[House Hearing, 116 Congress]
[From the U.S. Government Publishing Office]




 
  ABOUT FACE: EXAMINING THE DEPARTMENT OF HOMELAND SECURITY'S USE OF 
          FACIAL RECOGNITION AND OTHER BIOMETRIC TECHNOLOGIES

=======================================================================

                                HEARING

                               before the

                     COMMITTEE ON HOMELAND SECURITY
                        HOUSE OF REPRESENTATIVES

                     ONE HUNDRED SIXTEENTH CONGRESS

                             FIRST SESSION

                               __________

                             JULY 10, 2019

                               __________

                           Serial No. 116-31

                               __________

       Printed for the use of the Committee on Homeland Security
                                     


[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]

                                     

        Available via the World Wide Web: http://www.govinfo.gov   
        
        
        

                               __________                          
    

                  U.S. GOVERNMENT PUBLISHING OFFICE 
 38-784                     WASHINGTON : 2020
                                
                               
                               
                               
                               

                     COMMITTEE ON HOMELAND SECURITY

               Bennie G. Thompson, Mississippi, Chairman
Sheila Jackson Lee, Texas            Mike Rogers, Alabama
James R. Langevin, Rhode Island      Peter T. King, New York
Cedric L. Richmond, Louisiana        Michael T. McCaul, Texas
Donald M. Payne, Jr., New Jersey     John Katko, New York
Kathleen M. Rice, New York           John Ratcliffe, Texas
J. Luis Correa, California           Mark Walker, North Carolina
Xochitl Torres Small, New Mexico     Clay Higgins, Louisiana
Max Rose, New York                   Debbie Lesko, Arizona
Lauren Underwood, Illinois           Mark Green, Tennessee
Elissa Slotkin, Michigan             Van Taylor, Texas
Emanuel Cleaver, Missouri            John Joyce, Pennsylvania
Al Green, Texas                      Dan Crenshaw, Texas
Yvette D. Clarke, New York           Michael Guest, Mississippi
Dina Titus, Nevada
Bonnie Watson Coleman, New Jersey
Nanette Diaz Barragan, California
Val Butler Demings, Florida
                       Hope Goins, Staff Director
                 Chris Vieson, Minority Staff Director
                 
                            C O N T E N T S

                              ----------                              
                                                                   Page

                               Statements

The Honorable Bennie G. Thompson, a Representative in Congress 
  From the State of Mississippi, and Chairman, Committee on 
  Homeland Security:
  Oral Statement.................................................     1
  Prepared Statement.............................................     3
The Honorable Mike Rogers, a Representative in Congress From the 
  State of North Carolina, and Ranking Member, Committee on 
  Homeland Security:
  Oral Statement.................................................    16
  Prepared Statement.............................................    18

                               Witnesses

Mr. John P. Wagner, Deputy Executive Assistant Commissioner, 
  Office of Field Operations, U.S. Customs and Border Protection, 
  U.S. Department of Homeland Security:
  Oral Statement.................................................    19
  Prepared Statement.............................................    21
Mr. Austin Gould, Assistant Administrator for Requirements and 
  Capabilities Analysis, Transportation Security Administration, 
  U.S. Department of Homeland Security:
  Oral Statement.................................................    28
  Prepared Statement.............................................    32
Mr. Joseph R. Di Pietro, Chief Technology Officer, U.S. Secret 
  Service, U.S. Department of Homeland Security:
  Oral Statement.................................................    37
  Prepared Statement.............................................    38
Mr. Charles H. Romine, Ph.D., Director of Information Technology 
  Laboratory, National Institute of Standards and Technology, 
  U.S. Department of Commerce:
  Oral Statement.................................................    41
  Prepared Statement.............................................    42

                             For the Record

The Honorable Bennie G. Thompson, a Representative in Congress 
  From the State of Mississippi, and Chairman, Committee on 
  Homeland Security:
  Article, Washington Post, June 10, 2019........................     4
  Article, Washington Post, July 7, 2019.........................     5
  Letter From Todd Hauptli, American Association of Airport 
    Executives...................................................     8
  Statement of the International Biometrics + Identity 
    Association..................................................     9
  Letter.........................................................    12
The Honorable Mike Rogers, a Representative in Congress From the 
  State of North Carolina, and Ranking Member, Committee on 
  Homeland Security:
  Letter From Don Erikson to Chairman Bennie G. Thompson and 
    Ranking Member Mike D. Rogers................................    49
The Honorable Clay Higgins, a Representative in Congress From the 
  State of Louisiana:
  Article, New York Times, June 9, 2019..........................    69
  Article, TheHill.com, May 9, 2019..............................    71
The Honorable Debbie Lesko, a Representative in Congress From the 
  State of Arizona:
  Letter From Sharon Pinkerton to Chairman Bennie G. Thompson and 
    Ranking Member Mike Rogers...................................    72
  Letter From Douglas E. Lavin to Chairman Bennie Thompson and 
    Ranking Member Mike Rogers...................................    73
  Letter From Shane C. Downey to Ranking Member Mike Rogers......    74
The Honorable Sheila Jackson Lee, a Representative in Congress 
  From the State of Texas:
  Article, Houston Chronicle, July 5, 2019.......................    77
  Article, CNET, July 8, 2019....................................    78
  Article, New York Times, July 7, 2019..........................    79
  Article, New York Times, July 26, 2018.........................    82


  ABOUT FACE: EXAMINING THE DEPARTMENT OF HOMELAND SECURITY'S USE OF 
          FACIAL RECOGNITION AND OTHER BIOMETRIC TECHNOLOGIES

                              ----------                              


                        Wednesday, July 10, 2019

                     U.S. House of Representatives,
                            Committee on Homeland Security,
                                                    Washington, DC.
    The committee met, pursuant to notice, at 10:01 a.m., in 
room 310, Cannon House Office Building, Hon. Bennie G. Thompson 
(Chairman of the committee) presiding.
    Present: Representatives Thompson, Jackson Lee, Langevin, 
Richmond, Payne, Correa, Torres Small, Rose, Underwood, 
Slotkin, Cleaver, Green of Texas, Clarke, Watson Coleman, 
Barragan, Demings, Rogers, McCaul, Katko, Walker, Higgins, 
Lesko, Green of Tennessee, Taylor, Joyce, and Guest.
    Chairman Thompson. The Committee on Homeland Security will 
come to order. The committee is meeting today to receive 
testimony on the Department of Homeland Security's use of 
facial recognition and other biometric technologies.
    Without objection, the Chair is authorized to declare the 
committee in recess at any point.
    I now recognize myself for an opening statement.
    Good morning. The Committee on Homeland Security is meeting 
to examine the Department of Homeland Security's use of facial 
recognition and other biometric technologies. The Government's 
use of biometrics is not entirely new. For example, 
fingerprints have been used as an identification tool for many 
decades. Other biometrics include DNA, voice pattern, and palm 
prints. In recent years, facial recognition has become the new 
chosen form of biometric technology.
    As facial recognition technology has advanced, its use by 
the Government and the private sector has also increased. 
Currently, DHS is collecting and storing several different 
kinds of biometric information and is using this information 
for multiple purposes. CBP and TSA are using biometrics to 
conform the identities of travelers, for example. The Secret 
Service is piloting a surveillance system using facial 
recognition.
    I am not opposed to biometric technology and recognize it 
can be valuable to Homeland Security in facilitation. However, 
its proliferation across DHS raises serious questions about 
privacy, data security, transparency, and accuracy. The 
American people deserve answers to those questions before the 
Federal Government rushes to deploy biometrics further.
    Last month, the committee held roundtable discussions with 
both industry and privacy and civil liberty stakeholders about 
the Department of Homeland Security's increasing use of 
biometric technology. Stakeholders have sufficient concerns 
that the data DHS is collecting and whether the Department is 
safeguarding our rights appropriately. They have good reasons 
to be concerned.
    Absent standards, Americans may not know when, where, or 
why the Department is collecting their biometrics. People also 
may not know that they have the right to opt out or how to do 
so. Worse yet, they may not know that biometric technology is 
in use as it is the case when face recognition is used to 
passively surveil a crowd like under the Secret Service's pilot 
program.
    Recent reports also indicate ICE has been scanning through 
millions of Americans' driver's license photos without their 
knowledge or consent. These troubling reports are a stark 
reminder that biometric technologies should only be used for 
authorized purposes in a fully transparent manner.
    Data security is another important concern. Frankly, the 
Federal Government does not have a great track record securing 
Americans' personal data, and biometric information can be 
particularly insensitive. Unfortunately, earlier this year, a 
CBP subcontractor experienced a significant data breach, 
including travelers' images, raising important questions about 
data security.
    Americans want to know that, if the Government collects 
their biometric data, they are going to keep it secure from 
hackers and other bad actors. Moreover, the accuracy of certain 
biometric technology is in question. Despite advancement in 
recent years, studies by highly-regarded academic institutions 
have found facial recognition systems in particular are not as 
accurate for women and darker-skinned individuals.
    Last July, the American Civil Liberties Union conducted a 
test using Amazon's facial recognition tool, called 
Rekognition. ACLU built a database of 25,000 publicly-available 
arrest photos. Using Rekognition, the ACLU searched the 
database using pictures of every current Member of Congress. 
That software incorrectly matched 28 Members with individuals 
who had criminal records. Although the misidentified Members 
included both Democrats and Republicans, men and women, and a 
wide range of ages, nearly 40 percent of the false matches were 
people of color. This is unacceptable. It is not fair to expect 
certain people in our society to shoulder a disproportionate 
burden of the technology's shortcoming. Before the Government 
deploys these technologies further, they must be scrutinized, 
and the American public needs to be given a chance to weigh in.
    Biometrics and facial recognition technology may be a 
useful Homeland Security and facilitation tool, but as with any 
tool, it has the potential to be misused, especially if it 
falls into the wrong hands.
    Today the committee will hear from Federal witnesses on 
this important topic. I am pleased that we have witnesses from 
Customs and Border Protection, the Transportation Security 
Administration, the Secret Service, and the National Institute 
of Standards and Technology before us. They represent just a 
few of the agencies involved in the Government's increasing use 
of biometric technology.
    I look forward to hearing from them about how they are 
using biometric technology currently, their future plans, and 
what they are doing to address these concerns. As Congress, it 
is our job to ensure they protect the rights of the American 
people before they move forward. I expect a good conversation 
toward that end today and continued oversight by the committee 
in the future.
    [The statement of Chairman Thompson follows:]
                Statement of Chairman Bennie G. Thompson
                             July 10, 2019
    The Government's use of biometrics is not entirely new. For 
example, fingerprints have been used as an identification tool for many 
decades. Other biometrics include DNA, irises, voice patterns, and palm 
prints. In recent years, facial recognition has become the new, chosen 
form of biometric technology. As facial recognition technology has 
advanced, its use by the Government and the private sector has also 
increased. Currently, DHS is collecting and storing several different 
kinds of biometric information and is using this information for 
multiple purposes. CBP and TSA are using biometrics to confirm the 
identities of travelers, for example. The Secret Service is piloting a 
surveillance system using facial recognition. I am not opposed to 
biometric technology, and recognize it can be valuable to homeland 
security and facilitation. However, its proliferation across DHS raises 
serious questions about privacy, data security, transparency, and 
accuracy. The American people deserve answers to those questions before 
the Federal Government rushes to deploy biometrics further.
    Last month, the committee held roundtable discussions with both 
industry and privacy and civil liberty stakeholders about the 
Department of Homeland Security's increasing use of biometric 
technology. Stakeholders have significant concerns about the data DHS 
is collecting and whether the Department is safeguarding our rights 
appropriately. They have good reason to be concerned. Absent standards, 
Americans may not know when, where, or why the Department is collecting 
their biometrics. People also may not know that they have the right to 
opt out, or how to do so. Worse yet, they may not know that biometric 
technology is in use, as is the case when face recognition is used to 
passively surveil a crowd like under the Secret Service's pilot 
program. Recent reports also indicate ICE has been scanning through 
millions of Americans' drivers' license photos without their knowledge 
or consent. These troubling reports are a stark reminder that biometric 
technologies should only be used for authorized purposes in a fully 
transparent manner.
    Data security is another important concern. Frankly, the Federal 
Government does not have a great track record securing Americans' 
personal data, and biometric information can be particularly sensitive. 
Unfortunately, earlier this year, a CBP subcontractor experienced a 
significant data breach, including traveler images, raising important 
questions about data security. Americans want to know that if the 
Government collects their biometric data, they are going to keep it 
secure from hackers and other bad actors. Moreover, the accuracy of 
certain biometric technology is in question, despite advancement in 
recent years. Studies by highly regarded academic institutions have 
found facial recognition systems in particular are not as accurate for 
women and darker-skinned individuals. Last July, the American Civil 
Liberties Union (ACLU) conducted a test using Amazon's facial 
recognition tool called ``Rekognition.'' The ACLU built a database of 
25,000 publicly available arrest photos. Using Rekognition, the ACLU 
searched the database using pictures of every current Member of 
Congress. The software incorrectly matched 28 Members with individuals 
who had criminal records. Although the misidentified members included 
both Democrats and Republicans, men and women, and a wide range of 
ages, nearly 40 percent of the false matches were people of color. This 
is unacceptable.
    It is not fair to expect certain people in our society to shoulder 
a disproportionate burden of the technology's shortcomings. Before the 
Government deploys these technologies further, they must be scrutinized 
and the American public needs to be given a chance to weigh in. 
Biometrics and facial recognition technology may be a useful homeland 
security and facilitation tool, but as with any tool it has the 
potential to be misused--especially if it falls into the wrong hands. 
Today, the Committee will hear from Federal witnesses on this important 
topic. I am pleased that we have witnesses from Customs and Border 
Protection (CBP), the Transportation Security Administration (TSA), the 
Secret Service, and the National Institute of Standards and Technology 
(NIST) before us. They represent just a few of the agencies involved in 
the Government's increasing use of biometric technology. I look forward 
to hearing from them about how they are using biometric technology 
currently, their plans for the future, and what they are doing to 
address these concerns. As Congress, it is our job to ensure they 
protect the rights of the American people before they move forward.

