, not with fingerprints, not 
with DNA, and most people have no idea that this is happening. 
That's the databases. Whose faces can you scan and search 
within those databases? Do you need a warrant to scan someone's 
face? Do you at least need to reasonably suspect them of a 
crime, or can you scan anyone?
    We surveyed over 100 law enforcement agencies across the 
country. We found 52 that had used or were using face 
recognition technology. Not one required a warrant. And in most 
agencies, as well as the FBI, officials do not need to 
reasonably suspect someone of a crime before scanning and 
searching their face.
    How is this going to affect free speech? Are you going to a 
gun rights rally or a protest against the President, for that 
matter, if the government can secretly scan your face and 
identify you? This is not a hypothetical. In the course of our 
investigations, we met a college student who is now in at least 
two separate face recognition databases after an arrest for 
peaceful civil disobedience. Now she is so scared that, 
whenever she goes to a protest, she is afraid to show her face.
    What about accuracy? Is there a risk that innocent people 
will be misidentified and investigated as dangerous criminals? 
As the GAO just said, yes, there is. The details are unclear, 
but we know, for New York, that NYPD system has misidentified 
at least five people.
    Face recognition makes more mistakes than fingerprints, far 
more mistakes than DNA. And FBI-coauthored research suggests 
that face recognition is more likely to make mistakes when it 
looks for the faces of African Americans, women, and young 
people.
    Finally, are there safeguards in place to make sure that 
these systems are not misused or abused? Unfortunately not. The 
FBI has run tens of thousands of searches against the faces of 
law-abiding drivers. But from the GAO's testimony and their 
reports, we know that none of those searches have been checked 
for abuse. Those are searches of the DMV driver's license 
databases.
    So, if there is abuse, we would not know it. Mr. Chairman, 
the safety benefits to this technology are real, but we do not 
need to choose between safety and privacy. As you know well, 
the members of this committee have long argued that Americans 
deserve both.
    So I would submit that the question before this committee 
is not, do we allow face recognition, or do we ban it? I think 
the question is, how do we put in place checks and balances 
that let law enforcement do its job while also protecting our 
rights and our freedoms?
    Where might you look for some of these answers? You might 
look to Ohio, Mr. Jordan's State, for its policy against 
monitoring protests. You might look to Michigan for their 
safeguards against misuse and their policy of removing anyone 
who hasn't been convicted of a crime from a face recognition 
database. You might look to San Diego for their practice of 
actually going to elected officials every year and getting 
approval for their policies. The list goes and on, and all of 
these proposals are in our report, ``The Perpetual Lineup.''
    Thank you very much for your time. I look forward to your 
questions.
    [Prepared statement of Mr. Bedoya follows:]
    
    
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]

    
 
    Chairman Chaffetz. Thank you.
    Mr. Hutchinson, you're now recognized for 5 minutes.

                 STATEMENT OF BENJI HUTCHINSON

    Mr. Hutchinson. Good morning, Chairman Chaffetz, Ranking 
Member Cummings, and committee members. Thank you for inviting 
me to testify today on behalf of IBIA.
    I have 13 years of experience in the biometrics and 
identity tech industry. I've supported Federal and law 
enforcement customers, and I currently teach a graduate level 
course on ethics, privacy, and policy at George Mason 
University for identity analysis.
    The purpose of my testimony today is to provide the 
committee with an overview of the identity tech industry, our 
perspective on privacy and policy, and the status of the 
efficacy of facial recognition technology.
    IBIA is the leading international trade group representing 
the identity tech industry. Our mission is to advance the 
adoption, responsible use of this technology for managing 
identity--human identity to enhance security, privacy, 
productivity, and convenience.
    We have 27 member companies serving customers in the public 
and private sectors. The use cases of our customers include 
everything from law enforcement, security, national defense, 
finance, and health care, and many others.
    Members of IBIA believe these technologies should be used 
solely for legal, ethical, and nondiscriminatory purposes. We 
are committed to the highest standards of system integrity and 
database security in order to deter identity theft, protect 
personal privacy, and ensure equal rights under the law.
    The industry believes in transparency and openness with 
these systems. We support and encourage best practices to 
ensure privacy and ethical use. We believe it should be fielded 
with appropriate privacy policies that cover how the data are 
processed, stored, and used.
    Let me say a couple of words about policy. IBIA sees many 
areas of shared consensus across this community where we can 
work together: Number one, we do not support the use of facial 
recognition in tracking or profiling individuals based solely 
on age, gender, race, ethnicity, or religion, or any other 
violation of constitutionally protected rights to free speech 
and assembly. Number two, we support a clear delineation on how 
data are used and who has access. We do not support a violation 
of statutes related to the use of data. Number three, Federal 
and State audits of these facial recognition systems are 
reasonable. Number four, there are existing policies and 
regulations in place. They should be reexamined and 
strengthened where necessary after a debate among all the 
stakeholders. And, number five, industry should have a limited 
access to real-world data for testing purposes.
    Let me talk a little bit about what IBIA has done in this 
privacy debate. We participated in the NTIA multistakeholder 
process to develop and publish general guidelines. The output 
of that was the privacy best practices recommendation for 
commercial facial recognition use. We also are a member of the 
Future of Privacy Forum for at least 2 years.
    Let me talk a little bit about the value of biometrics. 
This is a valuable national security tool and for law 
enforcement. According to a 2015 document published by the 
American Association of Motor Vehicles, John Robert Jones was 
convicted in 1974 of murdering a fellow soldier at Fort Dix, 
New Jersey. After 3 years in prison, Jones escaped and was on 
the run for more than 37 years under an assumed identity. He 
was listed as one of the Army's top 15 most wanted fugitives. 
The U.S. Marshals office submitted a photograph of Jones for 
comparison in the Florida DMV's facial recognition system. A 
match with an image on a driver's license that Jones had 
fraudulently acquired in 1981 was returned. Jones was 
subsequently apprehended, and his fingerprints confirmed he was 
indeed the wanted fugitive. These are valuable tools to produce 
leads and to capture known suspects.
    A few words on accuracy. The accuracy of automated facial 
recognition technology has steadily improved over the past 15 
years. For high-performing algorithms, error rates can be as 
low as 1 percent. So this means that, in most cases, they can 
match 99 percent of the time.
    However, matching accuracy is highly dependent on image 
quality, image gallery quality, and the proprietary algorithm 
in use. The human element in training cannot be understated. 
Professionally trained humans are responsible for deciding to 
take action on a face match. Facial recognition is an 
investigative tool.
    And, finally, race, ethnicity, gender, and age are not 
generally considered or factored into the mathematics of a 
facial recognition algorithm. Algorithms are developed to be as 
accurate as possible using mathematical vector sets, such as 
the number of pixels between the eyes. However, when dealing 
with homogeneous data sets of faces, there have been instances 
and test results where certain technologies' effectiveness has 
varied.
    I thank you for this opportunity to testify today, and I 
look forward to your questions.
    [Prepared statement of Mr. Hutchinson follows:]
    
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]

    
   
    
    Chairman Chaffetz. Thank you.
    Ms. Lynch, you're now recognized for 5 minutes.

                  STATEMENT OF JENNIFER LYNCH

    Ms. Lynch. Chairman Chaffetz, Ranking Member Cummings, and 
members of the committee, thank you very much for the 
invitation to testify today.
    Since my 2012 testimony on face recognition before the 
Senate Subcommittee on Privacy, Technology, and the Law, face 
recognition technologies have advanced significantly. Now, law 
enforcement officers can use mobile devices to capture face-
recognition-ready photographs of people they stop on the 
street. Surveillance cameras boast real-time tracking and face 
scanning and identification capabilities, and the FBI has 
access to hundreds of millions of face recognition images of 
law-abiding Americans.
    However, the adoption of face recognition technologies like 
these has occurred without meaningful oversight, without proper 
accuracy testing, and without legal protections to prevent 
their misuse. This has led to the development of unproven 
systems that will impinge on constitutional rights and 
disproportionately impact people of color.
    The FBI's Interstate Photo System and FACE Services Unit 
exemplify these problems. The minimal testing conducted by the 
Bureau showed the IPS was incapable of accurate identification 
at least 15 percent of the time. This has real-world 
consequences. An inaccurate system will implicate people for 
crimes they didn't commit, and it will shift the burden onto 
innocent defendants to show they are not who the system says 
they are.
    This threat will disproportionately impact people of color. 
Face recognition misidentifies African Americans and ethnic 
minorities at higher rates than whites. Because mugshot 
databases include a disproportionate number of African 
Americans, Latinos, and immigrants, people of color will likely 
shoulder exponentially more of the burden of the IPS' 
inaccuracies than whites.
    Despite these known challenges, FBI has for years failed to 
be transparent about its use of face recognition. It took 7 
years to update its Privacy Impact Assessment for the IPS and 
didn't release a new PIA until a year after the system was 
fully operational.
    And the public had no idea how many images were accessible 
to its FACE Services Unit until last year's GAO report revealed 
the Bureau could access nearly 412 million images, most of 
which were taken for noncriminal reasons, like obtaining a 
driver's license or a passport.
    Without transparency, accountability, and proper security 
protocols in place, face recognition systems may be vulnerable 
to security breach and misuse. This has already occurred in 
other contexts. For example, in 2010, ICE enlisted local police 
officers to use license plate readers to gather information on 
gun show customers. In 2015, hackers breached the Office of 
Personnel Management systems and stole sensitive data, 
including biometric data, on more than 25 million people. And 
in 2015, the Baltimore Police may have used face recognition 
and social media to identify and arrest people in the protests 
following Freddie Gray's death.
    Americans should not be forced to submit to criminal face 
recognition searches merely because they want to drive a car. 
They shouldn't have to worry their data will be misused by 
unethical government officials or stolen in a security breach. 
And they shouldn't have to fear that their every move will be 
tracked if the network of surveillance cameras that already 
blanket many cities are linked to face recognition.
    But without meaningful legal protections, this is where we 
may be headed. Without laws in place, it could be relatively 
easy for the government to amass databases of images of all 
Americans and use those databases to identify and track people 
in real time as they go about their daily lives.
    As this committee noted in its excellent 2016 report on law 
enforcement use of cell-site simulators, advances in emerging 
surveillance technologies, like face recognition, require 
careful evaluation to ensure their use is consistent with the 
protections afforded under the First and Fourth Amendments.
    And just as with cell-site simulators, transparency and 
accountability are critical to ensuring that face recognition's 
use not only comports with constitutional protections but also 
preserves democratic values.
    Justice Alito noted in his concurring opinion in United 
States v. Jones that, in circumstances involving dramatic 
technological change, the best solution to privacy concerns may 
be legislative. Just as this committee found with cell-site 
simulators, the use of face recognition must be limited. 
Specifically, law enforcement should be required to get a 
warrant before accessing noncriminal face recognition databases 
and before conducting real-time tracking and identification.
    I urge this committee to introduce legislation to do just 
that. Thank you once again for the invitation to testify. I'm 
happy to respond to questions.
    [Prepared statement of Ms. Lynch follows:]
    