    Chairman Thompson. I ask unanimous consent to enter the 
following news articles and letters into the hearing's record: 
A June 10 Washington Post article entitled ``U.S. Customs and 
Border Protection Say Its Photos of Travelers Were Taken in a 
Data Breach''; a July 7 Washington Post article entitled ``FBI 
ICE Find State Driver's Licenses Photos Are a Gold Mine of 
Facial Recognition Searches''; and July 9 letters from American 
Association of Airport Executives, International Biometric 
Identity Association, and a coalition of privacy and civil 
liberties groups, many of whom were represented in our meetings 
and briefings last month.
    Without objection, so ordered.
    [The information follows:]
U.S. Customs and Border Protection says photos of travelers were taken 
                            in a data breach
By Drew Harwell and Geoffrey A. Fowler, June 10, 2019 at 7:54 p.m. EDT, 
        Washington Post.
    U.S. Customs and Border Protection officials said Monday that 
photos of travelers had been compromised as part of a ``malicious 
cyberattack,'' raising concerns over how Federal officials' expanding 
surveillance efforts could imperil Americans' privacy.
    Customs officials said in a statement Monday that the images, which 
included photos of people's faces and license plates, had been 
compromised as part of an attack on a Federal subcontractor.
    CBP makes extensive use of cameras and video recordings at airports 
and land border crossings, where images of vehicles are captured. Those 
images are used as part of a growing agency facial-recognition program 
designed to track the identity of people entering and exiting the U.S.
    Fewer than 100,000 people were impacted, said CBP, citing ``initial 
reports.'' The photographs were taken of people in vehicles entering 
and exiting the U.S. over a month and a half through a single land 
border entry port, which CBP did not name. Officials said the stolen 
information did not include other identifying information, and no 
passport or other travel document photos were compromised.
    The agency learned of the breach on May 31 and said that none of 
the image data had been identified ``on the Dark Web or Internet.'' But 
reporters at The Register, a British technology news site, reported 
late last month that a large haul of breached data from the firm 
Perceptics was being offered as a free download on the dark web.
    CBP would not say which subcontractor was involved. But a Microsoft 
Word document of CBP's public statement, sent Monday to Washington Post 
reporters, included the name ``Perceptics'' in the title: ``CBP 
Perceptics Public Statement.''
    Perceptics representatives did not immediately respond to requests 
for comment.
    CBP spokeswoman Jackie Wren said she was ``unable to confirm'' if 
Perceptics was the source of the breach.
    One U.S. official, who spoke on condition of anonymity due to lack 
of authorization to discuss the breach, said it was being described 
inside CBP as a ``major incident.'' The official said Perceptics was 
attempting to use the data to refine its algorithms to match license 
plates with the faces of a car's occupants, which the official said was 
outside of CBP's sanctioned use. The official said the data involved 
travelers crossing the Canadian border.
    The breach, according to the official, did not involve a foreign 
nation, such as when China hacked the Office of Personnel Management in 
2014 exposing the sensitive information of at least 22 million people.
    News of the breach raised alarms in Congress, where lawmakers have 
questioned whether the government's expanded surveillance measures 
could threaten constitutional rights and open millions of innocent 
people to identity theft.
    ``If the government collects sensitive information about Americans, 
it is responsible for protecting it--and that's just as true if it 
contracts with a private company,'' Sen. Ron Wyden (D-Ore.) said in a 
statement to The Post. ``Anyone whose information was compromised 
should be notified by Customs, and the government needs to explain 
exactly how it intends to prevent this kind of breach from happening in 
the future.''
    Wyden said the theft of the data should alarm anyone who has 
advocated expanded surveillance powers for the government. ``These vast 
troves of Americans' personal information are a ripe target for 
attackers,'' he said.
    Civil rights and privacy advocates also called the theft of the 
information a sign that the government's growing database of 
identifying imagery had become an alluring target for hackers and 
cybercriminals.
    ``This breach comes just as CBP seeks to expand its massive face 
recognition apparatus and collection of sensitive information from 
travelers, including license plate information and social media 
identifiers,'' said Neema Singh Guliani, senior legislative counsel at 
the American Civil Liberties Union. ``This incident further underscores 
the need to put the brakes on these efforts and for Congress to 
investigate the agency's data practices. The best way to avoid breaches 
of sensitive personal data is not to collect and retain it in the first 
place.''
    CBP said copies of ``license plate images and traveler images 
collected by CBP'' had been transferred to the subcontractor's company 
network, violating the agency's security and privacy rules. The 
subcontractor's network was then attacked and breached. No CBP systems 
were compromised, the agency said.
    Perceptics and other companies offer automated license-plate-
reading devices that Federal officials can use to track a vehicle, or 
its owner, as it travels on public roads.
    Immigration agents have used such databases to track down people 
who may be in the country illegally. Police agencies have also used the 
data to look for potential criminal suspects.
    Perceptics, based in Tennessee, has championed its technology as a 
key part of keeping the border secure. ``You want technology that 
generates data you can trust and delivers it when and where you need it 
most,'' a marketing website says.
    The company also said recently that it had installed license-plate 
readers at 43 U.S. Border Patrol checkpoint lanes across Arizona, 
California, New Mexico and Texas, saying they offered border guards 
``superior images with the highest license plate read rate accuracy in 
North America.''
    The Federal Government, as well as the group of private contractors 
it works with, has access to a swelling database of people's cars and 
faces, which it says is necessary to enhance security and enforce 
border laws.
    The FBI has access to more than 640 million photos, including from 
passports and driver's licenses, that it can scan with facial-
recognition systems while conducting criminal investigations, a 
representative for the Government Accountability Office told the House 
Committee on Oversight and Reform at a hearing last week.
    Rep. Bennie Thompson (D-Miss.), chair of the House Homeland 
Security Committee, said he intended to hold hearings next month on 
Homeland Security's use of biometric information.
    ``Government use of biometric and personal identifiable information 
can be valuable tools only if utilized properly. Unfortunately, this is 
the second major privacy breach at DHS this year,'' Thompson said, 
referring to a separate breach in which more than 2 million U.S. 
disaster survivors had their information revealed by the Federal 
Emergency Management Agency. ``We must ensure we are not expanding the 
use of biometrics at the expense of the privacy of the American public. 
``
    Nick Miroff, Ellen Nakashima and Tony Romm contributed to this 
report.
                                 ______
                                 
FBI, ICE find State driver's license photos are a gold mine for facial-
                          recognition searches
By Drew Harwell, July 7, 2019 at 3:54 p.m. EDT, The Washington Post
    Agents with the Federal Bureau of Investigation and Immigration and 
Customs Enforcement have turned State driver's license databases into a 
facial-recognition gold mine, scanning through millions of Americans' 
photos without their knowledge or consent, newly released documents 
show.
    Thousands of facial-recognition requests, internal documents and 
emails over the past 5 years, obtained through public-records requests 
by researchers with Georgetown Law's Center on Privacy and Technology 
and provided to The Washington Post, reveal that Federal investigators 
have turned state departments of motor vehicles data bases into the 
bedrock of an unprecedented surveillance infrastructure.
    Police have long had access to fingerprints, DNA and other 
``biometric data'' taken from criminal suspects. But the DMV records 
contain the photos of a vast majority of a state's residents, most of 
whom have never been charged with a crime.
    Neither Congress nor state legislatures have authorized the 
development of such a system, and growing numbers of Democratic and 
Republican lawmakers are criticizing the technology as a dangerous, 
pervasive and error-prone surveillance tool.
    ``Law enforcement's access of state databases,'' particularly DMV 
databases, is ``often done in the shadows with no consent,'' House 
Oversight Committee Chairman Elijah E. Cummings (D-Md.) said in a 
statement to The Post.
    Rep. Jim Jordan (Ohio), the House Oversight Committee's ranking 
Republican, seemed particularly incensed during a hearing into the 
technology last month at the use of driver's license photos in Federal 
facial-recognition searches without the approval of state legislators 
or individual license holders.
    ``They've just given access to that to the FBI,'' he said. ``No 
individual signed off on that when they renewed their driver's license, 
got their driver's licenses. They didn't sign any waiver saying, `Oh, 
it's OK to turn my information, my photo, over to the FBI.' No elected 
officials voted for that to happen.''
    Despite those doubts, Federal investigators have turned facial 
recognition into a routine investigative tool. Since 2011, the FBI has 
logged more than 390,000 facial-recognition searches of Federal and 
local databases, including state DMV databases, the Government 
Accountability Office said last month, and the records show that 
Federal investigators have forged daily working relationships with DMV 
officials. In Utah, FBI and ICE agents logged more than 1,000 facial-
recognition searches between 2015 and 2017, the records show. Names and 
other details are hidden, though dozens of the searches are marked as 
having returned a ``possible match.''
    San Francisco and Somerville, Mass., have banned their police and 
public agencies from using facial-recognition software, citing concerns 
about governmental overreach and a breach of public trust, and the 
subject is being hotly debated in Washington. On Wednesday, officials 
with the Transportation Security Administration, Customs and Border 
Protection and the Secret Service are expected to testify at a hearing 
of the House Committee on Homeland Security about their agencies' use 
of the technology.
    The records show the technology already is tightly woven into the 
fabric of modern law enforcement. They detailed the regular use of 
facial recognition to track down suspects in low-level crimes, 
including cashing a stolen check and petty theft. And searches are 
often executed with nothing more formal than an email from a Federal 
agent to a local contact, the records show.
    ``It's really a surveillance-first, ask-permission-later system,'' 
said Jake Laperruque, a senior counsel at the watchdog group Project on 
Government Oversight. ``People think this is something coming way off 
in the future, but these [facial-recognition] searches are happening 
very frequently today. The FBI alone does 4,000 searches every month, 
and a lot of them go through state DMVs.''
    The records also underscore the conflicts between the laws of some 
states and the Federal push to find and deport undocumented immigrants. 
Though Utah, Vermont and Washington allow undocumented immigrants to 
obtain full driver's licenses or more-limited permits known as driving 
privilege cards, ICE agents have run facial-recognition searches on 
those DMV databases.
    More than a dozen states, including New York, as well as the 
District of Columbia, allow undocumented immigrants to drive legally 
with full licenses or driving privilege cards, as long as they submit 
proof of in-state residency and pass the states' driving-proficiency 
tests.
    Lawmakers in Florida, Texas and other states have introduced bills 
this year that would extend driving privileges to undocumented 
immigrants. Some of those states already allow the FBI to scan driver's 
license photos, while others, such as Florida and New York, are 
negotiating with the FBI over access, according to the GAO.
    ``The state has told [undocumented immigrants], has encouraged 
them, to submit that information. To me, it's an insane breach of trust 
to then turn around and allow ICE access to that,'' said Clare Garvie, 
a senior associate with the Georgetown Law center who led the research.
    An ICE spokesman declined to answer questions about how the agency 
uses facial-recognition searches, saying its ``investigative techniques 
are generally considered law-enforcement sensitive.''
    Asked to comment, the FBI referred The Post to the congressional 
testimony last month of Deputy Assistant Director Kimberly Del Greco, 
who said that facial-recognition technology was critical ``to preserve 
our nation's freedoms, ensure our liberties are protected, and preserve 
our security.'' The agency has said in the past that while facial-
recognition searches can provide helpful leads, agents are expected to 
verify the findings and secure definitive proof before pursuing arrests 
or criminal charges.
    Twenty-one states, including Texas and Pennsylvania, plus the 
District of Columbia, allow Federal agencies such as the FBI to scan 
driver's license photos, GAO records show. The agreements stipulate 
some rules for the searches, including that each must be relevant to a 
criminal investigation.
    The FBI's facial-recognition search has access to local, state and 
Federal databases containing more than 641 million face photos, a GAO 
director said last month. But the agency provides little information 
about when the searches are used, who is targeted and how often 
searches return false matches.
    The FBI said its system is 86 percent accurate at finding the right 
person if a search is able to generate a list of 50 possible matches, 
according to the GAO. But the FBI has not tested its system's accuracy 
under conditions that are closer to normal, such as when a facial 
search returns only a few possible matches.
    Civil rights advocates have said the inaccuracies of facial 
recognition pose a heightened danger of misidentification and false 
arrests. The software's precision is highly dependent on a number of 
factors, including the lighting of a subject's face and the quality of 
the image, and research has shown that the technology performs less 
accurately on people with darker skin.
    ``The public doesn't have a way of controlling what information the 
government has on them,'' said Jacinta Gonzalez, a senior organizer for 
the advocacy group Mijente who was particularly concerned about how ICE 
and other agencies could use the scans to track down immigrants. ``And 
now there's this rapidly advancing technology, with very few guidelines 
and protections for people, putting all of this information at their 
fingertips in a very scary way.''
    The records, which include thousands of emails and official 
documents from Federal agencies, as well as Utah, Vermont and 
Washington State, show how easy it is for a Federal investigator to tap 
into an individual State DMV's database. While some of the driver photo 
searches were made on the strength of Federal subpoenas or court 
orders, many requests for searches involved nothing more than an email 
to a DMV official with the target's ``probe photo'' attached. The 
official would then search the driver's license database and provide 
details of any possible matches.
    The search capability was offered not just to help identify 
criminal suspects, but also to detect possible witnesses, victims, 
bodies, and innocent bystanders and other people not charged with 
crimes.
    Utah's DMV database was the subject of nearly 2,000 facial-
recognition searches from outside law enforcement agencies between 2015 
and 2017--sometimes dozens of searches a day, the records show. One 
document from Utah's Statewide Information & Analysis Center coached 
officers on how to make facial-recognition requests; offered four tips 
for better facial photographs (``lighting, distance, angle, eyes''); 
and said the database included ``over 5 million Utah driver's license & 
state identification card photos,'' about 2 million more than the 
state's population. State officials did not respond to requests for 
comment.
    Many of the requests for searches in Utah came from local police 
forces across the country seeking to find suspects who may have 
traveled to the state, but roughly half the searches came from Federal 
agents, according to a log of the searches. The records do not provide 
suspect names or say whether cases ended in arrests or convictions.
    Washington state's Department of Licensing said that its ``facial 
recognition system is designed to be an accurate, non-obtrusive fraud 
detection tool'' and that the agency does not share use of the system 
with law enforcement unless compelled by a court order.
    Vermont officials said they stopped using facial-recognition 
software in 2017. That year, a local chapter of the American Civil 
Liberties Union revealed records showing that the state DMV had been 
conducting the searches in violation of a state law that banned 
technology involving ``the use of biometric identifiers.'' The state's 
Governor and attorney general came out against the face-scanning 
software, citing a need to balance public safety with residents' 
privacy rights.
    In the years before the ban, the records show, Vermont officials 
ran a number of face scans on driver's license photos at the request of 
ICE agents. Investigators from a number of Federal and local agencies 
emailed the state's DMV with facial-recognition search requests as they 
pursued people accused of overstaying their visas, providing false 
information, stealing from stores or, in at least one case, being part 
of a ``suspicious circumstance.''
    The officers in some emails would provide descriptions of their 
targets: One was dubbed a ``gypsy . . . scamming elderly people for 
money,'' while another was said to have ``VERY LARGE PROTRUDING EARS.'' 
In others, DMV officials talked about the face-scanning tool as if it 
were the kind of awe-inspiring technical marvel most often seen on 
prime-time cop shows.
    In one 2014 email, a police officer in the town of Manchester, Vt., 
asked a DMV official to scan for a man caught on video ``brazenly'' 
stealing. The official forwarded the email to a colleague with a made-
for-TV flourish, writing, ``Can we play NCIS for this officer?''
                                 ______
                                 
  Letter From Todd Hauptli, American Association of Airport Executives
                                      July 9, 2019.
The Honorable Bennie Thompson,
Chairman, House Homeland Security Committee, Washington, DC 20515.
The Honorable Mike Rogers,
Ranking Member, House Homeland Security Committee, Washington, DC 
        20515.
    Dear Chairman Thompson and Ranking Member Rogers: As experiences at 
airports across the country and the world illustrate, biometric 
technology holds tremendous promise in enhancing security and 
efficiency in the aviation environment. While airport executives are 
encouraged by the promise of biometrics and look forward to their 
further utilization, we recognize that there are legitimate privacy and 
civil right concerns that must be addressed before these technologies 
are deployed more widely. We look forward to working with the Committee 
and the Department of Homeland Security (DHS) to ensure that the proper 
regulatory framework and safeguards are in place to protect citizens' 
rights as these technologies are utilized to achieve worthy objectives.
    As you know, many airport facilities across the country are already 
experiencing significant strain with passenger traffic at record 
levels. The situation is likely to become increasingly more challenging 
as airport facilities age and as domestic and international passenger 
levels continue to increase. International passenger traffic is growing 
at 5-6 percent at U.S. airports and domestic growth is nearing 5 
percent, with some facilities seeing growth well beyond those annual 
averages. International air travel is projected to double over the next 
20 years according to the International Air Transportation Association 
(IATA).
    While there are clear economic benefits that accompany these 
increases in passengers, airport facilities--many of which are decades 
old--cannot keep pace with current growth. Similarly, our Federal 
partners at both U.S. Customs and Border Protection and the 
Transportation Security Administration will, undoubtedly, have 
significant difficulties handling record passenger volumes efficiently 
and effectively at current staffing levels, leading to growing wait 
times at checkpoints and in other processing queues.
    In our view, innovation holds the key to improving the efficiency 
of the travelers' journey and reducing growing lines, which themselves 
pose a security challenge. Wider adoption of biometric technology at 
our borders and security checkpoints is one way that airports, 
airlines, and the Federal Government can more seamlessly handle 
expected passenger growth. Biometrics, including facial recognition, 
have the potential to enhance security and efficiency without 
compromising important civil liberties provided that their utilization 
is coupled with robust privacy and data protections for travelers and 
the ability for American citizens to opt out of using biometric 
technology in favor of the traditional screening process at an airport.
    Additionally, as Federal budgets are tightening, we are concerned 
that DHS may shift the responsibility for acquiring these technologies 
onto airports at a time when State and local budgets are also 
constricting. This could lead to a bifurcated system in which certain 
airports or airlines have the financial resources to procure these 
biometric technologies and others do not, resulting in different 
protocols being used at different airports in the United States. We are 
already seeing the Department depend heavily on public-private 
partnerships to fund inherently governmental responsibilities for the 
screening and processing of passengers. Security cannot and should not 
become an area of ``haves'' and ``have nots'' at the nation's airports.
    AAAE and our members would welcome the opportunity to discuss 
potential uses and security benefits of biometric and facial 
recognition technologies in the airport environment as you contemplate 
further Committee action in this area. We sincerely appreciate your 
consideration of our views and the need to innovate in order to address 
growing passenger volumes at our airports while maintaining the highest 
levels of security.
            Sincerely,
                                              Todd Hauptli,
                                                 President and CEO.
                                 ______
                                 
    Statement of the International Biometrics + Identity Association
                                      July 9, 2019.
The Honorable Bennie Thompson,
Chairman, Committee on Homeland Security, U.S. House of 
        Representatives, 2466 Rayburn House Office Building, 
        Washington, DC 20515.
The Honorable Mike Rogers,
Ranking Member, Committee on Homeland Security, U.S. House of 
        Representatives, 2184 Rayburn House Office Building, 
        Washington, DC 20515.
    Dear Chairman Thompson and Ranking Member Rogers: On behalf of the 
International Biometrics + Identity Association, I am writing to 
express our gratitude for your support over the past decade for the use 
of biometrics by DHS, and especially CBP for its US-VISIT Entry Exit 
program. Through your efforts, CBP has come a long way in implementing 
biometrics to enhance the security of air travel, limit identification 
fraud, help address the visa overstay issue, and, at the same time, 
facilitate air travel.
    A heated debate is now surrounding the emergence of facial 
recognition for use by CBP, TSA, and other DHS programs.
    IBIA appreciates the opportunity to provide the following 
information about the performance of facial recognition algorithms that 
has not come out in the public hearings. The data that we are providing 
comes directly from NIST, the recognized global premier testing entity.
    IBIA acknowledges that many people have concerns about privacy that 
are rooted in moral and political philosophies. These are matters of 
opinion on which reasonable people may disagree and should be resolved 
in the public sphere.
    IBIA's objective is to provide facts that can help to inform the 
debate and conversations about facial recognition, facts that have not 
been properly aired to date. This is foundational for good legislation. 
We look to this Committee to help bring out the facts to ensure a full 
debate on the issues open to all stakeholders and relevant information.
    Much of the debate has centered around the view that the algorithms 
are ``biased'' and ``discriminatory''. These words are semantically 
loaded and imply intent. Facial recognition is performed by a machine 
and machines have no intent.
      Attachment.--International Biometrics + Identity Association
     understanding the performance of facial recognition algorithms
    The International Biometrics + Identity Association (IBIA) is the 
leading voice for the biometrics and identity technology industry. It 
advances the transparent and secure use of these technologies to 
confirm human identity in our physical and digital worlds. 
#identitymatters
     understanding the performance of facial recognition algorithms
Executive Summary
    This paper addresses the performance of facial recognition 
algorithms, an issue that has emerged as a major point of contention 
during the current policy debates about the use and limits of facial 
recognition.
    The thrust of the argument to limit the use of facial recognition 
is that the technology is not yet ready for prime time. The primary 
arguments are that facial recognition algorithms are basically too 
imperfect because they are ``discriminatory'' against people with dark 
skin tones and display low levels of matching performance.
    The purposes of this paper are to:
   Demonstrate these performance arguments are not supported by 
        the evidence documented in recent National Institute of 
        Standards and Technology (NIST) testing, the world's premier 
        standards and testing body. NIST shows stunningly high levels 
        of accuracy and clear superiority of the technology compared to 
        human recognition systems, both in terms of accuracy rates and 
        performance across a range of skin tones. This is supported by 
        the latest academic research conducted by a group of the 
        preeminent scholars on facial recognition.
   Explain the factors that affect the performance differences 
        of facial recognition algorithms, including the application, 
        the rest of the system, variations in quality of the 
        algorithms.
   Summarize the many benefits of facial recognition.
   Highlight the challenges in the use of facial recognition 
        that remain and address the work in progress to further improve 
        the technology.
    The field of research today known as Artificial Intelligence traces 
its origins to a workshop at Dartmouth College in 1956. Attendees 
became the founders and leaders of the field and were, with the benefit 
of hindsight, unrealistic about the likely course of progress. For 
example, Herbert Simon predicted, ``machines will be capable, within 20 
years, of doing any work a man can do.'' Marvin Minsky agreed, writing 
``within a generation . . . the problem of creating `artificial 
intelligence' will substantially be solved.'' What AI research has 
delivered are highly specialized tools which approximate or improve 
upon human performance in narrow areas, yet exhibit no generalized 
behavior that humans would recognize as intelligence. Deep Learning is 
another such term that implies an on-going process similar to that 
employed by humans; whereas what actually occurs is a highly 
sophisticated, one time, training on substantial amounts of carefully 
annotated data. Thereafter the system works well with information 
similar to the training data but does not adapt to new data until a 
subsequent training period.
Let's Stop Using Semantically Loaded Terms like ``Discriminatory''
   Let's dispense with this term so we can focus on the 
        essential facts about performance of facial recognition 
        systems, including accuracy and systemic errors, instead of 
        extraneous and emotional issues.
   ``Discriminatory'' is a semantically loaded term because it 
        implies intent.
   However, facial recognition is performed by a machine, and 
        machines have no intent.
   The argument that algorithm developers exhibit racial/gender 
        blindness producing algorithms that perform less effectively 
        for other than white males is not supported by the facts.
   NIST has active test and analysis effort to assess this 
        issue.
   Recent (12 April 2019) results for verification algorithms 
        (i.e. 1:1 search) show the top 20 performing algorithms, with 
        elapsed time between images from 2-16 years, are most effective 
        for blacks with black females often the most accurate.
   The test results for identification (i.e. 1:N search) are 
        expected during 2Q 2019.
   The most appropriate composition of test datasets, to insure 
        effective testing, is still somewhat of an unsettled issue.
    Cost of new dataset development for effective large-scale testing 
is a significant issue, beyond the resources of all but government and 
the largest companies. It may be feasible to continue to employ 
existing facial recognition datasets, by recharacterizing their 
metadata to more accurately reflect subject demographics, once there is 
consensus on what changes, if any, are needed.
Performance Differences of Algorithms
   All algorithms have some performance differences across 
        different demographic groups, genders, and age cohorts.
   These differences are being addressed and there has been 
        rapid improvement, which is on-going.
   For verification applications (fraud detection, access 
        control, etc.), in the latest NIST testing, the top performing 
        algorithms are more accurate with black males and females than 
        with whites and have less than 1 percent false non-match rates 
        for all groups at 0.1 percent false match rate.
   For investigative applications, progress has been dramatic 
        with a major update report expected from NIST during the 2d 
        quarter of 2019.
Facial Recognition and Facial Classification are Different and Should 
        Not Be Confused
   Face recognition seeks to identify an individual from their 
        face image.
   Facial classification seeks to classify a face by 
        estimating, for example, gender, age, or race.
   The algorithms are built and trained separately.
   The process of classification estimation involves one image, 
        while facial recognition involves comparison of pairs.
   An MIT study, which is a large part of the ``facial 
        recognition is biased narrative''; only examined facial 
        classification, specifically for gender.
   A joint FIT/Notre Dame study provides a more complete and 
        accurate view, as do the NIST tests.
Algorithms Are Just Part of a Facial Recognition System
   The performance of a facial recognition system depends on a 
        number of factors; the algorithm is one such factor. The 
        camera, its resolution, positioning, distance, and lighting set 
        an upper limit on performance. Subject pose and expression can 
        also influence performance.
   Camera resolution and distance matter; humans require about 
        25 pixels per meter resolution to detect the presence of 
        humans, but can recognize motion at lower resolutions.
   Ambient or artificial lighting has an enormous impact on 
        system performance.
   In other words, all the components of the facial recognition 
        system must perform properly, in addition to using a high-
        performance algorithm, and these elements can be adjusted 
        easily.
   Knowing all this, some facial recognition applications 
        employ human facial examiners who make the final match/no match 
        decision after the facial matching algorithm selects a list of 
        potential matches; they use applications specifically designed 
        for facial examinations.
The Application Matters
   Facial verification and facial identification systems, until 
        quite recently, have been designed to match portrait style 
        (mugshot, driver license, visa, passport) images.
   With good lighting, pose, and expression control, 
        performance can be stunningly good and good mugshot accuracy 
        conforms to photography standards adopted by NIST for the FBI 
        further developed by ISO.
   Matching of ``in the wild'' images (a reference to image 
        quality--candid, unposed, not portrait-style images) has 
        matured dramatically in the past 5 years, with verification 
        accuracy of top algorithms now at 99 percent. An update on 
        investigation applications is expected to show comparable 
        progress and further maturation is expected in the near term.
    Some algorithms are much better than others, as in everything else. 
In golf, there is Tiger Woods and then there is the rest of us.
Not all Algorithms are Alike
   Market entry is relatively easy and the number of algorithm 
        providers has expanded from about 10 in 2010 to about 100 
        today, with many offering multiple algorithms.
   Some algorithms are much better than others, as would be 
        expected. Objective testing like that performed by NIST reveals 
        the differences.
   Algorithm performance for a selfie, social media, or a 
        commodity web camera is considerably different from an 
        algorithm used for security or law enforcement applications.
NIST Has Tested More Than 170 FR Algorithms, with Wide Variations in 
        Performance Observed
   Six (6) algorithms are less accurate than a coin toss.
   Most are more accurate than human observers, including those 
        trained and employed to do recognition.
   The top performing algorithms are much better performing 
        than humans.
   Many algorithms match blacks more accurately than whites.
   Algorithm matching of females is frequently less accurate 
        than males.
   Algorithm performance is less accurate for most applications 
        involving children.
   The application makes a difference.
   Portrait style 1:N and 1:1 matching is extraordinarily 
        accurate (considerably more accurate than fingerprint 
        technology circa mid-2000's when FBI went to partial ``lights 
        out'' fingerprint matching).
    Nothing is perfect and no system performs perfectly. The real 
question is whether automated facial recognition is better than the 
current systems. And under this criterion, data clearly demonstrates 
superior performance of automated facial recognition.
   In the wild (``candid, unposed, non-portrait images''), 
        matching is less accurate but quite suitable for lead 
        generation, typically with stalled investigations.
   Likewise, matching is less accurate for poor quality images.
   Notwithstanding exceptional algorithm accuracy, validation 
        has not been performed to allow ``lights out'' use of facial 
        recognition technology when there are potential adverse 
        consequences to the subjects. Human review is required.
   Algorithms are not commoditized as performance varies 
        greatly, from the best identifying 99.4 percent of individuals 
        in a gallery of 12 million subjects to below 40 percent for the 
        worst.
Demand for Perfection of Algorithms is Not a Performance Standard for 
        the Real World
   No system--or human--performs perfectly.
   The real question is whether automated facial recognition is 
        better than other systems or humans. And under this criterion, 
        data clearly demonstrate superior performance of automated 
        facial recognition.
   For family, friends, professional acquaintances, and 
        celebrities, human recognition works well.
   For unfamiliar persons, few individuals perform well at face 
        recognition or matching.
   Skilled passport examiners are only about 80 percent 
        accurate when unaided by automation.
   The top performing algorithms outperform the mean 
        performance of all human groups including skilled forensic face 
        examiners with unlimited time and the best automated tools; 
        (although a few humans in the more skilled groups outperform 
        circa 2017 top algorithms).
   Machines can memorize millions of faces, and humans only 
        thousands, enabling machines to do things unaided that humans 
        cannot, including to:
     Identify missing children who do not know their names.
     Identify exploited children in dark web pornography.
     Identify disoriented adults (e.g. with amnesia, 
            Alzheimer's).
     Flag likely driver license application fraud for human 
            review.
     Identify likely Visa fraud for human review.
     Identify likely Passport fraud for human review.
     Provide leads for further investigation when a 
            surveillance photo is the only information.
     Detect border (and other) fraudulent use of stolen 
            identity documents.
People are Comfortable with Face Recognition
   Following the iPhone X introduction on November 3, 2017, 
        tens of millions of Americans have become familiar and entirely 
        satisfied with facial recognition technology for personal use.
   The 2019 Center for Data Innovation public opinion survey 
        found that only 1 in 4 Americans think the government should 
        strictly limit the use of facial recognition technology.
   The technology is widely used worldwide, and adoption is 
        growing.
   DHS pilot projects at several airports, dispensing with 
        boarding passes and ID cards in favor of facial recognition for 
        international flights, have been enthusiastically greeted by 
        the traveling public.
   Frequent international travelers already hope for domestic 
        adoption.
   Technology advancement is inexorable, and each generation 
        has the responsibility to decide how to balance the benefits of 
        new technology with privacy and appropriate uses.
    The IBIA is the leading voice for the biometrics and identity 
technology industry. It advances the transparent and secure use of 
these technologies to confirm human identity in our physical and 
digital worlds. Visit us at www.ibia.org.
                                 ______
                                 
            Letter Submitted By Chairman Bennie G. Thompson
                                      July 9, 2019.
The Honorable Bennie Thompson,
Chairman, Committee on Homeland Security, 310 Cannon House Office 
        Building, Washington, DC 20515.
The Honorable Mike Rogers,
Ranking Member, Committee on Homeland Security, 310 Cannon House Office 
        Building, Washington, DC 20515.
RE: The Suspension of Face Recognition Technology Use by the Department 
of Homeland Security