    
    
    
    [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]

    
    
    
    Chairman Chaffetz. Thank you. I appreciate it.
    We'll now recognize the ranking member, Mr. Cummings, for 5 
minutes.
    Mr. Cummings. Thank you very much, Mr. Chairman.
    And I want to welcome our witnesses here today.
    Let me start by acknowledging that facial recognition 
technology provides law enforcement officials with an 
innovative and valuable tool to identify suspects and 
criminals, which helps keep all of us safe. We all know that.
    The FBI has told us that this technology helps them 
identify and apprehend criminals and bring them to justice. I 
strongly believe that our law enforcement authorities should 
have access to the most advanced crime-fighting tools available 
to protect our communities.
    But serious questions have been raised in your testimony 
today already about the accuracy of facial recognition 
technology, its disparate impact on certain populations, and 
its use against law-abiding Americans.
    To help our law enforcement authorities do their job as 
effectively as possible while at the same time protecting the 
rights of constituents, we need to examine these questions head 
on because they are very, very significant. So I am thankful 
that we are having this discussion today.
    There are three key points that I would like to address 
today. The first is that whole question of accuracy. Last year, 
the Government Accountability Office issued its report with a 
very significant warning. The GAO reported that the FBI has, 
and I quote, ``limited information on the accuracy of its face 
recognition technology capabilities,'' end of quote.
    The GAO also warned that the FBI did not assess how often 
these searches, and I quote, ``erroneously match a person to 
the database that falsifies the rate,'' end of quote. That's a 
big problem.
    As one of the Members of Congress who live in the inner 
city of Baltimore, where I have seen the impact of police, 
certain police tactics, with regard to African-American males 
and having been an African-American male for 66 years on this 
Earth, I can tell you I have a lot of concerns about this.
    GAO made a series of recommendations, including proposing 
that the FBI conduct more testing to, and I quote, ``help 
ensure that the system is capable of producing sufficiently 
accurate search results.'' That seems like a reasonable 
request. Unfortunately, the Department of Justice disputed the 
need for more accuracy testing and maintains that current 
testing is adequate.
    Second is the question of disparate treatment of some 
Americans. In 2012, senior technology experts with the FBI 
coauthored a study finding that some of the leading algorithms 
used in face recognition systems were 5 percent to 10 percent 
less accurate on African Americans as compared to Caucasians.
    Similarly, on October 18, 2016, the Center on Privacy & 
Technology at the Georgetown University Law Center issued a 
report finding that, I quote, ``African Americans are 
disproportionately likely to be subject to police face 
recognition,'' end of quote.
    According to these reports, if you're Black, you're more 
likely to be subjected to this technology, and the technology 
is more likely to be wrong. That's a hell of a combination, 
particularly when you're talking about subjecting somebody to 
the criminal justice system. We need to let this sink in.
    For these reasons, the center made a very sensible 
recommendation, that the FBI simply test the system for racial 
bias. Why can't we do that? What's the problem? In response, 
the FBI claims there's no need to test for racial bias because 
the system is race-blind. I disagree. I disagree.
    Walk around this country as a Black man, in this country, 
and this kind of--don't get me wrong. I believe strongly that 
police should have every tool they need to solve crime. But I'm 
telling you: we have seen some things in Baltimore where the 
African-American community is almost like a guinea pig 
sometimes. Say, okay, we believe all the crime is happening 
here, so everything goes there. And this is the neighborhood I 
live in, that I go home to every night. So the response is very 
troubling.
    I'm almost finished, Mr. Chairman.
    Rather than conducting testing that would show whether or 
not these concerns have merit, the FBI chooses to ignore 
growing evidence that the technology has a disproportionate 
impact on African Americans.
    Third is the question of protecting other rights of the 
American people, including their privacy rights, their civil 
liberties, and their right to free speech. And I want to 
applaud the chairman for constantly raising these kinds of 
issues because they are very important.
    I've said many times that sometimes we take for granted 
this democracy that we have. We take it for granted. It has 
been working so well that we assume we can--it will be here 
forever. But we have to guard it every day. And I think that, 
when you see things that begin to chip away at it, you have to 
pause and say: ``Wait a minute. Hold on. Where are we going 
here?''
    And so, according to GAO, law enforcement authorities now 
have the ability to search more than 400 million photos. There 
does not have to be a warrant. There does not even have to be 
probable cause. They search not only criminal mugshots but 
photos of law-abiding citizens that are submitted when they 
apply for jobs, passports, and even driver's licenses.
    I doubt many Americans realize that when they go down to 
the DMV to get their driver's licenses, their photos could be 
made part of a database that can be searched by the FBI. The 
Center on Privacy & Technology estimates that 80 percent of 
photos in the FBI's network of facial recognition searches are 
people who have never been accused of a single crime.
    Last year, the ACLU reported that the Baltimore Police 
Department used this technology against crowds of people who 
were protesting against police misconduct as a result of the 
death of Freddie Gray. Now, I was in the crowd. I was in the 
crowd, night after night, six nights in a row. So I guess 
they've got my photo. And they probably have a lot of other 
photos. There were a lot of people there in the crowd with us 
in Baltimore who have never been arrested, who have never 
committed a crime, but yet still they're subject to this.
    Now, understand, I guess my concern is that if we are going 
to, again, use tools, it seems to me that we would do 
everything in our power to make sure that those tools are used 
in a fair way, that we are testing for accuracy, and that 
there's not bias against one part of our population.
    And so I'm glad that we're having the hearing today. I'll 
have some questions later, but thank you, Mr. Chairman.
    And I yield back.
    Chairman Chaffetz. I thank the gentleman.
    All right. I'll now recognize myself for 5 minutes and then 
members will ask questions.
    Ms. Del Greco, the GAO report asserts that the FBI failed, 
even though it's directed by law, to put out the Privacy Impact 
Assessment. Why did the FBI not fulfill the law, the 
requirement of the law, and why did you not update the Privacy 
Impact Assessment? You have to put the----
    Ms. Del Greco. Thank you. Thank you, Mr. Chairman.
    I will defer to DOJ on that question.
    Chairman Chaffetz. What do you mean ``defer to DOJ''? You 
are DOJ. So what do you mean ``defer''?
    Ms. Del Greco. The Privacy Impact Assessment was submitted 
to the Department. I will defer to them for a response.
    Chairman Chaffetz. I'm sorry. We're having a hearing to ask 
you the questions, and the DOJ put you up there. You seem like 
a very nice person, but you're supposed to be the one to answer 
that question. What do you mean ``defer''?
    Ms. Del Greco. As I've stated, the Privacy Impact 
Assessment was submitted, and they----
    Chairman Chaffetz. Years late, right?
    Director Maurer, do you want to comment on this?
    Ms. Maurer. Yes, that's correct. It was submitted years 
after both systems were being used for real-world use.
    Chairman Chaffetz. So here's the problem: You're required 
by law to put out a privacy statement, and you didn't. And now 
we're supposed to trust you with hundreds of millions of 
peoples' faces in a system that you couldn't protect, even with 
the 702 issue. Now, we're talking about Mr. Flynn and how he 
was unmasked and all that, and there can be political 
gyrations, but set the name aside, and Donald Trump and all 
that.
    But even in that most stringent circumstance where they're 
looking at information, somebody decided to take off that veil 
and release that out to the public. And we're supposed to--and 
the Office of Personnel Management had tens of millions of 
Federal workers who had information where--and some of it 
included fingerprints and other types of things, and that was 
stolen and let out, and those people are having to suffer the 
consequences the rest of their lives. Why should we trust you?
    Ms. Del Greco. The privacy was part of the entire process 
in the development phases of the Interstate Photo System.
    Chairman Chaffetz. I know, but--okay. The point is, that 
the GAO has rightfully, I think, pointed out, the FBI was 
required by law to comply with the law--you are part of the 
Department of Justice--and you failed to do so. I hope you can 
see how this is a problem.
    Ms. Del Greco. A Privacy Impact Assessment was initiated in 
2008 on a pilot project for a proof of concept. Throughout the 
whole process, our privacy attorney was being advised of the 
changes that were being made in the development.
    Chairman Chaffetz. Yeah, well, we don't believe you, and 
the second part of that is you're supposed to make that public. 
And the failure here is, years after it was supposed to be made 
public, you didn't do it. You were using it in a real-world 
circumstance. You were actually using it and didn't issue the 
statement.
    Let me move on. You said a couple of times, Ms. Del Greco, 
in your testimony that this was a, and I quote, ``an 
investigative lead,'' that everybody should relax; it's just 
being used for an investigative lead. Correct?
    Ms. Del Greco. That is correct.
    Chairman Chaffetz. So why not collect everybody's 
fingerprints? That would be an investigative lead, right? 
Wouldn't that be easier if you had everybody's fingerprints? 
Why not collect everybody's fingerprints?
    Ms. Del Greco. We use fingerprint technology as a positive 
identification, and we still do today.
    Chairman Chaffetz. But why not collect them all in advance? 