    Dear Chairman Thompson and Ranking Member Rogers: The undersigned 
organizations, which are dedicated to preserving privacy, civil 
liberties, and civil rights, write to urge you to immediately suspend 
the Department of Homeland Security's (DHS) use of face recognition 
technology on the general public.
    The use of face recognition technology by the DHS poses serious 
risks to privacy and civil liberties, threatens immigrants, broadly 
impacts American citizens, and has been implemented without proper 
safeguards in place or explicit congressional approval. The technology 
is being deployed today by authoritarian governments as a tool to 
suppress speech and monitor critics, minorities, and everyday citizens. 
Congress should not permit the continued use of face recognition in the 
United States absent safeguards to prevent such abuses.
    Moreover, the extraordinary breach of the images of travelers' 
faces and license plates, surveillance-equipment schematics and 
sensitive contracting documents by a CBP contractor has made clear that 
these programs are creating new risks to the privacy and security of 
Americans.\1\ Through carelessly managed programs, DHS itself created 
new security threats. It would be irresponsible for DHS to move forward 
with face recognition programs that collect massive amounts of 
sensitive data until a thorough investigation of this incident is 
completed and the agency demonstrates that it can fully safeguard its 
systems.
---------------------------------------------------------------------------
    \1\ Drew Harwell, Hacked documents reveal sensitive details of 
expanding border surveillance, Wash. Post (June 21), https://
www.washingtonpost.com/technology/2019/06/21/hacked-documents-reveal-
sensitive-details-expanding-border-surveillance/.
---------------------------------------------------------------------------
DHS's Use of Face Recognition Technology
    DHS is in the process of integrating and expanding the agency's use 
of face recognition technology through various programs of its 
subcomponents. DHS's use of face recognition will affect millions of 
individuals, who will lack the protections needed against a powerfully 
invasive surveillance tool.
Customs and Border Protection
    The broadest current use of face recognition technology is the 
Customs and Border Protection's Biometric Entry-Exit program. Without 
legal authority or the opportunity for public comment, the U.S. Customs 
and Border Protection (CBP) has broadly deployed facial recognition 
technology at U.S. airports to all travelers, including U.S. citizens. 
The agency plans to ``incrementally deploy biometric capabilities 
across all modes of travel--air, sea, and land--by fiscal year 
2025.''\2\
---------------------------------------------------------------------------
    \2\ U.S. Dep't of Homeland Sec., Office of Inspector Gen., OIG-18-
80, Progress Made, but CBP Faces Challenges Implementing a Biometric 
Capability to Track Air Passenger Departures Nationwide, 7 (Sept. 21, 
2018), https://www.oig.dhs.gov/sites/default/files/assets/2018-09/OIG-
18-80-Sep18.pdf [hereinafter OIG Report].
---------------------------------------------------------------------------
    CBP uses flight manifests and photographs obtained from the State 
Department to create ``galleries'' to match with photos captured at 
international airports.\3\ ``If CBP does not have access to advance 
passenger information, such as for pedestrians or privately-owned 
vehicles at land ports of entry, CBP will build galleries using 
photographs of `frequent' crossers for that specific port of 
entry[.]''\4\ CBP uses its own equipment as well as that of private 
firms, other government agencies, and foreign governments to capture 
face images.\5\ Yet, there are no formal rules restricting the use of 
the photos captured by non-CBP owned equipment.\6\
---------------------------------------------------------------------------
    \3\ Id.
    \4\ U.S. Dep't of Homeland Sec., U.S. Customs and Border 
Protection, DHS/CBP/PIA-0056, Privacy Impact Assessment for the 
Traveler Verification Service, 5 (Nov. 14, 2018) https://www.dhs.gov/
sites/default/files/publications/privacy-pia-cbp030-tvs-
november2018_2.pdf [hereinafter TVS Nov. 2018 PIA].
    \5\ Id. at 7-8.
    \6\ See Memorandum of Understanding Between and Among U.S. Customs 
and Border Protection and [REDACTED] and [REDACTED] Regarding 
[REDACTED] Biometric Pilot Project at [REDACTED] (June 2017), https://
epic.org/foia/dhs/cbp/biometric-entry-exit/MOU-Biometric-Pilot-
Project.pdf.
---------------------------------------------------------------------------
    The steady implementation of CBP's biometric entry-exit program in 
airports across the country has been widely reported.\7\ The program 
affects a significantly large group of U.S. citizens traveling in and 
out of the country. At the Atlanta Hartsfield-Jackson International 
Airport alone, ``[a]bout 25,000 passengers move through the terminal 
each week'' and the majority of those passengers are subject to facial 
recognition.\8\ Further, ``CBP hopes to have facial recognition 
boarding at all US airports serving international flights within 3 or 4 
years.''\9\
---------------------------------------------------------------------------
    \7\ See e.g., Bart Jansen, CBP: Orlando is First U.S. Airport to 
Scan Faces of All International Travelers, USA Today (June 21, 2018), 
https://www.usatoday.com/story/travel/flights/todayinthesky/2018/06/2/
orlando-international-airport-scan-faces-u-s-citizens/722643002/; Lori 
Aratani, Officials Unveil New Facial Recognition System at Dulles 
International Airport, Wash. Post (Sept. 7, 2018), https://
www.washingtonpost.com/transportation/2018/09/06/officials-unveil-new-
facial-recognition-system-dulles-international-airport/; Gregory 
Wallace, Instead of the Boarding Pass, Bring Your Smile to the Airport, 
CNN (Sept. 10, 2018), https://www.cnn.com/travel/article/cbp-facial-
recognition/index.html; Jack Stewart, Creepy or Not, Face Scans Are 
Speeding Up Airport Security, Wired (Nov. 21, 2018), https://
www.wired.com/story/airport-security-biometrics-face-scanning/;.
    \8\ Lori Aratani, Your Face is Your Boarding Pass at this Airport, 
Wash. Post (Dec. 4, 2018), https://www.washingtonpost.com/nation/2018/
12/04/your-face-is-your-boarding-pass-this-airport/.
    \9\ Thom Patterson, US Airport Opens First Fully Biometric 
Terminal, CNN (Dec. 3, 2018), https://www.cnn.com/travel/article/
atlanta-airport-first-us-biometric-terminal-facial-recognition/
index.html.
---------------------------------------------------------------------------
    The Biometric Entry-Exit program is flawed. A report on iris and 
facial recognition technologies at a southern land border found that 
the technologies did not perform operational matching at a 
``satisfactory'' level.\10\ A DHS Office of the Inspector General 
(``IG'') report found that CBP's Biometric Entry-Exit program suffered 
from technical and operational challenges. The IG report also found 
that CBP could not ``produce biometric matches consistently for 
individuals in certain passenger groups'' with the lowest biometric 
confirmation rate being for U.S. citizens.\11\ Moreover, several 
reports and studies have noted that face recognition algorithms are 
often less accurate on certain sub-groups, including women and people 
with darker skin pigmentation.\12\
---------------------------------------------------------------------------
    \10\ U.S. Customs and Border Protection, Southern Border Pedestrian 
Field Test Summary Report, 8 (Dec. 2016), https://epic.org/foia/dhs/
cbp/biometric-entry-exit/Southern-Border-Pedestrian-Field-Test-
Report.pdf.
    \11\ OIG Report at 19.
    \12\ See, e.g., Joy Buolamwini & Timnit Gebru, Gender Shades: 
Intersectional Accuracy Disparities in Commercial Gender 
Classification, Proceedings of the 1st Conference on Fairness, 
Accountability and Transparency, PMLR 81:77-91 (2018), http://
proceedings.mlr.press/v8l/buolamwini18a/buolamwini18a.pdf.
---------------------------------------------------------------------------
    Americans returning to the United States have also found it 
difficult to opt out of the facial recognition screening, which is 
their legal right.\13\ Travelers routinely report on burdensome 
procedures intended to compel individuals to undergo facial recognition 
even if that is not their choice.\14\ Additionally, CBP has not 
undergone formal rulemaking addressing how information collected will 
be used, disclosed, and retained, and what remedies will exist in cases 
where individuals are adversely impacted by the use of the technology.
---------------------------------------------------------------------------
    \13\ See Zack Whittaker, Yes, Americans can opt-out of airport 
facial recognition--here's how, Tech Crunch, https://techcrunch.com/
2019/05/13/americans-opt-out-facial-recognition-airport/; Allie Funk, I 
Opted Out of Facial Recognition at the Airport--It Wasn't Easy, Wired, 
July 2, 2019, https ://www.wired.com/story/opt-out-of-facial-
recognition-at-the-airport/.
    \14\ Allie Funk, I Opted Out of Facial Recognition at the Airport--
It Wasn't Easy, Wired, July 2, 2019, https://www.wired.com/story/opt-
out-of-facial-recognition-at-the-airport/.
---------------------------------------------------------------------------
    These concerns are further amplified given that CBP uses face 
recognition technology for purposes that extend far beyond simply 
verifying whether someone purportedly matches the photograph on their 
travel document. CBP plans to use the facial recognition to search 
biometric watch lists--raising questions about how such lists will be 
compiled and whether they will be the predicate for additional 
immigration and law enforcement activities \15\ The data from the 
Biometric Entry-Exit program will also be broadly accessible within DHS 
with the Coast Guard, Transportation Security Administration (TSA), and 
Immigration and Customs Enforcement (ICE) all having access to the 
data.\16\
---------------------------------------------------------------------------
    \15\ U.S. Department of Homeland Security U.S. Customs and Border 
Protection, Biometric Entry-Exit Program Concept of Operations, 000039 
(June 27, 2017), https://epic.org/foia/dhs/cbp/biometric-entry-exit/
CBP-Biometric-Entry-Exit-Concept-of-Operations.pdf.
    \16\ See U.S. Department of Homeland Security U.S. Customs and 
Border Protection, Biometric Entry-Exit Program Concept of Operations 
000063 (June 27, 2017), https://epic.org/foia/dhs/cbp/biometric-entry-
exit/Concept-of-Operations.pdf; see also U.S. Department of Homeland 
Security, Capability Analysis Study Plan for Biometric Ently Exit 
000160-000161, https://epic.org/foia/dhs/cbp/biometric-entry-exit/
Capability-Analysis-Study-Plan.pdf.
---------------------------------------------------------------------------
Transportation Security Administration
    The TSA has plans to expand the use of face recognition to all 
domestic travelers.\17\ The TSA Biometric Roadmap envisions the use of 
face recognition for booking, check-in, bag drop, the security line, 
access to an airport lounge, and boarding.\18\ TSA states it ``will 
pursue a system architecture that promotes data sharing to maximize 
biometric adoption throughout the passenger base and across the 
aviation security touchpoints of the passenger experience.''\19\
---------------------------------------------------------------------------
    \17\ Transportation Security Administration, TSA Biometrics Roadmap 
(Sept. 2018), https://www.tsa.gov/sites/default/files/
tsa_biometrics_roadmap.pdf.
    \18\ Id. at 18.
    \19\ Id. at 17.
---------------------------------------------------------------------------
    Similar to CBP, ISA has not undergone rulemaking clarifying how 
information will be collected, used, or retained. However, TSA's 
biometric roadmap suggests that its system will be interoperable with 
CBP, and thus may be utilized for other immigration and law enforcement 
activities.
Immigration and Customs Enforcement
    Recent news reports show that ICE has expanded the agency's 
deployment and use of face recognition systems. Public records covered 
by the press this week show that ICE has been sending facial 
recognition requests to State DMVs for years.\20\ As a result, millions 
of innocent State residents have had their faces scanned by ICE without 
notice or consent. Internal documents also suggest that ICE plans to 
leverage CBP's biometric entry-exit system to identify and search for 
information regarding non-citizens encountered during enforcement 
activities.\21\
---------------------------------------------------------------------------
    \20\ Drew Harwell, FBI, ICE find State driver's license photos are 
a gold mine for facial-recognition searches, Wash. Post (July 7, 2019), 
https://www.washingtonpost.com/technology/2019/07/07/fbi-ice-find-
state-drivers-license-photos-are-gold-mine-facial-recognition-
searches/.
    \21\ See U.S. Department of Homeland Security U.S. Customs and 
Border Protection, Biometric Entry-Exit Program: Concept of Operations, 
000063 (June 2017), https://epic.org/foia/dhs/cbp/biometric-entry-exit/
CBP-Biometric-Entry-Exit-Concept-of-Operations.pdf.
---------------------------------------------------------------------------
    In addition, last year, Amazon marketed the company's facial 
recognition service ``Rekognition'' to ICE for border control.\22\ A 
test of Amazon's face recognition software resulted in Amazon's 
technology falsely matching 28 Members of Congress to mugshots and 
other tests have similarly found the technology to be less accurate on 
individuals with darker skin pigmentations.\23\
---------------------------------------------------------------------------
    \22\ Drew Harwell, Amazon met with ICE officials over facial-
recognition system that could identify immigrants, Wash. Post (Oct. 23, 
2018), https://www.washingtonpost.com/technology/2018/10/23/amazon-met-
with-ice-officials-over-facial-recognition-system-that-could-identify-
immigrants/.
    \23\ Natasha Singer, Amazon's Facial Recognition Wrongly Identifies 
28 Lawmakers, A.C.L.U. Says, N.Y. Times (July 26, 2018), https://
www.nytimes.com/2018/07/26/technology/amazon-aclu-facial-recognition-
Congress.html.
---------------------------------------------------------------------------
    There is a lack of public information on how ICE might use the face 
recognition capabilities implemented as part of the Biometric Entry-
Exit program, ICE's current use of face recognition technology, and 
whether the agency intends to deploy other face recognition 
capabilities. There is a serious risk that ICE could deploy face 
recognition for purposes of indiscriminate immigration enforcement and 
use the technology, despite its record of error, as a pretext for 
aggressive questioning and harassment of immigrants--including those 
lawfully present in the United States.
Secret Service
    The U.S. Secret Service is testing the use of face recognition 
technology to identify people in the public spaces in and around the 
White House.\24\ The spaces around the White House are regularly used 
for First Amendment-protected protests and demonstrations. The possible 
use of face recognition to identify individuals near the White House 
raises serious First Amendment issues and threatens to chill speech.
---------------------------------------------------------------------------
    \24\ USSS PIA at 1, https://www.dhs.gov/sites/default/files/
publications/privacy-pia-usss-frp-november2018.pdf.
---------------------------------------------------------------------------
    dhs's use of face recognition lacks proper safeguards and pose 
                           substantial risks
    Use of face recognition poses a unique threat to Constitutional 
rights.--Participation in society necessarily exposes one's images in 
public spaces. But ubiquitous and near-effortless identification 
eliminates the individual's ability to control the disclosure of their 
identities to others and poses a special risk to the First Amendment 
rights of free association and free expression. The proposed plans by 
DHS risk creating a world where individuals are forced to submit to 
face recognition surveillance simply to exercise their right to travel.
    The aggregation of biometric data for the use of face recognition 
and the broad dissemination of this data poses cybersecurity risks and 
increases the risk of a data breach.--Indeed, a CBP vendor who had 
collected images of travelers along with license plate reader data and 
other sensitive information was subject to a recent data breach.\25\
---------------------------------------------------------------------------
    \25\ Drew Harwell, Hacked documents reveal sensitive details of 
expanding border surveillance, Wash. Post (June 21), https://
www.washingtonpost.com/technology/2019/06/21/hacked-documents-reveal-
sensitive-details-expanding-border-surveillance/.
---------------------------------------------------------------------------
    Face recognition technology will disproportionately impact already 
marginalized groups. Studies have shown that facial recognition has 
significantly higher error rates for darker-skinned individuals.\26\ It 
is unacceptable for DHS to implement a technology with a documented 
racial bias without proving that such a bias has been eliminated. 
Moreover, use of face recognition for immigration enforcement raises 
further risks of a disproportionate impact on already marginalized 
groups.
---------------------------------------------------------------------------
    \26\ Joy Buolamwini (MIT Media Lab) and Timnit Gebru (Microsoft 
Research), Gender Shades: Intersectional Accuracy Disparities in 
Commercial Gender Classification (2018), http://proceedings.mlr.press/
v81/buolamwini18a/buolamwini18a.pdf.
---------------------------------------------------------------------------
    The agency continues to expand the use of face recognition beyond 
what was ever authorized by Congress.--In fact, the Biometric Entry-
Exit program itself is an example of mission creep. The program 
leverages the photos provided by passport applicants to the State 
Department, who provided the photos for the specific purpose of 
obtaining a passport, only to see those photos used in conjunction with 
face recognition technology to create a digital ID. Additionally, the 
State Department then disclosed the biometric data to other agencies, 
including DHS, and there was nothing a passport holder could do to 
prevent the disclosure. And, there is nothing an individual could do to 
stop DHS from further disseminating their biometric data.
    DHS's use of face recognition lacks the safeguards needed to 
prevent overcollection, overly broad uses, wide-spread dissemination, 
and unnecessarily long retention.--Moreover, DHS has failed to show 
that less invasive alternatives could not be used. DHS has moved 
forward with face recognition with a focus on justifying its 
implementation and not a focus on whether, given the risks, the 
technology should be implemented.
                               conclusion
    Face recognition is an especially dangerous technology in need of 
strict limits on its use, robust transparency, oversight, and 
accountability. It is imperative that Congress suspend DHS's use of 
face recognition until Congress fully debates what, if any, proposed 
uses should move forward.
    If you have questions, please contact Jeramie D. Scott, EPIC Senior 
Counsel, [email protected].
            Sincerely,
                                                 Access Now
                                                       ACLU
          American-Arab Anti-Discrimination Committee (ADC)
                                 Algorithmic Justice League
                          Center for Democracy & Technology
                               Center for Digital Democracy
           Center on Privacy & Technology at Georgetown Law
                                    Constitutional Alliance
                                            Consumer Action
                             Consumer Federation of America
               Council on American-Islamic Relations (CAIR)
                                      Cyber Privacy Project
                                 Defending Rights & Dissent
                                            Demand Progress
                             Electronic Frontier Foundation
                      Electronic Privacy Information Center
                                       Fight for the Future
                                          Free Press Action
                                              Freedom Works
                          Government Accountability Project
                                   Immigrant Rights Clinic 
    of the University of California at Irvine School of Law
                                          Liberty Coalition
                                               MediaJustice
                                                    Mijente
                            National Immigration Law Center
                              National Workrights Institute
                    New America's Open Technology Institute
 Open MIC (Open Media and Information Companies Initiative)
                                         Open TheGovernment
                                     Patient Privacy Rights
                                              Privacy Times
                            Project on Government Oversight
                                              Project South
                                             Public Citizen
                                         Restore The Fourth
                                                TechFreedom
             Tri-State Coalition for Responsible Investment