I mean, that would be easier, right? If you have a database, 
you collect them all in advance; then, when you go and you pull 
off somebody's fingerprints, you've got a database, right? Why 
not do that?
    Ms. Del Greco. Fingerprints are collected with a criminal 
mugshot for an arrested purpose, for a law enforcement purpose.
    Chairman Chaffetz. Yeah. But you see the difference, right, 
somebody is actually arrested; then they take their 
fingerprints. Somebody who is actually convicted, then you 
collect the--then you have your fingerprints. But why not get 
them all in advance? What if we had all 330 million Americans' 
fingerprints in advance? That would be easier, wouldn't it? It 
would be easier, right? That's a question.
    Ms. Del Greco. We collect fingerprints with the criminal 
law enforcement purpose only.
    Chairman Chaffetz. Right. Right. Why not collect 
everybody's DNA? How about when everybody's born in the United 
States, we take a little vile, a sample of blood? Why don't we 
do that? Then we'd have everybody's DNA. And then when there's 
a crime, then we could go back and say, ``Oh, well, let's 
collect that DNA, and now we have 330 million Americans.'' That 
would be easier. Wouldn't it?
    Ms. Del Greco. I'm not at liberty to speak about the DNA 
collection.
    Chairman Chaffetz. This is different. See, this is how DNA 
is a valuable investigative tool. Fingerprints are a valuable 
investigative lead and tool. But what scares me is the FBI and 
the Department of Justice proactively trying to collect 
everybody's face, and then having a system with a network of 
cameras where, if you go out in public, that too can be 
collected and then used in the wrong hands, nefarious hands, 
somebody in government misusing it. It does scare me.
    Are you aware of any other country that does this? Anybody 
on this panel. Is there any other country that's doing this?
    Let me ask you one other thing, and I've gone past my time 
here--past my time here. Do you have plans to match this 
database up with anything that's posted on social media? So, in 
other words, if you go up on Instagram, Facebook, Snapchat, and 
whatever the next new technology is, are you collecting that 
information that is out there on social media?
    Ms. Del Greco. No, we are not. The only information the FBI 
has and has collected in our database are criminal mugshot 
photos. We do not have any other photos in our repository.
    Chairman Chaffetz. That's not true. You are not collecting 
driver's licenses?
    Ms. Del Greco. We do not have driver's license photos in 
our repository at the FBI.
    Chairman Chaffetz. Does anybody care to weigh in on this? 
Mr. Bedoya?
    Mr. Bedoya. Sure, Mr. Chairman. I think this is a 
technicality. Who owns and operates a database matters a lot 
less than who uses it and how it's used. The FBI has access to 
now 18 States' driver's license photos that either can run 
those searches or request them. We're talking more than a third 
of all Americans. So the FBI does have access to these photos. 
They searched them tens of thousands of times and, apparently, 
by GAO's testimony, never audited those searches for misuse.
    Chairman Chaffetz. Would you disagree with that, Ms. Del 
Greco?
    Ms. Del Greco. We have access to the data. We do not 
maintain the data in our repository. And the access we have is 
pursuant to the provision in the Driver's Protection Act within 
the State, accordance with Federal law.
    Chairman Chaffetz. Does anybody else care to weigh in on 
this topic? Ms. Lynch?
    Ms. Lynch. Thank you, Mr. Chairman.
    I would also add that the FBI has civil photos in its 
repository. So it's not just relying on driver's license 
databases, but it also has access to civil photos in its own 
NGI-IPS database. These photos may in the future come from 
background checks that people submit to as trying to get 
employment or as a licensing requirement, but the database is 
not limited to just mugshot photos.
    Mr. Cummings. Would the chairman yield?
    Chairman Chaffetz. Sure.
    Mr. Cummings. Just to clear up, Ms. Del Greco, when the 
chairman asked you about what photos you had, you said over and 
over again, we have just a mugshot--what did she say?
    Chairman Chaffetz. Just the criminal.
    Mr. Cummings. I just feel that you could've been a little--
after we got this more clarification, seemed like you would 
have told us that, what they just told us. I mean, it just 
seems--I mean, I don't know how he feels, but if I was left 
with your answer and didn't have clarification, I would have 
assumed that that's it.
    But they were able to clarify, these other two witnesses, 
that you have access to all kinds of photos. Hello? I just 
think it is a little unfair to the committee. I usually don't 
do this. But it just--it kind of left me not feeling very good. 
And I'm sure the chairman probably felt the same way.
    Chairman Chaffetz. So, if they are in your database or you 
own that database and own those photos, what other databases 
are you also tapping into at will?
    Ms. Del Greco. We do not search the civil photos that are 
in our repository. They are not located in the Interstate Photo 
System. We only search the criminal mugshots that we have in 
our repository. We are not authorized; they are not searchable, 
the civil photos.
    We also retain the investigative photo from the FBI agent, 
but those are not--the civil photos are not searchable.
    Chairman Chaffetz. Well, I'm going to flesh this out. I'm 
well past my time. So we'll continue to flesh this out.
    But let's go to Mr. Lynch of Massachusetts now.
    Mr. Lynch of Massachusetts. Thank you, Mr. Chairman and 
Ranking Member, for your work on this.
    I appreciate the presence and testimony of our witnesses.
    I don't think it's a stretch to say that the majority of 
Americans today feel that the rapid advances in surveillance 
technology have far outpaced the ability of Congress to protect 
the basic privacy of American citizens. And apart from the 
willingness of people to put some of their most intimate 
information online, I think there's been an aggressive 
development of surveillance technology that we've seen come to 
the forefront. And when you think about how this could change 
who we are as a Nation, it's very, very troubling. This country 
was founded on protest--it really was--and is continually 
reshaped by protest. And it disturbs me greatly that, whether 
it was the death Freddie Gray and those protests or the women's 
protest recently that was all over the country, millions of 
people, it disturbs me greatly that we're out there taking in 
this information.
    And I fully support the suggestion of Ms. Lynch--no 
relation--that a warrant should be required in those cases and 
that, if we're going to build these databases and have this 
ability to surveil innocent individuals, then that is really a 
game-changer for this country.
    The background here, Ms. Del Greco, goes back to the 
confidential informant programs that are run by the FBI, DEA, 
ATF. And we have had zero cooperation from the FBI in the tens 
of thousands of confidential informants that you run daily in 
this country.
    We did get a report from the Inspector General's Office 
that explained that the DEA, in addition to the FBI, is 
operating 18,000 confidential informants. They paid $237 
million to confidential informants. And we can't get 
information on who's getting paid for what. So, in addition, I 
think there's probably 15,000 to 20,000 FBI informants that are 
out there. And we have very little accountability as to what 
they are doing, who they are working for, what they are being 
paid for, what their prior crimes were, what their extant 
crimes are while they are being paid as informants. So I have 
zero confidence in the FBI or the DOJ, to be frank with you, of 
keeping this in check.
    Mr. Bedoya, you talked about some of the things that might 
be put in place--Ms. Lynch as well. I'm certainly going to join 
in legislation to put a warrant requirement in on this. There 
are some areas, you know--I know that we had some enhanced 
alerts regarding threats to our transportation system. So we 
put in surveillance cameras at South Station, at Union Station, 
because we had threats in those specific areas for limited 
periods of time. And I don't dispute that, on occasion, with 
specific threats and specific information, we should use that 
tool.
    But, Mr. Bedoya and Ms. Lynch, what else should be included 
in legislation that would allow us to use this tool, this 
technology, while balancing the preservation of individual 
rights and privacy for American citizens?
    Mr. Bedoya, you could start.
    Mr. Bedoya. Yes, sir. There's a couple of points, and I can 
go through them quickly. We need to target this powerful 
technology to serious criminals. And so that, in the first 
instance, we need to do. Secondly, we need to restrict real-
time face scanning to situations like you described, very 
specific threats, very specific occasions. We need to make sure 
this technology's accurate. We need to test it publicly and 
independently for bias. We need safeguards to prevent against 
misuse and abuse. So we need audits to spot if this technology 
is being abused. And we need reporting like you would have 
for--under the Wiretap Act, where if you do a wiretap, later 
on, you report about it: the crime, what happened with that 
prosecution. So, across the board, there are reforms that could 
be made that are modeled on existing law and also modeled on 
the policies of the States represented on this committee that 
could be best practices and commonsense rules for the road 
here.
    Mr. Lynch of Massachusetts. What about an opt-out provision 
for any citizen who is not suspected of a crime, to have 
somebody, some ombudsman, go through and delete all the 
pictures of people who aren't under active consideration for 
criminal activity? I mean, I think that's something that--
innocent people should not be on this database. This is really 
Nazi Germany here what we're talking about. They had meticulous 
files on individuals, most of them of Jewish faith, and that's 
how they tracked their people. And I see little difference in 
the way people are being tracked under this, you know, just 
getting one wide net and collecting information on all American 
citizens. I think it is corrosive of our very liberty. I just 
appreciate your testimony.
    Ms. Lynch, anything to add?
    Ms. Lynch. I think the only thing I would add to Mr. 
Bedoya's response is that we need to have protections to 
prevent the use of face recognition on First Amendment-
protected activities. So, as I think that you just noted, one 
of the risks in using face recognition would be to identify 
people who are engaging in political protest, which is a 
bedrock value in our society, to be able to engage in political 
protest without the fear that the government will be 
identifying us and targeting us for our political beliefs. So, 
if any legislation is introduced, I would encourage a provision 
in that legislation to cover First Amendment-protected 
activities.
    Mr. Lynch of Massachusetts. Thank you.
    I appreciate the courtesy, and I yield back the balance of 
my time.
    Chairman Chaffetz. I thank the gentleman.
    I now recognize the gentleman from Michigan, Mr. Mitchell.
    Mr. Mitchell. Thank you, Mr. Chairman.
    Mr. Cummings, this will be the second time in a week where 
I'm going to climb into the boat with you, sir.
    Chairman Chaffetz. Uh-oh, boat analogy.
    Mr. Mitchell. My boating analogy for the day.
    My older son is a police officer. He is a detective in 
Michigan. And as I read this, I'm, frankly, appalled. I 
didn't--I wasn't informed that, when my driver's license was 
renewed, my photograph was going to be in a repository that 
could be searched by law enforcement across the country. As you 
did your MOU with the Michigan State Police, what efforts did 
you take to make sure, in fact, privacy requirements were 
maintained?
    Ms. Del Greco. Well, first, we looked at the State law and 
worked with the State to ensure that there was a State law that 
allowed for the use of those records for law enforcement 
purposes.
    Mr. Mitchell. So we made sure there was a State law that 
said privacy didn't matter?
    Ms. Del Greco. It was a privacy document with regard to 
driver's license photos in the State.
    Mr. Mitchell. So, again, if the State said it was okay that 
we collected them, there's--I'm not aware of anything in the 
State of Michigan that said they can just provide those photos 
to other parties for law enforcement purposes.
    Ms. Del Greco. We work with the State's legal counsel along 
with our legal counsel to ensure that the appropriate laws are 
in place before an MOU is drafted and approved.
    Mr. Mitchell. So law enforcement all got together and said, 
``It's okay, and we're going to do that.''
    Followup question for you, I spent 35 years in private 
business, and we had to comply with Federal privacy laws. We 
were involved in student education, student aid. I was subject 
to criminal and civil penalties personally as the CEO of the 
company if, in fact, we failed to maintain compliance to 
privacy laws. What civil and criminal penalties have the 
Department of Justice been subjected to for failure to comply 
with the privacy requirements?
    Ms. Del Greco. With regard to FACE Services?
    Mr. Mitchell. Well, with regard to filing the updated 
privacy information that the chairman referred to. You're years 
late.
    Ms. Del Greco. That I am not an expert to speak on, sir.
    Mr. Mitchell. You're not aware. So we don't know whether or 
not--has any action been taken for failure to move forward? You 
said you implemented the report. Has any action been taken for 
the individuals that stopped the report because it was not 
issued?
    Ms. Del Greco. I have no knowledge.
    Mr. Mitchell. There are days that ignorance is bliss; I 
appreciate that.
    Question for Mr. Bedoya, if you would, sir, is there any 
legal standard that law enforcement must use in order to 
request access to the database? I see, on page 3 of the GAO 
report, there is--essentially--effective, the State makes a 
request, and then they access the database. Is there any legal 
standard for access there, sir?
    Mr. Bedoya. Sure, for the FBI, the FBI can open an 
investigation, can run a face recognition search--for example, 
your face in Michigan--on mere allegation or information.
    Mr. Mitchell. How about the State agency requesting the 
information from the FBI and/or other States? What do they have 
to submit?
    Mr. Bedoya. The State agency has to have a criminal justice 
purpose but is not required to have reasonable suspicion to 
search the FBI's database.
    Mr. Mitchell. So they don't have to tell the FBI why it is 
they are asking for access to that database, just that they 
need it.
    Mr. Bedoya. I am not familiar with the exact field they 
need to fill out, but they do not need to meet the most minimal 
standard, which would be reasonable suspicion.
    Mr. Mitchell. Ms. Del Greco, can you explain that?
    Ms. Del Greco. A State law enforcement agency must have an 
originating agency identifier. They have to be a criminal 
justice agency. In fact, for FACE Services, they have to be in 
a law enforcement agency. So the rules are a little bit more 
refined.
    Mr. Mitchell. So refined I guess, but so long as you're a 
law enforcement agency, you can request access to the database 
because they say they want it?
    Ms. Del Greco. They have to have an agency identifier in 
order to do so.
    Mr. Mitchell. An agency identifier is what, please?
    Ms. Del Greco. It's an identifier that we provide to an 
authorized law enforcement agency that has authorized purposes 
to our system.
    Mr. Mitchell. So they have to have the top secret code.
    Ms. Del Greco. We clarify and verify that that agency is 
authorized to have access to our system.
    Mr. Mitchell. But, again, they haven't had to provide any 
indication of investigation or, as has been noted by my 
colleagues, a search warrant or what the investigation; it's 
just that they want access for some--correct?
    Ms. Del Greco. It has to be for law enforcement purposes.
    Mr. Mitchell. Based on someone saying it is, without any 
documentation?
    Ms. Del Greco. Based on their rules and their authorities 
within their State, yes, sir.
    Mr. Mitchell. Mr. Bedoya or Ms. Lynch, any comment on that?
    Mr. Bedoya. Sir, I can quickly comment on that. The FBI 
leaves it entirely to the States to decide what their policies 
will be for when and why they search this database above the 
standards that Ms. Del Greco raised. And, frankly, you know, I 
think we need to take a step back and ask, if this technology 
had been in place for the Boston Tea Party or during the 1960s 
civil rights protest, what would have happened then? I think 
this is a very serious issue across the board.
    Mr. Mitchell. Well, I think the issue goes beyond the First 
Amendment concerns that were expressed by Ms. Lynch and is 
broader. I don't want to just protect someone if they are at a 
political protest from being identified. The reality is we 
should protect everybody unless there is a valid, documented 
criminal justice action. Why should my photo--God knows lately 
it's in every place in the world, including Facebook--be 
subject, because I get a driver's license, to access?
    And I agree with the ranking member, the comment regarding 
the, ``Well, we don't have access to that,'' is disingenuous 
because, frankly, the FBI has access to, whether you own the 
database or not, to 400 million photos of Americans solely 
because you say you have a criminal justice reason for them. I 
have to tell you--and my time is expiring; I apologize, Mr. 
Chairman--to me, that's appalling. And I would join in making 
you take actions to, in fact, limit that dramatically.
    I'm sorry for going over. I appreciate the patience, and I 
yield back, sir.
    Chairman Chaffetz. I thank the gentleman.
    We will now recognize the ranking member, Mr. Cummings.
    Mr. Cummings. Mr. Bedoya, last year, the Center on Privacy 
& Technology released a report on police facial recognition and 
found that, and I quote, ``There is a real risk that police 
face recognition will be used to stifle free speech.'' Is that 
right?
    Mr. Bedoya. Certainly, I believe so. And we have a couple 
of instances where this has happened. You mentioned one, the 
Freddie Gray protests. In 2012, thanks to Freedom of 
Information Act requests filed by the Electronic Frontier 
Foundation, we saw that, in fact, FBI presentations showed how 
this technology could be used on Presidential campaign rallies 
in 2008. And so I think there's a real risk that law-abiding 
Americans are going to be too scared to protest because they 
are afraid the government is going to secretly scan and 
identify and track their faces.
    Mr. Cummings. So what steps should be taken to ensure that 
the technology is not used to stifle protests?
    Mr. Bedoya. I think you could have a belt-and-suspenders 
method, sir. The first is you need to have reasonable 
suspicious that someone is engaged in a crime if you are 
actually encountering them. So they can see you. But if you are 
doing this outside of the public eye against mugshots, we think 
that should be restricted to felonies. And if you are doing it 
with driver's licenses, we think that the public of the State 
should actually vote to approve that; otherwise, it should not 
be allowed. And even then, we think there should be a warrant 
to access that information based on probable cause. And, 
separately, you need to have a policy like Ohio's or like the 
one proposed by DHS and FBI, actually----
    Mr. Cummings. And I realize that Ohio is the only one that 
prohibits the use of facial recognition. Is that right?
    Mr. Bedoya. I wouldn't say ``prohibits,'' sir. I would say 
actively discourages it, and that is a standard also proposed 
by DHS and FBI in a working group in----
    Mr. Cummings. So you would support that?
    Mr. Bedoya. Certainly, sir.
    Mr. Cummings. Ms. Del Greco, despite the findings and 
recommendations, the FBI refuses to conduct any test to 
determine whether the system has racially disparate error 
rates. If one of the FBI's own senior technology experts as 
well as outside groups like the center have identified evidence 
that these systems may be less accurate for African Americans, 
does that concern you?
    Ms. Del Greco. Our requirement when we developed the 
Interstate Photo System did not include tone or ethnicity. It 
was based on the mathematical computation only.
    Mr. Cummings. But you didn't answer my question. I said, 
did that concern you?
    Ms. Del Greco. I'm confident in the development of our use 
and the system that the FBI utilizes for facial recognition.
    Mr. Cummings. So it wouldn't bother you if a certain 
segment of the population was treated unfairly? I mean, you are 
with the FBI, right?
    Ms. Del Greco. The responses we get back are based on the 
mathematical computation. And then our facial recognition 
examiners are highly trained then to make the final decision on 