    Chairman Thompson. The Chair now recognizes the Ranking 
Member of the full committee, the gentleman from Alabama, Mr. 
Rogers, for an opening statement.
    Mr. Rogers. Thank you, Mr. Chairman. Biometric technologies 
have the potential to improve security, facilitate travel, and 
better enforce our immigration laws. These technologies range 
from facial recognition to fingerprints to DNA. Each of these 
methods present unique privacy considerations but also clear 
security benefits. Not only does Federal law authorize DHS to 
use biometrics to verify identities, it requires CBP to collect 
biometric entry and exit data for all foreign nationals. This 
requirement has been a long-standing, bipartisan mandate. 
Recent technological advancements have finally made it 
possible. DHS's primary focus is facial recognition at TSA and 
CBP checkpoints, where travelers are already providing IDs to 
Government employees. TSOs and CBP agents can review several 
hundred IDs in a single shift. As a result, fatigue and human 
error allow people with fake IDs to slip into our country every 
day. Automating this process with biometric technology will 
improve transportation security.
    CBP and TSA have done their homework on these checkpoint 
pilots and are working to build accurate, effective, and secure 
systems. DHS should continue to collaborate with experts at 
NIST to ensure they are using accurate algorithms to power 
these systems.
    Biometric systems advance DHS's mission beyond 
transportation security. ICE recently conducted a rapid DNA 
pilot program to verify family ties on the Southwest Border. A 
90-minute test can replace hours of interviews and document 
review. This short pilot found a disturbing number of cases 
were men who claimed to be the biological parent of a child 
quickly changed their story when asked to submit DNA. The 
technology does not store DNA in a central database, and each 
machine can be purged daily.
    Amid the humanitarian crisis on our border, we should be 
looking at things like rapid DNA to protect children from abuse 
by smugglers who rent them as a ticket into our country.
    Additionally, we should be using biometrics to enforce our 
immigration laws. Recent reports have emphasized ICE and FBI's 
use of DMV photos to identify criminals. I do not believe that 
anyone has a reasonable expectation of privacy in a Government 
ID photo. Period. Police have long relied on photo books and 
manual photo reviews to identify suspects known as fugitives--
or known fugitives.
    Effective facial recognition technologies can improve law 
enforcement by ridding this process of bias and human error. 
Each of these examples use biometrics as a part of the process. 
Technology cannot and should not replace the officer's final 
judgment, but it can speed up the identity verification for 
millions of people every year.
    Halting all Government biometric programs, as some of my 
colleagues suggest, is an easy way to avoid hard questions. 
Taking the easy way out of this issue will not increase the gap 
between technology and our ability to understand it. DHS should 
continue to consult with experts at NIST to develop clear 
public standards for Government biometric systems. DHS 
leadership should ensure that these biometric databases are 
secure and have clear privacy guidelines. Congress should 
continue to educate itself as we are today, about the way we 
can employ this technology responsibly. I thank you, Mr. 
Chairman. I yield back.
    [The statement of Ranking Member Rogers follows:]
                             July 10, 2019
                Statement of Ranking Member Mike Rogers
    Biometric technologies have the potential to improve security, 
facilitate travel, and better enforce our immigration laws.
    These technologies range from facial recognition, to fingerprints, 
to DNA.
    Each of these methods presents unique privacy considerations, but 
also clear security benefits.
    Not only does Federal law authorize DHS to use biometrics to verify 
identities, it requires CBP to collect biometric entry and exit data 
for all foreign nationals. This requirement has been a long-standing 
bipartisan mandate. Recent technological advancements have finally made 
it possible.
    DHS's primary focus is facial recognition at TSA and CBP 
checkpoints, where travelers are already providing IDs to Government 
employees.
    TSOs and CBP Agents can review several hundred IDs in a single 
shift.
    As a result, fatigue and human error allow people with fake IDs to 
slip into our country every day.
    Automating this process with biometric technology will improve 
transportation security.
    CBP and TSA have done their homework on these checkpoint pilots and 
are working to build accurate, effective, and secure systems.
    DHS should continue to collaborate with experts at NIST to ensure 
they are using accurate algorithms to power these systems.
    Biometric systems advance DHS's mission beyond transportation 
security.
    ICE recently conducted a Rapid DNA pilot program to verify family 
ties on the Southwest Border.
    A 90-minute test can replace hours of interviews and document 
review.
    This short pilot found a disturbing number of cases where men, who 
claimed to be the biological parent of a child, quickly changed their 
story when asked to submit DNA.
    The technology does not store DNA in a central database and each 
machine can be purged daily.
    Amid the humanitarian crisis on our border we should be looking to 
things like Rapid DNA to protect children from abuse by smugglers who 
rent them as a ticket into our country.
    Additionally, we should be using biometrics to enforce our 
immigration laws.
    Recent reports have emphasized ICE and the FBI's use of State DMV 
photos to identify criminals.
    I do not believe that anyone has a reasonable expectation of 
privacy in a Government ID photo. Period. Police have long relied on 
photo books and manual photo review to identify suspects and known 
fugitives.
    Effective facial recognition technologies can improve law 
enforcement by ridding this process of bias and human error.
    Each of these examples uses biometrics as one part of a process.
    Technology cannot and should not replace an officer's final 
judgment. But it can speed up identity verification for millions of 
people every year.
    Halting all Government biometric programs, as some of my colleagues 
suggest, is an easy way to avoid hard questions.
    Taking the easy way out of this issue will only increase the gap 
between technology and our ability to understand it.
    DHS should continue to consult with experts at NIST to develop 
clear public standards for Government biometric systems.
    DHS leadership should ensure that its biometric databases are 
secure and have clear privacy guidelines.
    And Congress should continue to educate itself, as we are today, 
about the way we can employ this technology responsibly.

    Chairman Thompson. Thank you.
    Other Members of the committee are reminded that, under the 
committee rules, opening statements may be submitted for the 
record.
    I now welcome our panel of witnesses. Our first witness is 
Mr. John Wagner, deputy executive assistant commissioner at the 
U.S. Customs and Border Protection.
    Next, we have Mr. Austin Gould, assistant administrator for 
requirements and capabilities analysis at the Transportation 
Security Administration.
    Next, we have Mr. Joseph R. Di Pietro, the chief technology 
officer of the U.S. Secret Service.
    Finally, we have Dr. Charles Romine, the director of the 
information technology laboratory at the Commerce Department's 
National Institute of Standards and Technology.
    I look forward to hearing from you all today.
    Without objection, the witnesses' full statements will be 
inserted in the record.
    I now ask each witness to summarize his statement for 5 
minutes, beginning with Mr. Wagner.

    STATEMENT OF JOHN P. WAGNER, DEPUTY EXECUTIVE ASSISTANT 
  COMMISSIONER, OFFICE OF FIELD OPERATIONS, U.S. CUSTOMS AND 
    BORDER PROTECTION, U.S. DEPARTMENT OF HOMELAND SECURITY