whether there's a most likely candidate. It is not based on the 
tone or ethnicity of the candidate.
    Mr. Cummings. So you're still saying everything is color-
blind? Ma'am?
    Ms. Del Greco. When we get back a response from the search 
from a probe photo, it could be all races. It is only a 
mathematical computation that returns the candidate list.
    Mr. Cummings. Ms. Lynch, you've got to respond to that for 
me, please.
    Ms. Lynch. Well, I think there are a few things I'd like to 
respond to. I think the first is that we do have these studies 
that show that African Americans and young people and women are 
misidentified at higher rates than Whites and men and older 
people. And that is due to the training data that's used in 
face recognition systems. Most face recognition systems are 
developed using pretty homogeneous images of people's faces. So 
that means mostly Whites and men. And so the system learns from 
that data and doesn't learn how to identify African-American 
faces as well as White faces.
    Mr. Cummings. Can we stick a pin in that?
    Ms. Lynch. Yes----
    Mr. Cummings. Whoa, whoa, whoa. If we're in denial that 
something is--that there's a problem, going back to--I'm not 
saying you're denying it, but you're close--and it seems as if, 
with all of our expertise, with all of our great minds, we 
would say, ``Okay, well, maybe we can improve on this.'' You 
just said that maybe there are not enough samples or whatever. 
My point is, is that, if we don't recognize that there is a 
problem, we'll never improve on it.
    And I mean, I think everybody wants to make sure we're 
safe. We want to make sure that law enforcement has the tools 
they need. But at the same time, if I turn a blind eye and say, 
``This is color-blind,'' I'll never improve the system. But go 
ahead.
    Ms. Lynch. Well, I think that we have to look a little bit 
broader. We have to look, not just at the system, but also, who 
is doing the backup identification? So the FBI produces a 
ranked candidate list in response to most of the face 
recognition searches that are done by the States or the local 
agencies. Now these are automated searches. So the FBI isn't 
looking through those candidates and saying, ``This is the most 
likely match.'' It is just the system that is looking through 
those candidates and saying, ``This is the most likely match.'' 
And then a human has to look through those and say, ``This is 
the person who is in the grainy surveillance camera photo that 
I'm trying to identify.''
    But the problem is not just that the system misidentifies 
African Americans at a higher rate but also that human ID 
backup fails as well. So, if a person is not properly trained 
in how to do the backup identification, then they may 
misidentify the person as well. And we know that this is even 
more true if the person who is doing the identification is of a 
different race or ethnicity than the candidate.
    Mr. Cummings. I think my time is up.
    Thank you, Mr. Chairman.
    Chairman Chaffetz. Thank you.
    We'll now recognize Mr. Ross of Florida for 5 minutes.
    Mr. Ross. Thank you, Mr. Chairman.
    I want to preface my remarks by saying that, 35 years ago, 
I was in the computer industry in both selling and installing 
computer systems. And I set that by way of example because of 
my friend, Mr. Lynch, has set the proposition that technology 
has advanced so exponentially that it has outpaced Congress' 
ability to, I think, really provide the protections necessary.
    And this really intrigues me, this particular topic, 
because, Mr. Bedoya, as you talk about some of the legal 
protections, one thing I haven't heard is the protections 
granted by the Fourth Amendment to unlawful search and seizure. 
And I would like to bifurcate this in two ways: one, in the 
collection of data or the collection of facial recognition; 
and, two, in the application of it. And is there not an 
expectation of privacy? And is there an expectation of privacy 
that would protect the collection of any facial recognition 
data, given the advancements in technology and the high 
resolution of this equipment, that really there is no 
protection?
    Mr. Bedoya. So, yes, sir, I do think there is. No court has 
ever looked at this, which is part of the problem.
    Mr. Ross. Well, I don't think we are at that point yet. 
Because I can see the collection of data saying, ``Okay, 
that''--who allowed you to collect my facial recognition? Well, 
you're in public.
    Mr. Bedoya. I don't think that people reasonably expect 
that, when they stand for a driver's license photo, that it 
will be searched like a criminal's fingerprint, thousands of 
times a month, without warrants, without oversight, without 
even reasonable suspicion. So I do think there is a reasonable 
expectation of privacy. And while the court hasn't decided it, 
I think in the Jones case, the Knotts case, the court has 
signaled that certain kinds of dragnet tracking and certain 
kinds of public activity and things you volunteer to other 
people do deserve protection.
    So I do think there is a Fourth Amendment interest here and 
quite a strong one.
    Mr. Ross. And, Ms. Lynch, when you talked about legal 
protections, is it sufficient enough that I state a disclaimer 
that ``collection of your facial recognition data may be 
ongoing through the surveillance cameras''? Is that what we're 
talking about in terms of legal protections, or is that just 
one level of legal protection that we are looking at?
    Ms. Lynch. I think that's just one level. And I actually 
don't think that that's sufficient because I think it gets back 
to Mr. Bedoya's point that we don't reasonably expect our image 
to be captured when we're walking around in public.
    Mr. Ross. But it's being done anyway, and it has been done 
in surveillance. I mean, cameras and you see, of course, 
notices that say ``surveillance cameras in use on this 
property'' or whatever. So----
    Ms. Lynch. True. There are surveillance cameras in many 
cities, both private and public surveillance cameras.
    But I think what's different is face recognition allows 
people to search through those images very, very quickly. So--
--
    Mr. Ross. And that's the application of it, and my question 
is more to the collection of it. I mean, I agree there is an 
expectation of privacy to a degree, but if you put up a 
disclaimer that you're under surveillance or that surveillance 
is being used, does that not give the protection necessary into 
the collection of the data? I'm not talking about the 
application in the database in the search of it, but----
    Ms. Lynch. No, I don't think that gives the protection that 
we're looking for. And I think an example could be law 
enforcement says, ``We are going to now search all of your 
email, or we are going to''----
    Mr. Ross. Right.
    Ms. Lynch. --``come into every single house, and we're just 
putting you on notice of that fact.'' That doesn't destroy a 
First Amendment protected interest against unlawful searches 
and seizures. And I think a notice on a surveillance camera 
also would not destroy that protection.
    Mr. Ross. Okay.
    Ms. Del Greco, how secure is the database? I mean, have you 
had incidents of hacking or access, unauthorized access?
    Ms. Del Greco. The Next Generation Identification System is 
a secure, unclassified system. It's fully accredited. It's met 
the Federal Information Security Management Act at the highest 
level.
    Mr. Ross. But no--there hasn't been any unauthorized 
access?
    Ms. Del Greco. There has not.
    Mr. Ross. Okay.
    Now, Mr. Romine and Mr. Hutchinson, for your input here, as 
I've watched technology advance and I've also--obviously, the 
government doesn't maintain a monopoly on technology. And, in 
fact, probably they are at the low end of the availability of 
technology. The commercial availability of facial recognition 
technology, is that out there?
    Mr. Romine. It is, sir.
    Mr. Ross. And it is being utilized in the private sector, 
correct?
    Mr. Romine. That's correct.
    Mr. Ross. And are we not seeing some of these same issues 
as to an invasion of privacy as a result of a business or some 
private concern utilizing it, even for marketing purposes? I 
can do a market analysis by facial recognition as to how many 
times this particular person comes into my store or comes onto 
my property. Realistically, you could use it for that, correct?
    Mr. Romine. It certainly could be used for that. NIST's 
role is really just an independent and unbiased arbiter of 
the----
    Mr. Ross. But the availability exists in a commercial 
setting.
    Mr. Hutchinson.
    Mr. Hutchinson. Yes, sir. The availability does exist. And 
it is subject to consent, in most cases, because these retail 
outlets, these private sector customers that may use this 
technology, they see the sensitivity of making sure their 
customers are comfortable, and they certainly don't want to 
alienate them. But absolutely it's out there.
    Mr. Ross. Thank you. I appreciate that.
    I yield back.
    Chairman Chaffetz. The gentleman yields back.
    We'll now recognize the gentleman from Virginia, Mr. 
Connolly, for 5 minutes.
    Mr. Connolly. Thank you, Mr. Chairman.
    And welcome to the panel.
    Mr. Bedoya, I was struck by your comments on driver's 
licenses. When I get my driver's license renewed and I have my 
picture taken, I don't do it with the presumption that that's 
now public property. Is that not correct?
    Mr. Bedoya. I certainly don't also.
    Mr. Connolly. And, therefore, it's not okay for the FBI or, 
for that matter--I don't know--you know, Target to purchase my 
picture without my consent.
    Mr. Bedoya. Or have access to it.
    Mr. Connolly. Or have access to it. That is your position.
    Mr. Bedoya. That is my position, yes, sir.
    Mr. Connolly. And presumably that would be the position of 
most citizens, absent an active decision that ``yes, you can 
have it,'' you can't have it. Otherwise, I might have 
reexamined getting that driver's license.
    Mr. Bedoya. I would agree with that. I think that the 
citizens of the State not only should be notified and have to 
volunteer, but the citizens of the State should vote if they 
want to allow this highly invasive scanning of their faces.
    Mr. Connolly. Has this concept ever been challenged in a 
court of law?
    Mr. Bedoya. We've carefully reviewed Federal and State law 
specifically for face recognition cases and found none. 
Sometimes it's discussed tangentially or very briefly, but 
nothing square on, sir.
    Mr. Connolly. Ms. Del Greco, does the FBI have a different 
interpretation of the presumption of privacy with respect to 
the picture on a driver's license?
    Ms. Del Greco. We utilize the Driver's Privacy Protection 
Act. And that is allowed through Federal law. The FBI that 
utilizes the driver's license photos do so with an open, active 
FBI investigation and is verified by the employees when they 
receive the photo from the FBI agent.
    Mr. Connolly. But you are citing an act of law. Does that 
act of law explicitly grant the FBI or any other Federal agency 
the right to the presumption of access, unlimited access 
apparently, to the picture on the driver's license, which is 
issued, I might add, by a State?
    Ms. Del Greco. It is utilized for law enforcement purposes.
    Mr. Connolly. Mr. Bedoya.
    Mr. Bedoya. The Driver's Privacy Protection Act was passed 
in 1994. The first law enforcement face recognition system in 
the country began operating 2001. The DPPA clearly contemplates 
sharing of individual photos with law enforcement 
circumstances.
    Mr. Connolly. Right.
    Mr. Bedoya. I don't believe it would allow what you're 
describing, nor has it been tested.
    Mr. Connolly. I agree.
    Ms. Del Greco, I would suggest to you: We're not the 
Judiciary Committee, but I think you're on very shaky legal 
grounds in making the assertion you just made, that that 
provides you with the broad authority to have ubiquitous access 
to across 50 States with respect to the picture on a driver's 
license. I don't think it was ever contemplated, and I think 
Mr. Bedoya makes an awfully good point: the law was, in fact, 
written before this technology existed.
    Who advised you to interpret the law that way, your general 
counsel? ``You'' meaning the FBI, not you personally.
    Ms. Del Greco. Thank you. We have a team of council members 
that advise us. We have privacy attorneys that have been 
involved in every facet of the development and implementation 
of the Interstate Photo System and the FACE Services Unit. We 
also work with the attorneys within each of the States that a 
memorandum is developed.
    Mr. Connolly. Well, I just--I'm not a lawyer. This isn't 
the Judiciary Committee. But I know how to read a law. I know 
how to write laws. I do it for a living. I think it's a great 
stretch to take a law that preceded the technology and apply it 
in as sweeping a way as you do. And I just think you're going 
to have to get, frankly, either tested in court or you're going 
to have to get additional statutory authority to proceed down 
the road you're proceeding.
    Ms. Maurer, you found that--let me see, we haven't tested 
the technology since 2011 prior to its deployment by the FBI. 
Is that correct?
    Ms. Maurer. Yeah. We found that the FBI needed to do more 
on ensuring that it is actually making a difference in meeting 
its operational and mission needs. In fact, the FBI has its own 
requirements for conducting at least annual operational 
reviews. That's not been conducted with these systems.
    Mr. Connolly. Since 2011.
    Ms. Maurer. I don't believe it's ever been conducted fully 
with FACE Services for IPS.
    Mr. Connolly. Right, fully.
    Ms. Maurer. Fully.
    Mr. Connolly. Correct. I think your report says the last 
time the FBI tested the accuracy of facial recognition 
technology was 2011.
    Ms. Maurer. Yes, that was before full deployment.That's 
correct.
    Mr. Connolly. So, Ms. Del Greco, why haven't there been 
more comprehensive tests in the last 6 years?
    Ms. Del Greco. The FBI feels that the Interstate Photo 
System performs within the state of the art in the discipline 
for face matching today. If the NIST were to show extreme 
improvements in face recognition technology, the FBI clearly 
would plug in a new algorithm for the accuracy.
    Mr. Connolly. Well, let me read to you the conclusion of 
the GAO report. It says: Because of the lack of testing, 
there's limited information on the accuracy of your face 
recognition technology capabilities.
    Do you dispute that finding?
    Ms. Del Greco. We feel that the technology we have today 
is--at the state of the art.
    Mr. Connolly. So you're just happy as a clam with the 
accuracy.
    Ms. Maurer, do you care to comment?
    Ms. Maurer. This was one of the areas of disagreement 
between GAO and the Department of Justice and FBI. We think 
it's very important for the FBI to continually test the 
accuracy of these systems because of all the privacy issues 
that this committee discussed all morning. There is criteria 
that exist within the FBI that they can use as a way to guide 
these operational reviews, both for the accuracy of the system 
and to ensure it meets law enforcement needs.
    Mr. Connolly. I think my time is up, Mr. Chairman.
    Chairman Chaffetz. Would the gentleman yield to me?
    Mr. Connolly. Of course.
    Chairman Chaffetz. Just I would like to ask unanimous 
consent to enter into the record two letters: one is June 23, 
2016, entitled ``The FBI's Use of Facial Recognition and 
Proposal to Exempt the Bureau's Next Generation Identification 
System from Privacy Act Obligation,'' as well as a letter that 
Mr. Cummings and I sent to the FBI on September 6, 2016.
    Without objection, so ordered.
    Chairman Chaffetz. This letter, Ms. Del Greco, while you 
say you comply with the various privacy laws, the FBI went to 
great lengths to exempt this database from the Privacy Act. I 
hope you can understand and respect our skepticism because the 
Privacy Act is in place to protect against these types of 
things, but the FBI went to great lengths to get itself 
exempted from the Privacy Act and that's a big part of the 
concern.
    Mr. Connolly. And, Mr. Chairman, just in this questioning--
I'm so glad we're having this hearing. I think there are more 
questions raised than answers as to the statutory authority 
being cited and whether or not we need additional statutory 
authority to both encumber the FBI and to authorize it and to 
protect citizens. But there are also technology issues that 
have been raised here as to accuracy.
    Chairman Chaffetz. Yes.
    Mr. Connolly. And if we're relying on this everywhere, that 
raises its own set of questions that I think we need to delve 
into. So I thank my friend and the ranking member for having 
this hearing. It's raised some really important questions.
    Chairman Chaffetz. I thank the gentleman.
    I now recognize the gentleman from Tennessee, Mr. Duncan, 
for 5 minutes.
    Mr. Duncan. Well, thank you, Mr. Chairman.
    And I'm sorry that other meetings prevented me from hearing 
the testimony of the witnesses because I'm very concerned about 
all of this, and I share the concerns that have been expressed 
by the members that I've heard here while I've been here.
    I will tell you that, you know, all of our modern 
technology and the internet, it's got a lot of good, but it 
seems to me that it has just about done away with privacy in 
this country. I'm wondering if we've reached a point--these 
cases seem to turn on the question of whether people have a 
reasonable expectation of privacy. And I wonder if we've 
reached a point where there's no reasonable expectation about 
privacy about anything. I remember a few years ago in this 
committee a company appeared before us that had downloaded 
250,000 Federal income tax returns just to show that it could 
be done. They had been on one of the morning television shows, 
and they weren't in trouble, because they didn't use those 
returns in any way.
    But now it seems that people can find out what 
prescriptions you've gotten, what grocery purchases you've 
made, your every detail about your homes. I mean, I just wonder 
if there's--I think we're reaching a very sad point, a very 
dangerous point, when we're doing away with a reasonable 
expectation of privacy about anything.
    And I share the chairman and ranking member's concern. Ms. 
Del Greco, it says in this CNN report--the report criticizes 
the FBI for not giving the public adequate information about 
the programs and their privacy implications, as required under 
the 1974 Privacy Act. And it also says the systems have not 
been sufficiently tested for accuracy. We've heard about that 
here this morning. It seems to me that the FBI needs to step 
back and take another look at this GAO report and respond to it 
a little bit in a little more detailed fashion, because I think 
most people who have read this report and have heard some of 
these things that have been expressed here this morning would 
wonder if we're ending up in a Federal police state that's 
gotten totally out of control and really has far too much 
power.
    I mean, the President, a month or so ago, people laughed 
when he said if you want to have--if you want to keep something 
private, don't put it into a computer; write it out and hand 
deliver it. And there were some sarcastic jokes about that. 
But, unfortunately, it's almost become true.
    But I certainly commend you, Mr. Chairman, for holding this 
hearing and looking into this to the extent that you have 
because I think a lot of questions have been raised here today. 
Thank you very much.
    Mr. Cummings. Thank you very much.
    Mr. Duncan, first of all, I want to associate myself with 
everything you just said. Before you got here, I mentioned that 
we really do have to guard our democracy. And I said that we 
sometimes I think take it for granted, and we have--when we see 
this chipping away with regard to privacy--and you having been 
a judge, you know what I'm talking about--you've got to guard 
this thing. And I think what happens is we get to a point where 
we, because we have gotten used to our way of life, we assume 
it's going to be that way forever. But I think it is important 
that we, both Republicans and Democrats, whenever we see that 
democracy being threatened, that very democracy that allows us 
to be who we are and the great Nation that we are, we have to 
call it and try to work together to try to address those 
issues. So when I heard your comments, I just wanted to let you 
know that I agree with you.
    I yield back to the gentleman.
    Mr. Duncan. [Presiding.] Well, thank you very much, and I 
do have interest in this because I was a criminal court judge 
for 7-1/5 years trying the felony criminal cases, and I had a 
very good relationship with law enforcement. But there have 
been some pretty serious matters discussed here this morning, 
and I think we need to try to do everything we possibly can to 
make sure that we don't just totally do away with people's 
expectation of privacy in this country. And we're getting close 
to that point, I think.