    Mr. Wagner. Chairman Thompson, Ranking Member Rogers, 
Members of the committee, thank you for the opportunity to 
testify before you today on behalf of U.S. Customs and Border 
Protection. I would like to begin with a few excerpts from the 
9/11 Commission report.
    When people travel internationally, they usually move 
through defined channels or portals. They may seek to acquire a 
passport. They may apply for a visa. They may stop at ticket 
counters, gates, and exit controls at airports and seaports. 
Upon arrival, they pass through inspection points. They may 
transit to another gate to get on an airplane. Each of these 
checkpoints or portals is a screening, a chance to establish 
that people are who they say they are and are seeking access 
for their stated purpose.
    The job of protection is shared amongst these many defined 
checkpoints. By taking advantage of them all, we need not 
depend on any one point in the system to do the whole job. The 
challenge is to see the common problem across agencies and 
functions, and develop a conceptual framework and architecture 
for an effective screening system. Throughout Government and, 
indeed, in private enterprise, agencies, firms at the portals 
confront recurring judgments that balance security, efficiency, 
and civil liberties. These problems should be addressed 
systemically, not in an ad hoc, fragmented way. Like I 
mentioned, these are excerpts from the 9/11 Commission report.
    Before CBP presented our current strategy, airlines, 
airports, private vendors, and Government agencies, including 
DHS were developing their own independent, biometric-based 
schemes. In other words, exactly what the 9/11 Commission 
warned against doing--an ad hoc, fragmented approach. CBP has 
developed a plan that includes other authorities and 
responsibilities in our mission set beyond just the biometric 
entry-exit mandate for foreign nationals. We saw the solution 
had to encompass the entire travel spectrum. We needed a 
solution that would also comport with the modernization and 
emerging biometric plans of airports, airlines, and cruise 
lines. Why? Well, because we don't have a transportation system 
that allows the easy segmentation of only foreign visitors on 
international departures.
    Previous DHS efforts failed for 10 years because they tried 
to create a stand-alone, stovepiped, unintegrated process. As 
we all know, those plans were cost-prohibitive, would create 
massive congestion, and there was significant opposition from 
the airlines and the travel industry. So, as a result, CBP 
developed a service that simply automates the manual, facial 
recognition process that goes on today when a traveler presents 
a passport to establish their identity.
    To be clear, CBP is only comparing the picture taken 
against photos of previously provided by travelers to the U.S. 
Government for the purposes of international travel. This is 
not a surveillance program.
    Since airlines and cruise lines are already required by 
statute to provide the biographic passport details of all 
travelers on international itineraries, CBP simply assembles a 
small gallery of photos of these expected travelers. These 
gallery photos are primarily from passports, visas, and 
previous international arrivals. A photo is taken and quickly 
searched against these distinct galleries, and thereby 
validating the biographic data that has already been vetted for 
National security and law enforcement concerns and corresponds 
to the traveler we all expect it to. We do not run the photo 
taken at the airport or seaport against any other databases or 
sources of information if it matches that pre-staged gallery 
photo.
    If a traveler matches a U.S. passport, then the new photo 
taken is deleted. There is no need for us to keep it. U.S. 
citizens are clearly not part of the biometric entry-exit 
tracking system.
    Now, recognizing there have been concerns raised over the 
inclusion of U.S. citizens, CBP has existing authorities and 
responsibilities to determine the citizenship and identity of 
all people traveling internationally. This is a U.S. Government 
responsibility, not the private sector. It is also unlawful for 
a U.S. citizen to travel internationally without a U.S. 
passport.
    Now, generally, determination of U.S. citizenship is done 
by comparing the traveler against their passport. Again, we are 
simply automating and using a computer algorithm to enhance 
this manual facial recognition existing process. As we saw at 
Dulles Airport a few months ago, we had two travelers 
presenting U.S. passports claiming to be U.S. citizens. 
However, it was found that they were foreign nationals and 
imposters to these documents.
    Now, as far as our partnerships with the industry 
stakeholders, CBP has developed a standard set of business 
requirements that our partners have all agreed to, if their 
camera is sending a photo to CBP. The business requirements 
clearly stipulate they cannot keep the photos. Going back to 
the ad hoc, fragmented approach mentioned earlier, our partners 
have voluntarily agreed to the CBP business requirements. This 
make a single, simple, consistent, transparent approach to the 
use of this technology for international travel.
    CBP is already bound by and in compliance with existing 
privacy, technology, and data collection requirements found in 
the Privacy Act, the E-Government Act and the Homeland Security 
Act. Our private-sector partners are basically signing on to 
these same requirements. We do recognize we can improve the 
public's understanding of these requirements and the opt-out 
provisions.
    We have published a comprehensive, privacy-impact 
assessment, the required system of record notice for our 
databases, and rulemaking as commenced to put updates into the 
Federal regulations it is currently circulating within the 
Government.
    In conclusion, we are solving a very difficult challenge: 
Biometric exit. We are solving it by focusing on improving the 
overall travel experience. We are building a tokenless, 
efficient, secure, international travel experience. Airlines 
and cruise lines have reported reduced boarding times and 
increased passenger satisfaction using this system. This system 
will allow us to build a world-class travel system in the 
United States. This will be the envy of the world as we try to 
keep pace with the record-breaking growth of international 
travel. So thank you for the opportunity to be here today, and 
I look forward to your questions.
    [The prepared statement of Mr. Wagner follows:]
                  Prepared Statement of John P. Wagner
                             July 10, 2019
    Chairman Thompson, Ranking Member Rogers, and Members of the 
committee, thank you for the opportunity to testify before you on the 
efforts of U.S. Customs and Border Protection (CBP) to better secure 
our Nation by incorporating biometrics into our comprehensive entry-
exit system, and to identify overstays in support of our border 
security mission.
    CBP has received public support for its use of biometrics from the 
International Air Transit Association (IATA),\1\ the World Travel and 
Tourism Council,\2\ and the Department of Commerce Travel and Tourism 
Advisory Board.\3\ With air travel growing at 4.9 percent per year, and 
expected to double by 2031, and an increasingly complex threat posture, 
CBP must innovate and transform the current travel processes in order 
to handle this new volume without significant personnel and 
infrastructure investments. Facial comparison technology will enable 
CBP and travel industry stakeholders to position the U.S. travel system 
as best in class, which will in turn drive the continued growth in air 
travel volume.
---------------------------------------------------------------------------
    \1\ https://www.iata.org/pressroom/pr/Documents/resolution-one-id-
agm-2019.pdf.
    \2\ https://www.wttc.org/about/media-centre/press-releases/press-
releases/2019/we-must-act-and-assign-priority-and-resources-to-
biometrics/.
    \3\ https://www.trade.gov/ttab/docs/
TTAB_Biometrics%20Recommendations%20Letter_042- 919.pdf.
---------------------------------------------------------------------------
    As authorized in several statutes and regulations,\4\ CBP is 
Congressionally-mandated to implement a biometric entry-exit system. 
Prior to the Consolidated and Further Continuing Appropriations Act of 
2013 (Public Law 113-6), which transferred the biometric exit mission 
from the Department of Homeland Security (DHS) generally to CBP, the 
U.S. Government and the private sector were developing independent 
biometrics-based schemes. These varied, and often uncoordinated, 
investments relied on multiple biometrics and required complicated 
enrollment processes.\5\ DHS, the Transportation Security 
Administration (TSA), legacy United States Visitor and Immigrant Status 
Indicator Technology, and several private-sector companies developed 
separate uses for biometrics, creating different guidelines and 
business rules, which increased privacy risks and decreased 
accountability, as each stakeholder had distinct responsibilities.
---------------------------------------------------------------------------
    \4\ The following statutes require DHS to take action to create an 
integrated entry-exit system: Section 2(a) of the Immigration and 
Naturalization Service Data Management Improvement Act of 2000 (DMIA), 
Public Law 106-215, 114 Stat. 337; Section 110 of the Illegal 
Immigration Reform and Immigrant Responsibility Act of 1996, Pub. L. 
No. 104-208, 110 Stat. 3009-546; Section 205 of the Visa Waiver 
Permanent Program Act of 2000, Pub. L. No. 106-396, 114 Stat. 1637, 
1641; Section 414 of the Uniting and Strengthening America by Providing 
Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 
2001 (USA PATRIOT Act), Pub. L. No. 107-56, 115 Stat. 272, 353; Section 
302 of the Enhanced Border Security and Visa Entry Reform Act of 2002 
(Border Security Act), Pub. L. No. 107-173, 116 Stat. 543, 552; Section 
7208 of the Intelligence Reform and Terrorism Prevention Act of 2004 
(IRTPA), Pub. L. No. 108-458, 118 Stat. 3638, 3817; Section 711 of the 
Implementing Recommendations of the 9/11 Commission Act of 2007, Pub. 
L. No. 110-53, 121 Stat. 266, 338; and Section 802 of the Trade 
Facilitation and Trade Enforcement Act of 2015, Pub. L. No. 114-125, 
130 Stat. 122, 199.
    \5\ [sic]
---------------------------------------------------------------------------
    In 2017, CBP developed an integrated approach to the biometric 
entry-exit system that stakeholders, including other U.S. Government 
agencies with security functions, such as TSA, and travel industry 
stakeholders, such as airlines, airports, and cruise lines, could 
incorporate into their respective mission space. We offered relevant 
stakeholders an ``identity as a service'' solution that uses facial 
comparison to automate manual identity verification thereby harmonizing 
the data collection and privacy standards each stakeholder must follow. 
This comprehensive facial comparison service leverages both biographic 
and biometric data (which is key to supporting CBP's mission), 
fulfilling the Congressional mandate and using the system to support 
air travel, and improve efficiency and the efficacy of identity 
verification, as stated below.
    CBP has been testing various options to leverage biometrics at 
entry and departure.\6\ These technologies will make the process for 
verifying the identity of individuals for this system more efficient, 
accurate, and secure by using facial comparison technology. However, 
the use of this technology allows CBP to improve identity verification. 
Using data that travelers voluntarily provide, we are simply automating 
the manual identity verification process done today. Facial comparison 
allows CBP to better identify those who are traveling on falsified or 
fraudulent documents, which improves our ability to identify those who 
are seeking to evade screening in order to enter the United States, 
including those who present public safety or National security threats, 
and visitors who have overstayed their authorized period of admission. 
Moreover, stakeholders have attested that using biometrics could lead 
to faster boarding times, enhanced customer service, better use of our 
CBP staffing, and faster flight clearance times on arrival.
---------------------------------------------------------------------------
    \6\ Available at: https://www.dhs.gov/publication/dhscbppia-056-
traveler-verification-service-0.
---------------------------------------------------------------------------
    CBP has continuously kept Congress abreast of our process through 
several Congressional reports, hearings, and briefings. Through the 
Consolidated Appropriations Act of 2016 and the Bipartisan Budget Act 
of 2018, Congress authorized up to $1 billion in visa fee surcharges 
through 2027 to support biometric entry/exit.\7\
---------------------------------------------------------------------------
    \7\ Pub. L. 114-113 129 Stat. 2242 (December 17, 2015); Pub. L. 
115-123 132 Stat. 64 (February 9, 2018).
---------------------------------------------------------------------------
           previous efforts to launch a biometric exit system
    Prior to the Consolidated and Further Continuing Appropriations Act 
of 2013 (Public Law 113-6), which transferred the biometric exit 
mission from DHS to CBP, the U.S. Government and the private sector 
were already developing independent biometric solutions.
    For example, from January 2004 through May 2007, DHS used kiosks 
placed between the security checkpoint and airline gates that would 
collect a traveler's fingerprint biometrics. The traveler had the 
responsibility to find and use the devices, with varying degrees of 
support from the airports where the kiosks were deployed. In 2008, DHS 
issued a Notice of Proposed Rulemaking (NPRM) proposing to require that 
commercial air and vessel carriers collect biometric information from 
certain aliens departing the United States and submit this information 
to DHS within a certain time frame. Most of the comments opposed the 
adoption of the proposed rule due to issues of cost and feasibility. 
Among other things, commenters suggested that biometric collection 
should be a purely governmental function, that requiring air carriers 
to collect biometrics was not feasible and would unfairly burden air 
carriers and airports, and that the highly competitive air industry 
could not support a major new process of biometric collection on behalf 
of the Government. Additionally, as directed by Congress, from May 
through June 2009, DHS operated two biometric exit pilot programs 
testing the collection of biometric exit data, first by CBP at the 
departure gate using a mobile device, and second by TSA at the security 
checkpoint.
    DHS concluded from the NPRM comments and pilot programs that it was 
generally inefficient and impractical to introduce entirely new 
Government processes into an existing and familiar traveler flow, 
particularly in the air environment. DHS also concluded that the use of 
mobile devices to capture electronic fingerprints would be extremely 
resource-intensive. This information helped frame our concept for a 
comprehensive biometric entry-exit system that would avoid adding new 
processes, utilize existing infrastructure, leverage existing 
stakeholder systems, processes and business models, leverage passenger 
behaviors and expectations, and utilize existing traveler data and 
existing Government IT infrastructure.
   cbp's integrated approach to a comprehensive biometric entry-exit 
                                 system
    Leveraging CBP's current authorities, we are executing 
Congressional mandates to test technologies to create an integrated 
biometric entry/exit system using facial comparison technology.\8\ This 
technology uses existing advance passenger information could be used 
along with photographs already provided by travelers to the Government 
for the purposes of international travel to create ``galleries'' of 
facial image templates to correspond with who is expected to be on an 
international flight arriving or departing the United States. These 
photographs may be derived from passport applications, visa 
applications, or interactions with CBP at a prior border inspection.\9\ 
Once the gallery is created based on the advance information, the 
biometric comparison service compares a template of a live photograph 
of the traveler to the gallery of facial image templates. Live 
photographs are taken where there is clear expectation that a person 
will need to provide documentary evidence of their identity. If there 
is a facial image match, the traveler's identity has been verified.
---------------------------------------------------------------------------
    \8\ Available at: https://www.dhs.gov/publication/dhscbppia-056-
traveler-verification-service-0.
    \9\ U.S. passport and visa photos are available via the Department 
of State's Consular Consolidated System. See Privacy Impact Assessment: 
Consular Consolidated Database, available at https://2001-
2009.State.gov/documents/organization/93772.pdf.
---------------------------------------------------------------------------
    These technologies will make the process for verifying the identity 
of individuals for this system more efficient, accurate, and secure by 
using facial recognition technology. For technical demonstrations at 
the land border, air entry, and some air exit operations, CBP takes 
photographs of travelers on CBP-owned cameras. These tests have been 
extended on a voluntary basis to exempt aliens \10\ and U.S. Citizens. 
Such participation provides facilitative benefits and a more accurate 
and efficient method for verifying the identity and citizenship of 
these individuals. In other air exit and seaport demonstrations, CBP 
does not take the photographs; but specified partners, such as 
commercial air carriers, airport authorities, and cruise lines, take 
photographs of travelers and share the images with CBP's facial 
recognition technology. These partners that deploy their own camera 
operators and camera technology must meet CBP's technical and security 
requirements. These tests occur on a voluntary basis, and are conducted 
consistent with that partner's contractual relationship with the 
traveler.
---------------------------------------------------------------------------
    \10\ Under 8 CFR 235.1(f)(ii) and 8 CFR 215.8(a)(1), CBP may 
require certain aliens to provide biometric identifiers to confirm 
their admissibility or, at specified airports, their departure. Some 
aliens are exempt from any requirement to provide biometrics, 
including: Canadian citizens under section 101(a)(15)(B) of the Act who 
are not otherwise required to present a visa or be issued a form I-94 
or Form I-95; aliens younger than 14 or older than 79 on the data of 
admission; aliens admitted A-1, A-2, C-3 (except for attendants, 
servants, or personal employees of accredited officials), G-1, G-2, G-
3, G-4, NATO-1, NATO-2, NATO-3, NATO-4, NATO-5, or NATO-6 visas, and 
certain Taiwan officials who hold E-1 visas and members of their 
immediate families who hold E-1 visas unless the Secretary of State and 
the Secretary of Homeland Security jointly determine that a class of 
such aliens should be subject to the requirements of paragraph 
(d)(1)(ii); classes of aliens to whom the Secretary of Homeland 
Security and the Secretary of State jointly determine it shall not 
apply; or an individual alien to whom the Secretary of Homeland 
Security, the Secretary of State, or the Director of Central 
Intelligence determines this requirement shall not apply.
---------------------------------------------------------------------------
    CBP is authorized to require ``in-scope''\11\ aliens to provide 
biometric identifiers.\12\ For entry, CBP is using facial comparison 
technology with CBP cameras during the inspection process.\13\ For 
exit, CBP is operating pilot programs at certain land and sea ports of 
entry, and airports using facial comparison technology.\14\ This 
technology provides the travel industry with the tools to use facial 
comparison to verify traveler identity and transmit information to 
CBP.\15\ We have identified best practices from the prior work done by 
DHS as well as from our international partners that have informed the 
design of a biometric exit system that does not require an inefficient 
two-step process or require multiple different biometrics for traveler 
identity verification purposes.
---------------------------------------------------------------------------
    \11\ ``In scope'' aliens are aliens may be required to provide 
biometric identifiers to confirm their inadmissibility, or, at 
specified airports, their departure, under 8 CFR 235.1(f)(ii) and 8 CFR 
215.8(a)(1).
    \12\ See 8 CFR 215.8(f)(ii), 235.8(a)(1).
    \13\ Available at: https://www.dhs.gov/publication/dhscbppia-056-
traveler-verification-service-0.
    \14\ See 8 C.F.R. 215.8(a)(1).
    \15\ Numerous statutes require the advance electronic transmission 
of passenger and crew member manifests for commercial aircraft and 
commercial vessels. These mandates include, but are not limited to 
Section 115 of the Aviation and Transportation Security Act (ATSA), 
Public Law 107-71, 115 Stat. 597; 49 U.S.C. 44909 (applicable to 
passenger and crew manifests for flights arriving in the United 
States); Section 402 of the Enhanced Border Security and Visa Entry 
Reform Act of 2002 (EBSVERA), Public Law 107-173, 116 Stat. 543; 8 CFR 
217.7; 8 CFR 231.1; 8 CFR 251.5; and 8 U.S.C. 1221.
---------------------------------------------------------------------------
    CBP understood the need to build a system that all stakeholders 
within the travel continuum could participate in--without building 
their own independent system--that could expand to other mission areas 
outside of the biometric exit process. To address these challenges and 
satisfy the Congressional mandate, we work closely with our partners to 
integrate biometrics with existing identity verification requirements 
already required, to the extent feasible.\16\
---------------------------------------------------------------------------
    \16\ Ibid.
---------------------------------------------------------------------------
    The facial comparison technology utilized by CBP is currently able 
to match travelers at a rate of greater than 97 percent,\17\ which is 
accomplished by comparing against a limited number of faces through the 
creation of galleries. Travelers who do not match to the system simply 
show their passport documents to a CBP officer or airline gate agent, 
and upon confirmation of identity, board the aircraft.
---------------------------------------------------------------------------
    \17\ Department of Homeland Security Fiscal Year 2018 Entry/Exit 
Overstay Report, available at https://www.dhs.gov/sites/default/files/
publications/19_0417_fy18-entry-and-exit-overstay-report.pdf.
---------------------------------------------------------------------------
    While CBP's primary responsibility is National security, we must 
also facilitate legitimate trade and travel. The use of facial 
comparison technology has enabled CBP to not only address a National 
security concern head on by enhancing identity verification but also to 
simultaneously improve the traveler experience throughout the travel 
continuum. CBP engineered a biometric exit solution that gives CBP, 
TSA, and industry stakeholders, such as airlines and airports, the 
ability to automate manual identity verification with facial comparison 
technology at locations where identity verification is present today. 
This may include the departure gates, debarkation areas, airport 
security checkpoints, and Federal Inspection Services (FIS) area. CBP 
only uses photos collected from cameras deployed specifically for this 
purpose and does not use photos obtained from closed-circuit television 
or other live or recorded video. As the facial comparison technology 
automates the manual identity verification process in place today, it 
allows CBP and its stakeholders to make quicker and more informed 
decisions.
                 cbp authorities and regulatory updates
    As described above, numerous Federal statutes require DHS to create 
an integrated, automated biometric entry and exit system that records 
the arrival and departure of aliens, compares the biometric data of 
aliens to verify their identity, and authenticates travel documents 
presented by such aliens. Most recently, in 2017, Executive Order 13780 
called for the expedited completion of the biometric entry-exit data 
system.\18\
---------------------------------------------------------------------------
    \18\ Numerous other statues require DHS to take action to create an 
integrated entry-exit system including: Section 2(a) of the Immigration 
and Naturalization Service Data Management Improvement Act of 2000 
(DMIA), Public Law 106-215, 114 Stat. 337; Section 205 of the Visa 
Waiver Permanent Program Act of 2000, Pub. L. No. 106-396, 114 Stat. 
1637, 1641; and Section 414 of the Uniting and Strengthening America by 
Providing Appropriate Tools Required to Intercept and Obstruct 
Terrorism Act of 2001 (USA PATRIOT Act), Pub. L. No. 107-56, 115 Stat. 
272, 353.
---------------------------------------------------------------------------
    DHS also has broad authority to control alien travel and to inspect 
aliens under various provisions of the Immigration and Nationality Act 
of 1952, as amended (INA).\19\ As part of CBP's broad authority to 
enforce U.S. immigration laws, CBP is responsible for ensuring the 
interdiction of persons illegally entering or exiting the United 
States, facilitating and expediting the flow of legitimate travelers, 
and detecting, responding to, and interdicting terrorists, drug 
smugglers and traffickers, human smugglers and traffickers, and other 
persons who may undermine the security of the United States at entry. 
CBP also has responsibility to facilitate and expedite the flow of 
legitimate travel and trade and detect individuals attempting to 
illegally enter or exit the United States.
---------------------------------------------------------------------------
    \9\ 8 U.S.C.  1365b mandates the creation of an integrated and 
comprehensive system. This statute further provides that the entry and 
exit data system shall include a requirement for the collection of 
biometric exit data for all categories of individuals who are required 
to provide biometric entry data. 8 U.S.C. 1365b(d). As a result, if a 
certain category of individuals is required to provide biometrics to 
DHS on entry as part of the examination and inspection process, the 
same category of individuals must be required to provide biometrics on 
exit as well. DHS may require persons to provide biometrics and other 
relevant identifying information upon entry to, or departure from, the 
United States. Specifically, DHS may control alien entry and departure 
and inspect all travelers under  215(a) and 235 of the INA (8 U.S.C. 
1185, 1225). Aliens may be required to provide fingerprints, 
photographs, or other biometrics upon arrival in, or departure from, 
the United States, and select classes of aliens may be required to 
provide information at any time. See, e.g., INA 214, 215(a), 235(a), 
262(a), 263(a), 264(c), (8 U.S.C. 1184, 1185(a), 1225(a), 1302(a), 
1303(a), 1304(c)); 8 U.S.C. 1365b. Pursuant to  215(a) of the INA (8 
U.S.C. 1185(a)), and Executive Order No. 13323 of Dec. 30, 2003 (69 FR 
241), the Secretary of Homeland Security, with the concurrence of the 
Secretary of State, has the authority to require aliens to provide 
requested biographic information, biometrics and other relevant 
identifying information as they depart the United States.
---------------------------------------------------------------------------
    To effectively carry out its responsibilities under the INA upon 
both arrival and departure from the United States, CBP must be able to 
conclusively determine whether a person is in fact a U.S. citizen or 
national, or an alien by verifying that the person is the true bearer 
of his or her travel documentation. CBP is authorized to take and 
consider evidence concerning the privilege of any person to enter, 
reenter, pass through, or reside in the United States, or concerning 
any matter, which is material or relevant to the enforcement or 
administration of the INA.\20\ A person claiming U.S. citizenship must 
establish that fact to the examining officer's satisfaction and must 
present a U.S. passport or alternative documentation.\21\ Manual review 
of passports has historically been used to carry out this 
responsibility, but facial comparison technology can do so with greater 
consistency and accuracy.
---------------------------------------------------------------------------
    \20\ 8 U.S.C. 1357(b).
    \21\ 8 CFR 235.1(b). It is usually unlawful for a U.S. citizen to 
depart or attempt to depart from the United States without a valid 
passport. See 8 U.S.C. 1185(b); 22 CFR 53.1.
---------------------------------------------------------------------------
    CBP is statutorily mandated to fully implement a biometric entry/
exit system, and has clear statutory authority to undertake all 
appropriate actions in support of the use of biometrics. To further 
advance the legal framework described above, CBP is working to propose 
and implement regulatory amendments and will provide progress updates 
in the Unified Agenda, as appropriate.
                             data security
    There are 4 primary safeguards to secure passenger data, including 
secure encryption during data storage and transfer, irreversible 
biometric templates, brief retention periods, and secure storage. 
Privacy is implemented by design, ensuring data protection through the 
architecture and implementation of the biometric technology.
    CBP prohibits its approved partners such as airlines, airport 
authorities, or cruise lines from retaining the photos they collect 
under this process for their own business purposes. The partners must 
immediately purge the images following transmittal to CBP, and the 
partner must allow CBP to audit compliance with this requirement. As 
discussed in the November 2018 Privacy Impact Assessment,\22\ we have 
developed Business Requirements to document this commitment, to which 
the private-sector partners must agree as a condition of participation 
in the pilots. Unlike with the pilots in the early 2000's, CBP has 
established these common system-wide standards (business requirements), 
which support CBP's integrated approach to the use of biometrics.
---------------------------------------------------------------------------
    \22\ Available at: https://www.dhs.gov/publication/dhscbppia-056-
traveler-verification-service-0.
---------------------------------------------------------------------------
    Regarding the recent subcontractor data breach incident, CBP is 
very concerned that the unauthorized access of CBP data will undermine 
Congressional and public confidence in CBP at a time in which we are 
pursuing transformative and innovative initiatives to enhance lawful 
trade and travel. We are aggressively investigating the breach of the 
subcontractor's systems and potential exposure of traveler and license 
plate images. There are two events that are under investigation: (a) A 
malicious cyber attack that impacted the systems of a Federal 
subcontractor; and (b) the unauthorized access of CBP data by the same 
Federal subcontractor.
    This incident did not impact any of the air entry/exit partnerships 
discussed earlier and is limited solely to certain pilot program data 
collected in the land border environment. Airlines are trusted partners 
of CBP, given the various statutory airline collection mandates \23\ in 
place. Airlines have been reliably providing CBP with advance 
electronic transmission of passenger and crew member manifests, as well 
as authenticating and verifying the identity of all passengers and 
ensuring that the traveling passengers are correctly documented to 
enter the receiving country.
---------------------------------------------------------------------------
    \23\ Numerous statutes require the advance electronic transmission 
of passenger and crew member manifests for commercial aircraft and 
commercial vessels. These mandates include, but are not limited to 
Section 115 of the Aviation and Transportation Security Act (ATSA), 
Public Law 107-71, 115 Stat. 597; 49 U.S.C. 44909 (applicable to 
passenger and crew manifests for flights arriving in the United 
States); Section 402 of the Enhanced Border Security and Visa Entry 
Reform Act of 2002 (EBSVERA), Public Law 107-173, 116 Stat. 543; 8 CFR 
217.7; 8 CFR 231.1; 8 CFR 251.5; and 8 U.S.C. 1221.
---------------------------------------------------------------------------
    While the data breach investigation is on-going, preliminary 
evidence indicates several violations of CBP privacy and security 
policies and violation of specific contract clauses. CBP is taking 
several actions to ensure the security of CBP systems, to include: 
Deploying cyber-enhanced technology (e.g., audit tracking, logging, and 
enhanced encryption) to all vehicle lanes to further protect license 
plate image data; conducting threat assessments to proactively identify 
vulnerabilities; restricting removable media usage and rolling out 
enhanced insider threat capabilities; and, updating all contractual, 
policy, and security requirements. Additionally, CBP required that the 
prime contractor immediately terminate its subcontracting agreement and 
its work thereunder. As such, the subcontractor no longer has access to 
CBP data.
      privacy, transparency, civil rights, and future assessments
    CBP is committed to ensuring that our use of technology sustains 
and does not erode privacy protections. We take privacy obligations 
very seriously and are dedicated to protecting the privacy of all 
travelers. CBP complies with all requirements under the Privacy Act of 
1974 \24\ (Pub. L. 93-579), as well as all DHS and Government-wide 
policies. In accordance with DHS policy, CBP uses the Fair Information 
Practice Principles (FIPPs) to assess the privacy risks and ensure 
appropriate measures are taken to mitigate any risks from its 
collection of data through the use of biometrics. As CBP is bound by 
the above-mentioned privacy laws and policies, as well as data 
collection requirements, partnering stakeholders are also held to the 
same standards, which increases accountability with the use of 
biometrics.
---------------------------------------------------------------------------
    \24\ 5 U.S.C. 552a.
---------------------------------------------------------------------------
    CBP strives to be transparent and provide notice to individuals 
regarding its collection, use, dissemination, and maintenance of 
personally identifiable information (PII). When airlines or airports 
are partnering with CBP on biometric air exit, the public is informed 
that the partner is collecting the biometric data in coordination with 
CBP. We provide notice to travelers at the designated ports of entry 
through both physical and either LED message boards or electronic 
signs, as well as verbal announcements in some cases, to inform the 
public that CBP will be taking photos for identity verification 
purposes and of their ability to opt-out of having their photo taken.
    Upon request, CBP Officers provide individuals with a tear sheet 
with Frequently Asked Questions (FAQ), opt-out procedures, and 
additional information on the particular demonstration, including the 
legal authority and purpose for inspection, the routine uses, and the 
consequences for failing to provide information. Additionally, in the 
FIS, CBP posts signs informing individuals of possible searches, and 
the purpose for those searches, upon arrival or departure from the 
United States.
    Any U.S. citizen or foreign national may notify the airline-
boarding agent that they would like to opt out at the time of boarding. 
The airline would conduct manual identity verification using their 
travel document, and may notify CBP to collect biometrics, if 
applicable.
    CBP provides general notification of its biometric exit efforts and 
its various pilot programs through Privacy Impact Assessments (PIAs) 
and Systems of Records Notices (SORNs),\25\ published at www.dhs.gov/
privacy, and through information, such as Frequently Asked Questions, 
readily available at www.cbp.gov. We published a comprehensive PIA 
called the ``Traveler Verification Service'' in November 2018, to 
explain all aspects of CBP's biometric usage through the program, to 
include policies and procedures for the collection, storage, analysis, 
use, dissemination, retention, and/or deletion of data.\26\
---------------------------------------------------------------------------
    \25\ The SORNs associated with CBP's Traveler Verification Service 
are: DHS/CBP-007 Border Crossing Information, DHS/CBP-021 Arrival and 
Departure Information System, DHS/CBP-006 Automated Targeting System, 
DHS/CBP-011 U.S. Customs and Border Protection TECS. Those SORNs can be 
found at https://www.dhs.gov/system-records-notices-sorns.
    \26\ Available at: https://www.dhs.gov/publication/dhscbppia-056-
traveler-verification-service-0.
---------------------------------------------------------------------------
    The PIA and the public notices specifically highlight that facial 
images for arriving and departing foreign nationals (and those dual 
national U.S. citizens traveling on foreign documentation) are retained 
by CBP for up to 2 weeks, not only to confirm travelers' identities but 
also to assure continued accuracy of the algorithms and ensure there 
are no signs of bias. As always, facial images of arriving and 
departing foreign nationals are forwarded to the IDENT system for 
future law enforcement purposes, consistent with CBP's authority. As 
U.S. citizens are not in-scope \27\ for biometric exit, photos of U.S. 
citizens used for biometric matching purposes are held in secure CBP 
systems for no more than 12 hours after identity verification, and are 
held for this time period only in case of an extended system outage or 
for disaster recovery and are then deleted. We reduced the retention of 
U.S. citizen photos to no more than 12 hours as a direct result of 
briefings and consultations with Chairman Thompson.
---------------------------------------------------------------------------
    \27\ Pursuant to 8 CFR 215 and 235.
---------------------------------------------------------------------------
    Additionally, as described above, private-sector partners must 
agree to specific CBP business requirements, many of which are outlined 
in the recent PIA. CBP is simplifying the information flow to the 
traveling public by developing one set of business standards and 
privacy guidelines, thereby enabling more comprehension of and 
transparency and accountability in the biometric process.
    While CBP's commitment to transparency has been demonstrated by the 
above efforts, CBP is committed to improving its public messaging and 
helping the public better understand the technology. CBP welcomes the 
committee's input.
    CBP collaborates regularly with the DHS Privacy Office to ensure 
compliance with applicable privacy laws and policies, and to build in 
privacy protection best practices surrounding CBP's use of biometric 
technology. The DHS Privacy Office commissioned the DHS Data Privacy 
and Integrity Advisory Committee (DPIAC) to advise the Department on 
best practices for the use of facial comparison technology. The DPIAC 
published its report on February 26, 2019.\28\ CBP has implemented or 
is actively working to implement all of the DPIAC recommendations.
---------------------------------------------------------------------------
    \28\ https://www.dhs.gov/sites/default/files/publications/
Report%202019-01_Use%20of%20- 
Facial%20Recognition%20Technology_02%2026%202019.pdf.
---------------------------------------------------------------------------
    CBP is fully committed to the fair, impartial, and respectful 
treatment of all members of the trade and traveling public. CBP has 
rigorous processes in place to review data and metrics associated with 
biometric entry and exit facial comparison performance to assess and 
guard against improper bias. Significant variance in match rates that 
can be attributed to demographic variables have not been detected. 
Additionally, CBP is partnering with the National Institute of 
Standards and Technology (NIST) to conduct a comprehensive analysis of 
facial comparison technologies in CBP's biometric entry-exit efforts, 
in order to improve data quality and integrity, and ultimately the 
accuracy of technology that informs agency decision making that affects 
people. NIST will provide guidance and data that allows CBP to set a 
threshold, given CBP's security and facilitation goals for large-scale 
face recognition of travelers at air, land, and sea POEs.
cbp's progress toward implementing a comprehensive biometric entry-exit 
                                 system
Biometric Entry-Exit in the Air Environment
    CBP is also enhancing the arrivals process by using facial 
comparison technology. With more efficient and more secure clearance 
processes, airports, airlines, and travelers benefit from shorter 
connection times and standardized arrival procedures. Security is 
increased by adding facial comparison as an additional tool to reduce 
imposter threat while increasing the integrity of the immigration 
system. Since initiating this facial comparison technology in the air 
environment on a trial basis, CBP has already identified 6 
imposters,\29\ including 2 with genuine U.S. travel documents (passport 
or passport card), who were using another person's valid travel 
documents as a basis for seeking entry to the United States.
---------------------------------------------------------------------------
    \29\ Number of imposters updated as of June 11, 2019.
---------------------------------------------------------------------------
    CBP is working toward full implementation of biometric exit in the 
air to account for over 97 percent of departing commercial air 
travelers from the United States. Stakeholder partnerships are critical 
for implementing a biometric entry-exit system, and airports, airlines, 
and CBP are collaborating to develop a process that meets our biometric 
entry-exit mandate and airlines' business needs. These partnerships 
help ensure that biometric entry-exit does not have a detrimental 
impact on the air travel industry, and that the technology is useful 
and affordable. Stakeholders have attested that using biometrics could 
lead to faster boarding times, enhanced customer service, better use of 
our CBP staffing, and faster flight clearance times on arrival. 
Engagement with additional stakeholders continues on how they can be 
incorporated into the comprehensive entry-exit system, and CBP is ready 
to partner with any appropriate airline or airport that wishes to use 
biometrics to expedite the travel process for its customers.
Biometric Entry-Exit in the Land Environment
    In the land environment, there are often geographical impediments 
to expanding exit lanes to accommodate adding lanes or CBP-staffed 
booths. The biometric exit land strategy focuses on implementing an 
interim exit capability while simultaneously investigating what is 
needed to implement a comprehensive system over the long term. 
Biometrically verifying travelers who depart at the land border will 
close a gap in the information necessary to complete a nonimmigrant 
traveler's record in CBP's Arrival and Departure Information System, 
and will allow us an additional mechanism to better determine when 
travelers who depart the United States via land have overstayed their 
admission period. Given the limitations outlined above and DHS's desire 
to implement the use of biometrics without negatively affecting cross-
border commerce, CBP plans on taking a phased approached to land 
implementation.
    Facial comparison technology, similar to what is used in the air 
environment has been deployed at entry operations at the Nogales and 
San Luis, Arizona POEs. CBP plans to expand to additional locations 
along the Southern Border in 2019. By using the facial comparison 
technology in the land environment, CBP has identified 138 imposters, 
including 45 with genuine U.S. travel documents (passport or passport 
card), attempting to enter the United States.
    Additionally, CBP tested ``at speed'' facial biometric capture 
camera technology on vehicle travelers.\30\ From August 2018-February 
28, 2019, CBP conducted a technical demonstration of facial comparison 
technology on persons inside vehicles moving less than 20 miles per 
hour entering and departing Anzalduas, Texas.
---------------------------------------------------------------------------
    \30\ Available at: https://www.dhs.gov/publication/dhscbppia-056-
traveler-verification-service-0.
---------------------------------------------------------------------------
    Later in 2018, CBP began testing facial comparison technology at 
the Peace Bridge in Buffalo, New York in conjunction with the Buffalo 
and Fort Erie Public Bridge Authority (PBA) to facilitate the 
development of a demonstration project to test the viability of taking 
images from moving commercial trucks and comparing them against gallery 
images. From fall 2018 to early June 2019, PBA took photographs of 
truck drivers and sent them to CBP to assist with calibrating the 
project. The development is currently on pause.
Biometric Entry-Exit in the Sea Environment
    Similar to efforts in the air environment, CBP is partnering with 
the cruise line industry to use facial biometric processing supported 
by CBP's biometric comparison service in the debarkation (arrival) 
points at seaports.\31\ Facial biometric processing at seaports 
replaces the current manual comparison performed by the CBP officer 
using the travel document. Automating identity verification allows us 
to shift officer focus to core law enforcement functions and reallocate 
resources from primary inspections to roving enforcement activities. 
Currently, there are 4 sea entry sites and 4 major cruise lines that 
are operating facial comparison cameras to confirm the identity of 
arriving passengers on closed-loop cruises (which originate and 
terminate in the same city). The sea entry sites are Bayonne, New 
Jersey; Port Everglades, Florida; Miami, Florida; and Port Canaveral, 
Florida. Each cruise line conducting facial debarkation operations 
reports that passenger satisfaction feedback to include the debarkation 
process is significantly more positive as compared to such feedback 
from vessels not using facial debarkation. Engagement continues with 
cruise lines and port authorities to expand the technology to other 
businesses and locations.
---------------------------------------------------------------------------
    \31\ Ibid.
---------------------------------------------------------------------------
                               conclusion
    DHS, in collaboration with the travel industry, is aggressively 
moving forward in developing a comprehensive biometric exit system in 
the land, air, and sea environments that simply replaces a manual 
identity check with facial comparison technology. The traveler is well 
aware that their picture is being taken for facial comparison purposes 
and more detailed information regarding the program is readily 
available to the public. CBP's collaborative biometric efforts directly 
addresses the recommendations of the 9/11 Commission Report, which 
highlighted that security and protection should be shared among the 
various travel checkpoints (ticket counters, gates, and exit controls). 
``By taking advantage of them all, we need not depend on any one point 
in the system to do the whole job.''\32\
---------------------------------------------------------------------------
    \32\ The 9/11 Commission Report at 385-386, available at http://
govinfo.library.unt.edu/911/report/911Report.pdf.

    Chairman Thompson. Thank you for your testimony.
    I now recognize Mr. Gould for summarize his statement for 5 
minutes.

    STATEMENT OF AUSTIN GOULD, ASSISTANT ADMINISTRATOR FOR 
REQUIREMENTS AND CAPABILITIES ANALYSIS, TRANSPORTATION SECURITY 
      ADMINISTRATION, U.S. DEPARTMENT OF HOMELAND SECURITY

    Mr. Gould. Good morning, Chairman Thompson, Ranking Member 
Rogers, and distinguished Members of the committee. Thank you 
for inviting me before you today to discuss the future of 
biometric identification at the Transportation Security 
Administration. I am Austin Gould, the assistant administrator 
for requirements and capabilities analysis at TSA. I would like 
to thank the committee for working with TSA as we continue to 
improve the security of transportation systems and, 
particularly, for your support of our officers in the field.
    The Aviation and Transportation Security Act of 2001 
established TSA and the requirement to screen all passengers 
who were boarding aircraft. This screening requirement includes 
passenger identity verification. The act specifically mentions 
TSA's authority to use biometrics for this purpose. Recognizing 
the need to positively identify passengers in an era when 
fraudulent means of identification are becoming increasing 
prevalent and sophisticated, TSA has consistently sought new 
processes and technologies to improve performance while 
protecting a passenger's privacy. Biometrics represent such 
technology.
    In 2018, TSA released a biometrics roadmap, which 
identifies the steps that the agency is taking to test and 
potentially expand biometric identification capability. The 
roadmap has 4 major goals: Partner with Customs and Border 
Protection on biometrics for international travelers; 
operationalize biometrics for TSA PreCheck passengers; 
potentially expand biometrics to additional domestic travelers; 
and develop the infrastructure to support these biometric 
efforts.
    Consistent with the biometrics roadmap, TSA is conducting 
pilots that use facial biometrics to verify passenger identity 
at certain airports. These pilots are of limited scope and 
duration and are being used to evaluate biometric technology 
for TSA use. These pilots have been executed in conjunction 
with Customs and Border Protection, have been supported by 
privacy-impact assessments, and passengers have the opportunity 
to not participate. In these cases, the standard, manual 
identification process is used.
    Last month, I observed the pilot currently under way in 
Terminal F in Atlanta for international passengers. The capture 
camera used for this pilot was in active mode, meaning that it 
only captured a facial image after the passenger was in 
position and the officer activated it. After the Committee on 
Government Oversight and Reform hearing on 4 June, TSA 
collected data in Atlanta that demonstrated that over 99 
percent of travelers chose to use biometric identification.
    Also, based on feedback from the hearing, we have deployed 
signage in both Spanish and English to ensure that passengers 
are aware that biometrics are being used and the procedure for 
opting out. An example of that signage is currently displayed 
on the monitor.
    [The information follows:]
    