    Mrs. Maloney. I want to thank the ranking member and 
chairman for holding this important hearing and all of our 
panel.
    I'd like very much to be associated with the statements on 
both the Republican and Democratic side. This is an issue where 
both are expressing a lot of concern. When I go home on the 
weekends, there are at least three protests in my district. The 
protests are definitely in, and they are well attended with 
hundreds of thousands of people. And really the number one 
protection in our Constitution is the right to protest, freedom 
of speech, and then freedom of the press. So it is a very 
protected area, and this hearing is raising major concerns 
about the technology and the secrecy and the Privacy Act.
    But before I start jumping on the FBI, I do have to share 
my appreciation. Three months ago, two bombs went off in the 
district that I'm privileged to represent. Many people were 
injured. Gratefully, no one was killed. But in 48 hours, the 
FBI and the police working together apprehended the person that 
was causing so much damage to innocent people. So I want to 
personally thank you, working 24 hours a day to crack down and 
catch.
    So there's a conflict now. We live in probably the most 
dangerous time for innocent people because of attacks on so-
called soft targets. And you've done a great job, but we've got 
to be careful about the transparency that you provide and 
protections. And it is essential that the FBI pursue its law 
enforcement agenda, as you do, but with transparency and with 
the protection of civil liberty and privacy as two of the most 
guiding principles.
    Now, according to the GAO report, the FBI has been years 
behind in fulfilling its reporting obligations under the 
Privacy Act, the E-Government Act, and internal privacy 
policies for its facial recognition system. And as a result of 
the FBI's delay in complying with reporting these obligations, 
GAO found--and correct me if I am wrong, Ms. Maurer--and I 
quote, they said: ``The public had limited understanding of the 
nature of the system and how their personal information, 
including face images, is being used and protected,'' end 
quote.
    So I'd like to ask you, Ms. Maurer, what obligations did 
the FBI have to the public in this area?
    Ms. Maurer. Thank you very much for the question. The FBI 
was obligated to provide transparency in how it was planning to 
use and eventually did start using the facial images of the 
members of the American public. There were a number of 
different reporting requirements that the FBI, through the 
Department of Justice, failed to meet.
    They eventually did issue the required privacy notification 
documents. It was only years after they started using both of 
their systems for real-world use. That was of great concern to 
us from a transparency perspective.
    Mrs. Maloney. So, in other words, did the FBI meet its 
legal obligations with regard to updating and publishing these 
critical privacy documents that you mentioned?
    Ms. Maurer. No. They did not.
    Mrs. Maloney. Now, can you explain what these privacy 
documents are? What are the Privacy Impact Assessments and the 
System of Records Notices? What is it?
    Ms. Maurer. A Privacy Impact Assessment is required by the 
E-Gov Act. It's required of any Federal system when it's first 
created and when it is newly expanded. It is to provide 
transparency so the public has an understanding of how their 
personal information is being used.
    The System of Records Notice is required under the Privacy 
Act. That's also when new systems are established. It pursues--
tries to achieve a similar goal: transparency.
    These are both useful documents. The PIAs, in particular, 
provide a fair bit of information and detail about how personal 
information is being used by the Federal Government. We thought 
it was important for them do it in a timely basis. They did not 
do so.
    Mrs. Maloney. Ms. Lynch is a representative of an 
organization that represents the public.
    Why should the public be concerned about this? What's the 
impact of this?
    Ms. Lynch. I think the impact is that the public cannot 
assess what our government is doing if the government doesn't 
follow the law by producing Privacy Impact Assessments and 
updating the System of Records Notices.
    So this has real impact on my job because I read through 
these things. And I write about them, and I try and tell 
people, including journalists and the public and our members, 
what's going on.
    So, for example, I had no idea--and I think most privacy 
advocates had no idea--exactly how many images the FBI could 
access until the GAO published its report in 2016.
    I think that most estimates were closer to about 50 
million, and it turned out that the FBI could access about 412 
million. So that's a significant difference, and if the Bureau 
is not responsible in publishing information on its divisions 
and on the impact of its programs, the public has no idea 
what's going on.
    Mrs. Maloney. Well, my time has expired, and thank you.
    Mr. Duncan. Mr. Grothman, have you had a chance to catch 
your breath?
    Mr. Grothman. No, I haven't, but we'll charge ahead anyway 
without catching my breath.
    Ms. Del Greco, do you think you have my face? Do you have 
access to the data regarding my face, do you think?
    Ms. Del Greco. We would only access a face that you would 
have in a DMV record if there was an active FBI investigation 
or----
    Mr. Grothman. So you have it. If you had to, you could get 
it.
    Ms. Del Greco. If you're one of the States that we have an 
MOU with.
    Mr. Grothman. Is Wisconsin one? Do you know off the top of 
your head? Maybe you don't know.
    Ms. Del Greco. I'm not sure, sir.
    Mr. Grothman. Do you see why people are concerned about 
having the government have access to data in which you can tell 
where I am at any given time, given that we have more photos of 
people in the crowd, people in the stands, whatever? Do you see 
any concern as the government databases or access to databases, 
as you say, grows, grows, grows all the time?
    Ms. Del Greco. Of course, I see why there would be a 
concern. However, we want to ensure the public that we are 
protecting their privacy by only accessing the data for legal 
purposes and a law enforcement purpose.
    Mr. Grothman. Do you think, in the past, the government's 
done a good job in making sure data is only accessed for legal 
purposes?
    Ms. Del Greco. I do.
    Mr. Grothman. The IRS, for example?
    Ms. Del Greco. I definitely do. Our FACE Services Unit will 
undergo an audit in accordance with the CJIS Audit Unit. And we 
also will audit the State and local agencies for their use of 
our system.
    Mr. Grothman. Does the FBI deploy real-time facial 
recognition technology on my video surveillance camera video 
feeds?
    Ms. Del Greco. I'm not an expert in all areas of the FBI. 
In my area, we do not.
    Mr. Grothman. Would anybody else care to take a crack at 
that? Oh, okay.
    Are you aware, is anybody aware of any domestic law 
enforcement entities that utilize or would ever plan to utilize 
real-time facial recognition technology?
    Mr. Bedoya. Yes, sir, if I may. We are. We're aware of six 
major law enforcement agencies that have either stated plans to 
use real-time face scanning or have actually purchased the 
technology or have said they are using it. So this is very much 
real. And about a quarter of the current body camera vendors 
are making provisions for use of face recognition off of body 
camera video. So this is very real.
    Mr. Grothman. Explain how that is going to work.
    Mr. Bedoya. It could work any number of ways. Probably the 
riskiest and most threatening way would be for every face that 
walks past a police officer to be scanned. So not just the 
faces of criminals, not just the faces of terrorists, the face 
of every man, woman, and child that walks by. To our knowledge, 
we've yet to see that, but we have seen it off of surveillance 
cameras.
    Mr. Grothman. But they have the ability to do it. It must 
be there for some purpose, right?
    Mr. Bedoya. A DOJ-funded study found that body camera 
vendors are, quote, ``fine tuning'' the ability to incorporate 
face recognition into body cameras. And I have a copy of that 
report, and I am happy to submit it to you on the record.
    Mr. Grothman. Would it be the type of thing where, 
eventually, if I'm walking by a cop, a police officer, it would 
show up that there is Glenn Grothman? If we're walking down the 
street?
    Mr. Bedoya. To our knowledge, right now, this operates on 
smaller watch lists, but the technology is getting better and 
better such that, eventually, in theory, it could encompass 
much larger databases like, for example, Wisconsin's driver's 
license database. To our knowledge, it does not operate on that 
large a database, but that is certainly where this appears to 
be headed.
    Mr. Grothman. Okay. So the day is going to come where Big 
Brother, if we call it that, will know, as we walk down the 
street, there's Ms. Del Greco and Ms. Maurer and Mr. Romine and 
just shows up that this is who is walking along or this is who 
I am seeing?
    Mr. Bedoya. Again, this is what a Department of Justice-
funded study released at the end of last year said: fine-tuning 
face recognition capabilities for body cameras. To be clear, 
those capabilities don't necessarily need to be real-time right 
now. They could be after-the-fact face scanning, but certainly 
this is what a lot of law enforcement vendors are offering 
right now in terms of the surveillance cameras, and they want 
to go to the body camera----
    Mr. Grothman. Okay.
    Mr. Hutchinson, where is this technology going?
    Mr. Hutchinson. Yes, sir. Thank you. I wanted to comment. 
That technology is not commercially available right now. It is 
true that there is facial recognition technology available that 
can detect faces in video feeds. It has not been deployed to 
body-worn cameras. Also, as far as the access to the data----
    Mr. Grothman. Is it going to be?
    Mr. Hutchinson. Potentially, potentially. It can be used 
with video feeds, but it's important to understand how the data 
is loaded into the camera so that it can be detected or 
identified. And as Mr. Bedoya stated, usually it is only watch 
list data, and as Ms. Del Greco stated, it is typically only 
felons. It typically does not have access to every single face 
imaginable.
    Mr. Grothman. Do you think some day it will? I could 
imagine why people would want it to.
    Mr. Hutchinson. That would depend on the particular use 
case for the Federal law enforcement entity.
    Mr. Grothman. Can you explain why FRT is less accurate when 
used to identify certain groups of people?
    Mr. Hutchinson. The algorithms are mathematic; they are 
math instructions for a computer basically. And they use 
certain vectors to determine how a face is searched and how it 
is identified in a database. It is highly dependent on the 
algorithm that you use. It is also highly dependent on the data 
in the database, but it is also dependent on the quality. And 
that's the most important piece. There have been some tests 
that indicate that certain groups of folks, whether its 
ethnicities or so forth, there can be challenges; the 
algorithms perform differently. But it is very important to 
understand what type of testing data is used to train that 
algorithm, because there was--I wanted to make a clarification 
earlier: a lot of the data the vendors use is not homogeneous. 
It is purposefully heterogeneous, and it has a lot of different 
faces from different races and different ages and different 
sexes, specifically to tune the data so that it does not have 
any sort of biases
    Mr. Duncan. I'm sorry. We need to move on now to Ms. Kelly.
    Ms. Kelly. Thank you, Mr. Chair.
    The FBI's facial recognition systems include images from 
external partners such as the State Department, the Department 
of Defense, and at least 17 States. These external systems, 
however, operate, from my understanding, independently of the 
FBI's protocol and standards. And the GAO has raised concerns 
about that. According to the GAO, and I quote: ``Because the 
FBI does not assess the accuracy of its partners' technology, 
it risks relying on technologies that could potentially have 
higher error rates or could be obsolete.''
    Ms. Del Greco, does the FBI do anything to ensure that the 
results it receives from the face recognition systems of its 
Federal and State law enforcement partners are accurate?
    Ms. Del Greco. We do not have the authority to test 
external agency databases. Rather, we focus on the quality of 
the data that we're getting. So we share training tools. We 
offer training, and we share our best practices.
    Ms. Kelly. Does the FBI do anything--I'll get to you--does 
the FBI do anything to make sure its Federal and State partners 
are taking adequate measures to protect against misuse of a 
system? And if you don't, why not?
    Ms. Del Greco. We have a robust audit process at the FBI. 
We audit the State and local and Federal agencies. We have a 
sanctions process that's in place for noncompliance. There is a 
letter of censure that is issued if there is a misuse 
identified. If that is not corrected, we raise it to the level 
in the State to the Governor. If that is not corrected, and 
then we will shut off the system from the State.
    Ms. Kelly. I see you want to say something.
    Ms. Maurer. Yes, absolutely. We are happy that the FBI has 
begun to conduct these audits. I would note that they didn't 
start doing these audits or have these audits include facial 
recognition technology until after our report.
    In terms of our recommendation to the FBI to assess the 
accuracy of the information that it receives from the other 
databases, our recommendation was not intended to require the 
FBI to independently assess the validity of other databases 
but, rather, have a better understanding of the accuracy for 
its own uses. The FBI has that technical capability. They can 
build it into the operational reviews. That was another one of 
our recommendations. So they can do it; they just chose not to.
    Ms. Kelly. Any comment?
    Ms. Del Greco. Well, we disagree. We have trained 
fingerprint--I'm sorry facial recognition examiners--they are 
called biometric image specialists--that go through rigorous 
training. So, when a candidate comes back, it's not a positive 
identification; it takes human review to find a most likely 
candidate.
    Ms. Kelly. Thank you.
    The FBI also claims that it does not have the authority to 
oversee its Federal and State partners, as you said, yet the 
FBI's Criminal Justice Information Services Unit enforces 
similar external audit policies for other programs. According 
to GAO, and again, I quote: ``CJIS security policy states that 
the CJIS Audit Unit is required to conduct triannual audits of 
each of its States and local law enforcement users to assess 
agency compliance with applicable statutes, regulations, and 
policies related to the CJIS systems.''
    Ms. Maurer, do these audits include face recognition 
searches of the FBI system?
    Ms. Maurer. Recently, the FBI has begun to include facial 
recognition as part of these audits they are conducting of 
different States. To my understanding, I think they have 
completed four of those, but those were not begun until after 
our report was issued.
    Ms. Kelly. And you fully support the idea--so they are done 
in only four States, or they've only done four?
    Ms. Maurer. They've only done them in four States so far. 
They've told us they plan to do them in the others. These are 
parts of broader audits that the FBI does of how the States are 
using the full array of biometric information.
    Ms. Kelly. Mr. Bedoya, did you have a comment?
    Mr. Bedoya. Ms. Kelly, I do. I just want to clarify what's 
being discussed here. We're talking about 36,000 searches of 
driver's license photos, including likely your face, since 
you're an Illinois driver. And none of those searches, per the 
GAO's reporting, were audited for misuse or abuse.
    So, going forward, it sounds like there will be an audit, 
which is terrific. But since 2012, the FBI is saying there's 
going to be these audits, and only now this year--and that was 
before Congress, audits will be done before Congress. Only now 
this year are they starting to be done.
    Ms. Kelly. Ms. Del Greco, when will you get to the other 
States?
    Ms. Del Greco. So, during the GAO review, we had a paper 
that was going through our Advisory Policy Board to talk about 
the audits and how the audits would be conducted. It was 
intended to do the audits as part of our triannual audit 
process with the CJIS Audit Unit. We do intend to audit all 
State, local, Federal agencies, as well as the FBI FACE 
Services.
    Ms. Kelly. Do you have a timeline?
    Ms. Del Greco. The FBI FACE Services will be audited in 
2018. There is a schedule for the other States.
    Ms. Kelly. I am out of time. So I yield back.
    Mr. Duncan. Thank you very much.
    Mr. Clay.
    Mr. Clay. Thank you, Mr. Chair.
    And let me thank the panel of witnesses.
    Let me state in the beginning that misidentifying a 
criminal suspect can have dramatic and permanent real-world 
implications. So, with that, last year, the GAO released a 
report on its review of the FBI's use of facial recognition 
technology. Chief among GAO's findings is that the FBI has not 
examined how often, and I quote, ``face recognition searches 
erroneously match a person to the database,'' in other words, 
the false positive rate.
    Dr. Romine, why is testing for false positives so important 
in assessing the accuracy of a facial recognition system?
    Mr. Romine. When we test algorithms for accuracy, one of 
the characteristics we want to know is not just how often an 
image that is in the gallery that matches a probe is returned 
but also the extent to which the algorithm can fail to 
recognize or, in some cases, return erroneous results, as you 
mentioned. And that's just an important consideration with 
regard to measurements, science, capabilities. We want to be 
sure that we provide as much information to stakeholders as we 
can about all aspects of the performance of the algorithms that 
we test.
    Mr. Clay. I see. And to better address the challenge of 
false positive matches, GAO's report recommends that the FBI 
begin testing the false positive rate.
    Ms. Del Greco, despite GAO's findings and recommendation as 
to the importance of testing the false positive rate, the FBI 
did not agree with GAO's recommendation. Is that right?
    Ms. Del Greco. That is correct, sir. A false positive rate 
measures when searches are resulting in one match, and we 
always receive the candidate list back that requires a human 
review.
    Mr. Clay. But aren't you concerned that, by not adopting 
this testing, the FBI may be using a system that isn't as 
accurate as it should be?
    Ms. Del Greco. The false positive rate is not based on the 
return of the candidates but of the human reviewing and the 
response that the human review gives to either the examiner or 
FBI agent.
    Mr. Clay. So what happens when you bring a suspect in and 
it's the wrong one? Do you recognize that fault, or do you go 
on what your facial recognition?
    Ms. Del Greco. We provide a most likely candidate to the 
FBI agent. The FBI agent then has to make the determination if 
that is the person that they are--that is under investigation.
    Mr. Clay. Well, that sounds like a crapshoot. It sounds 
like you're taking a chance: maybe this guy is the one. I mean, 
come on.
    Ms. Del Greco. Our system doesn't provide positive 
identification for facial recognition.
    Mr. Clay. Okay.
    Ms. Maurer, can you explain how the adoption of such 
testing could improve the accuracy of the FBI system?
    Ms. Maurer. Sure. First off, as my colleague from NIST has 
correctly pointed out, false positive testing is a bedrock of 
accuracy for facial recognition technologies, which is the 
reason why we recommended the FBI do that.
    Our understanding is their system has a technical 
capability to test for false positives. They chose not to 
exercise that capability.
    We are also concerned about the way it could impact people 
in the real world as well as the impact on the FBI's use of its 
own resources. They could end up spending some of their 
valuable investigative time on wild-goose chases rather than 
focusing on the actual individual they are trying to find.
    Mr. Clay. Yeah. It sounds like a crapshoot to me. It sounds 
like you're just shooting in the dark, maybe this is the guy.
    You know, Ms. Del Greco, in your written testimony, you 
state that the FBI's facial recognition system, and I quote, 
``is only used as an investigative lead and not as a means of 
positive identification.'' Is that right?
    Ms. Del Greco. That is correct, sir.
    Mr. Clay. Ms. Lynch, if the FBI says facial recognition 
searches are only used as investigative leads, can you explain 
the consequences for potentially innocent individuals who are 
identified due to a false positive result?
    Ms. Lynch. Well, if investigative leads are returned, that 
means that a number of people will be returned and produced as 
suspects for a crime. Each one of those people could be brought 
in for questioning. Each one of those people will have to 
justify where they were on a given time and day. It's very 
difficult, I think, for a lot of people to prove where they 
were in the past. And it makes people suspects for crimes that 
they didn't commit.
    Mr. Clay. My time is up, but I'm sure it wreaks havoc on 
peoples' lives.
    So thank you, Mr. Chairman.
    Mr. Duncan. Ms. Del Greco, the Bureau presently has 
memorandums of understanding with 18 States in regard to this 
facial recognition program. Do you know, are other States going 
to be added in the future, or is there an effort being done in 
that regard now to move this to all 50 States?
    Ms. Del Greco. Where there's a law that allows the use of 
the DMV photos for law enforcement purposes, we will continue 
to work with those States to develop an MOU. There are States 
that do not allow the use of facial recognition technology. Not 
all 50 States will have MOUs with the FBI.
    Mr. Duncan. All right.
    Ms. Lynch, do you have any concerns about using photographs 
to identify people's fingerprints--identifying fingerprints 
from photos?
    Ms. Lynch. Identifying fingerprints or identifying faces? I 
think the big difference between fingerprints and face images 
is that generally somebody knows if they are providing that 
fingerprint. So, to obtain a fingerprint from somebody, in 
general----
    Mr. Duncan. No. I mean, if they have a photo of a person 
with an open palm, using that photo to identify, to take the 
fingerprints from that photo.
    Ms. Lynch. I'm not sure I----
    Mr. Duncan. You haven't heard of that?
    Ms. Lynch. Well, palm prints are----
    Mr. Duncan. Mr. Bedoya, I think, knows something about it.
    Mr. Bedoya. It's a series of little-known studies; Dr. 
Latanya Sweeney, among others, has shown you can, in fact, do 
that. So this was done famously in Germany. Some individuals 
took a German Minister's photo of his hand and actually figured 
out his fingerprint from that. So that is something that is 
technically possible now but, to my knowledge, is not in wide 
use in the United States. But that's--it may be in use; I just 
don't know it.
    Mr. Duncan. All right.
    Well, I want to thank all the witnesses for taking the time 
to appear here today.
    And I ask unanimous consent that members have 5 legislative 
days to submit questions for the record.
    Without objection, so ordered.
    If there's no further business, the committee stands 
adjourned.
    [Whereupon, at 11:37 a.m., the committee was adjourned.


                                APPENDIX

                              ----------                              


               Material Submitted for the Hearing Record
               
               
               
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
               
   
                                 [all]