 [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
    

    Mr. Gould. TSA is committed to addressing accuracy, 
privacy, and cybersecurity concerns associated with biometric 
capture and matching. In that regard, and pursuant to section 
1919 of the TSA Modernization Act, DHS will submit a report 
that includes assessments by TSA and CBP that were developed 
with the support of the DHS Science and Technology Directorate. 
The report will address accuracy, error rates, and privacy 
issues associated with biometric identification.
    We will also schedule a meeting with privacy groups later 
this summer to ensure that they understand TSA's limited use of 
biometric identification, have the opportunity to address any 
concerns, and as a follow-on to their participation in TSA's 
earlier Biometrics Industry Day.
    Looking ahead, TSA plans to continue to build upon the 
success of past pilots by conducting additional ones at select 
locations for limited durations, to refine requirements for 
biometrics use. These pilots will continue to be supported by 
privacy-impact assessments, clearly identified through 
bilingual airport signage, and passengers will always have the 
opportunity to choose not to participate.
    Biometrics represents a unique opportunity for TSA. This 
capability can increase security effectiveness for the entire 
aviation system, while also increasing throughput at the 
checkpoint and enhancing the passenger's experience. The 
ability to increase throughput while providing more accurate 
identification will be essential as passenger volumes continue 
to grow at approximately 4 percent annually. In fact, we 
experienced our busiest travel day ever last Sunday of the 
Fourth of July weekend when we screened approximately 2.8 
million passengers and crew.
    To close, TSA is systematically assessing biometrics for 
TSA use. This identification process will enhance aviation 
security while also increasing passenger throughput and making 
air travel more enjoyable. TSA's system will only be used for 
passenger identification and to direct the passenger to the 
appropriate level of screening, automating what is currently a 
manual process. It will not be used for any law enforcement 
purposes, and as always, passengers will have the opportunity 
to not participate.
    Thank you for the opportunity to address this important 
issue before the committee, and I look forward to answering 
your questions.
    [The prepared statement of Mr. Gould follows:]
                   Prepared Statement of Austin Gould
                             July 10, 2019
    Good morning Chairman Thompson, Ranking Member Rogers, and 
distinguished Members of the committee. Thank you for inviting me to 
testify about TSA's current work on assessing how biometric technology 
can potentially improve both the security and efficiency of our 
transportation system. In June 2018, I became the assistant 
administrator of TSA's Requirements and Capabilities Analysis (RCA) 
office. RCA is responsible for driving the strategy and development of 
TSA's security architecture and operational capabilities to enhance 
security and optimize mission performance through analysis and 
innovation. RCA directly supports TSA's mission by assessing current 
state operations, conducting gap analyses, managing needs 
identification, and developing requirements to generate new and 
improved security capabilities in alignment with the future vision of 
aviation security.
    Assessing biometrics technology for application to TSA's missions 
is a key initiative for RCA. I welcome this opportunity to explain to 
the committee why TSA evaluates the potential to use facial recognition 
technology during its passenger screening process, how TSA leverages 
both the work and systems already developed by U.S. Customs and Border 
Protection (CBP), and the efforts we have taken to date, and continue 
to take, to ensure that cybersecurity, privacy, and civil liberties 
concerns are considered and addressed at every stage of biometric 
testing and potential deployment.
    The U.S. aviation transportation system accommodates approximately 
965 million domestic and international passengers annually--this 
equates to the screening of roughly 2.2 million passengers, 1.4 million 
checked bags, and 5.1 million carry-on bags each day. In fiscal year 
2018, TSA screened more than 804 million aviation passengers, 
representing a 5 percent volume increase from fiscal year 2017. Despite 
the significant progress the U.S. Government has made to improve 
transportation security, aviation hubs remain high-value targets for 
terrorists. Terrorist modes and methods of attack are more 
decentralized and opportunistic than ever before.
    To stay ahead of these adversaries, we have to innovate, deploy new 
solutions rapidly and effectively, and make the most of our resources. 
In enacting the Aviation and Transportation Security Act in 2001, 
Congress recognized the importance of having TSA explore the use of 
biometric or similar technologies to enhance security in the aviation 
domain. As part of its mission to protect the Nation's transportation 
systems to ensure freedom of movement for people and commerce, TSA is 
exercising this authority to assess the use of biometrics technology, 
such as facial recognition, for identity verification, including at the 
checkpoint. Our evaluation of the use of biometrics technology is for 
the purpose of ascertaining how biometric technology might be used to 
automate passenger identity verification processes to fulfill a number 
of TSA security requirements, and relatedly, to determine a passenger's 
ability to access areas of the airport beyond the checkpoint.
    Today, TSA Transportation Security Officers at the Travel Document 
Checker position at each checkpoint and airline employees at the check 
in desk visually compare the passenger in front of them to their photo 
ID to verify identity. TSA seeks to assess whether biometrics 
technology can automate these processes in ways that enhance security 
effectiveness, improve operational efficiency, and streamline the 
passenger experience. TSA's investment in Credential Authentication 
Technology (CAT) units provides a key tool through which the agency is 
analyzing how biometric facial recognition may be applied and optimized 
at the checkpoint. CAT authenticates the security features of a 
passenger's identification document and then displays the passenger's 
screening status from Secure Flight to ensures that the passenger has 
the appropriate flight reservation to progress through security 
screening and enter the sterile area. Currently, TSA is assessing the 
benefits of adding a front end camera to CAT units to further improve 
the identity verification process.
    TSA recognized the need to outline a comprehensive approach for how 
it might develop and implement biometric solutions. To that end, TSA 
issued the TSA Biometrics Roadmap for Aviation Security & the Passenger 
Experience, which is available to the public on TSA's website, in 
September 2018. The Biometrics Roadmap centers on four goals:
   Partnering with CBP on biometrics for international 
        travelers;
   Operationalizing biometrics for TSA PreCheck travelers;
   Expanding biometrics to additional domestic travelers; and
   Developing support infrastructure for biometric solutions.
    Equally important, the Biometrics Roadmap also established as a 
guiding principle that TSA will adopt a ``privacy by design'' mindset 
that incorporates privacy and civil liberty considerations into each 
phase of biometric solution development (design, build, implement). It 
also delineates that privacy protections will include restrictions to 
prevent the use of biometrics for purposes other than transportation 
security unless individuals have opted into other uses. Importantly, 
passengers will always have an option to not be processed through 
biometrics solutions at our checkpoint.
    In 2004 Congress directed CBP to develop a biometric entry/exit 
program, and CBP has been developing and deploying an automated facial 
recognition solution since 2013 in order to comply with this mandate. 
Recognizing the opportunity to align and leverage similar operational 
efforts amongst DHS components, TSA signed an agreement with CBP in 
April 2018 on the development and implementation of joint work related 
to biometric technology at airports. Because of this partnership, TSA 
and CBP have collaborated on a series of multi-phased pilots using 
CBP's facial recognition technology, the Traveler Verification Service 
(TVS), for identity verification at the TSA checkpoint at three major 
airports.
   The first phase pilot, which TSA conducted at John F. 
        Kennedy International Airport between October and November 
        2017, tested TVS's ability to perform facial matching for 
        volunteer international outbound passengers at the TSA 
        checkpoint. TSA did not alter any operational procedures during 
        this phase.
   There were 2 second-phase pilot programs, also involving 
        volunteer passengers. One occurred at Los Angeles International 
        Airport from August to October 2018, and evaluated using TVS's 
        facial matching results for passenger identity verification. 
        The other pilot program, which began in November 2018 at 
        Hartsfield-Jackson Atlanta International Airport in 
        coordination with Delta Air Lines, is on-going and testing the 
        long-term viability of biometrics at check-in, bag drop, and 
        the checkpoint.
   The third phase of pilot programs will focus on TSA's 
        ability to combine Secure Flight vetting status with the 
        identification results from TVS's facial matching technology.
    This deliberate, iterative approach to assessing facial recognition 
technology applications in TSA operations provides the agency with a 
significant learning opportunity as well as helping to refine future 
testing and pilot designs. We are grounding our exploration of 
biometric solutions in rigorous scientific study and analysis as well 
as ensuring appropriate privacy and cybersecurity safeguards are in 
place. While TSA and CBP coordinate efforts on passenger-facing 
biometrics today, TSA is also laying the groundwork for an eventual 
transition of relevant storage and matching capabilities to DHS Office 
of Biometric Identity Management (OBIM), an entity established by 
Congress to provide the Department with enterprise biometric solutions. 
TSA has engaged OBIM regularly on the build out of its next generation 
Homeland Advanced Recognition Technology, which will modernize and 
replace the legacy Automated Biometric Identification System, as well 
as to receive the benefit of their subject-matter expertise.
    Based on the work of DHS S&T, the National Institute for Standards 
and Technology, and other researchers, we are aware of a variety of 
concerns related to differences in performance for travelers of 
different demographic groups and take this issue seriously. Some of 
these concerns pertain to risk of different error rates that correlate 
with user race, gender, and age. As required by the TSA Modernization 
Act (Public Law 115-254, Oct. 5, 2018), TSA studied matching 
performance differences across biometric systems and operational 
environments to identify the existence of disparities on these and 
other grounds. In fact, pursuant to this Act, TSA will provide a report 
to Congress that includes an assessment of these issues.
    TSA also recognizes that biometric technologies pose unique privacy 
concerns. Reflective of such, TSA continually assesses privacy impacts 
and implements, as necessary, various strategies to address them in the 
passenger context. Should TSA fully operationalize this technology, it 
will mitigate privacy risks through providing robust notice and 
meaningful choice of alternatives, ensuring strong data security 
measures, deleting biometric data promptly following the passenger 
transaction, and focusing the uses of the biometric data to those 
directly necessary for transportation security, or as authorized under 
the Privacy Act of 1974, 5 U.S.C.  552a. A number of publicly-
available Privacy Impact Assessments (PIAs) on the Traveler 
Verification Service (TVS) and CBP's cloud-based facial matching system 
have been issued, which TSA has relied upon throughout the 
collaboration. These PIAs will be updated and strengthened as necessary 
as biometric identification develops further. They can be found on the 
DHS Privacy Office's public-facing website for review.
    With regard to future endeavors, TSA is committed to protecting 
personally identifiable information, being transparent, and proactively 
mitigating privacy and civil liberties risks identified in the use of 
biometric technology. To that end, the DHS's Fair Information Practice 
Principles, known as the FIPPs, which serve as DHS's overarching 
privacy principles as applied across the Department, will guide efforts 
to protect privacy while achieving the operational and security 
benefits of biometrics technology.
    Although TSA is still early in its exploration of biometric 
technologies, we are excited about the potential security benefits 
building this capability may provide. We plan to continue testing and 
evaluating biometrics technology in an operational context through 
additional pilot programs. TSA is planning for a pilot in the fourth 
quarter of this fiscal year at McCarran International Airport to test 
the 1:1 matching capabilities of the upgraded front-end CAT machine 
with a camera unit for facial recognition procedures in TSA PreCheck 
lanes. This pilot will not involve CBP technologies or processes. TSA 
is finalizing the PIA for this pilot to ensure the public is aware of 
any pilot biometric technology solutions involving the collection, 
maintenance, use, or dissemination of personally identifiable 
information.
    As reflected by TSA's March 2019 Biometrics Industry Day--an event 
attended by more than 120 people representing various public and 
private stakeholder groups including 5 different privacy advocacy 
organizations--we will continue to strive to foster communication, 
transparency, and input regarding our findings and approach to 
developing biometric solutions. Through the information we obtain from 
pilots and stakeholders, we hope to gain a better understanding of the 
operational impacts of this technology on travelers and consider that 
in developing procedures for the potential use of this technology at 
the checkpoint. TSA will continue to work on building a robust 
requirements and architecture foundation, develop an acquisition 
strategy, and seek to fulfill the goals identified in the Biometrics 
Roadmap.
    Chairman Thompson, Ranking Member Rogers, and Members of the 
committee, thank you for the opportunity to testify before you today. I 
look forward to your questions.

[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]

    Chairman Thompson. Thank you for your testimony.
    I now recognize Mr. Di Pietro to summarize his statement 
for 5 minutes.

  STATEMENT OF JOSEPH R. DI PIETRO, CHIEF TECHNOLOGY OFFICER, 
   U.S. SECRET SERVICE, U.S. DEPARTMENT OF HOMELAND SECURITY

    Mr. Di Pietro. Good morning, Chairman Thompson, Ranking 
Member Rogers, and distinguished Members of the committee. I am 
Joseph Di Pietro, chief technology officer of the United States 
Secret Service. I want to thank you for the opportunity to 
appear before you today and to discuss the Secret Service's use 
of biometrics in performance of our integrated mission.
    As previously conveyed to your committee staff, the Secret 
Service has significant concerns about testifying in an open 
hearing on how we use facial recognition technology to enhance 
our protective mission. Therefore, my testimony today on that 
issue will focus on the current facial recognition technology 
pilot program we are conducting at the White House complex. The 
Secret Service closely guards our means and methods as to how 
we execute our protective mission. We are aware that our 
adversaries are constantly watching and probing us and could 
potentially exploit information discussed in this open 
environment to use against us.
    It would not be wise or prudent to discuss in a public 
setting certain assets, capabilities, and protocols used to 
carry out our protective mission. However, we would welcome the 
opportunity to provide this information to you in a closed 
briefing.
    Biometric tools, such as fingerprint analysis and DNA 
collection, are used on a regular basis by the Secret Service 
to investigate, locate, and sometimes arrest individuals who 
have committed crimes, to include offenses related to threats 
against Secret Service protectees. We understand that the rapid 
expansion of biometric technology creates a need to balance 
capabilities with the need to preserve the public's expectation 
of privacy, and the Secret Service is committed to ensuring a 
balance that protects the rights of all individuals.
    With respect to fingerprints and palm prints, the Secret 
Service has a long-standing program that plays an integral part 
in our investigative and personal security processes. Our 
ability to process, store, search, and retrieve fingerprint and 
palm print images is an operational necessity.
    During the course of investigations involving fingerprint 
and palm print evidence, forensics examiners at the Secret 
Service utilize a variety of regional and National databases to 
search latent prints for matches to known subjects. With 
respect to DNA, DNA evidence is one of the most effective 
identification tools available to law enforcement today. 
Advancements related to DNA technology have been rapid, and the 
Secret Service remains dedicated to utilizing new applications 
to enhance our integrated mission.
    The Secret Service collects DNA samples, along with a 
subject's fingerprints, as part of the identification and 
arrest process. Samples are sent to the FBI and DNA testing, 
search, and storage in the National DNA database.
    With respect to facial recognition technology, the Secret 
Service recognizes that this technology has the potential to be 
a powerful tool that may assist in preventing attacks on our 
protectees, and there must be an appropriate balance between 
security and any potential privacy or other Constitutional 
concerns.
    In 2014, former Secretary of Homeland Security Johnson 
established an independent protective mission panel to conduct 
an assessment of security at the White House complex. Among 
other important recommendations, the panel stated technology 
systems used on the complex must always remain on the cutting 
edge, and the Secret Service must invest in technology, 
including becoming a driver of research and development that 
may assist in its mission.
    In furtherance of these recommendations, the Secret Service 
is currently working on a facial recognition pilot. The goal of 
the pilot is to determine whether facial recognition technology 
could be effectively deployed to enhance our protective 
mission. While the pilot started in December 2018 and is 
scheduled to be completed by the end of August 2019, the Secret 
Service began contemplating this pilot as far back as August 
2014.
    The participants in the pilot are Secret Service employees 
who volunteered to take part in this effort. Designated White 
House cameras that are part of the video management system 
captured the volunteers as they moved through various locations 
around the White House complex. Software running on a server 
dedicated to the pilot and on a closed network not connected to 
the internet seeks to match the images of the volunteers to the 
images in the video streams.
    Facial images are stored when associated with a match to 
one of the volunteers, and at the conclusion of the pilot, all 
images will be purged.
    The Secret Service's commitment to maintaining First 
Amendment protections and desire to address personal privacy 
consideration are central factors behind any future 
implementation of facial recognition technology. The Secret 
Service will not adopt new technologies unless they have been 
thoroughly vetted to ensure that sufficient privacy protections 
and data safeguards are in place.
    In closing, the protection of our Nation's leaders is 
paramount to this agency and to the Nation. The partnerships 
represented here today, both in Congress and within DHS, are 
critical to the success of Secret Service operations.
    I thank you for the opportunity to testify concerning the 
agency's use of these evolving technologies, and I look forward 
to working with you as we move forward. This concludes my 
testimony. I welcome any questions you have at this time.
    [The prepared statement of Mr. Di Pietro follows:]
                 Prepared Statement of Joseph Di Pietro
                             July 10, 2019
    Good morning Chairman Thompson, Ranking Member Rogers, and 
distinguished Members of the committee. I am Joseph Di Pietro, chief 
technology officer of the United States Secret Service (Secret 
Service). I want to thank you for the opportunity to appear before you 
today to discuss the Secret Service's use of biometrics in performance 
of our integrated mission.
    As previously conveyed to your committee staff, we have serious 
concerns about testifying in an open hearing on how we use facial 
recognition technology to enhance our protective mission. Therefore, my 
testimony today on that issue will focus solely on the current pilot 
program we have in place at the White House Complex, as outlined in the 
Department of Homeland Security (DHS) Privacy Impact Assessment (PIA) 
dated November 26, 2018.
    Pursuant to Title 18 U.S.C.  3056, the Secret Service is 
authorized to protect the President, the Vice President, their 
immediate families, and other individuals enumerated in the statute. It 
is our responsibility to constantly research and evaluate the benefits 
and risks of applying available, new and emerging technologies to keep 
our protectees safe and to enhance the capabilities of our front-line 
Uniformed Division Officers, special agents, and mission support 
employees.
    The Secret Service closely guards our ``means and methods'' as to 
how we execute our protective mission. It would not be wise or prudent 
to discuss in a public setting certain assets, capabilities, and 
protocols used to carry out our protective mission. We are aware that 
our adversaries are constantly probing us and could potentially exploit 
information discussed in this open environment to attack us.
    The Secret Service uses biometric tools such as fingerprint 
analysis and DNA collection on a regular basis, in accordance with 
standards and policies, in order to investigate, locate, and sometimes 
arrest individuals who have committed crimes, to include offenses 
related to threats against Secret Service protectees.
    Facial recognition technology is an effective tool that has the 
potential to act as a force multiplier. Accordingly, the Secret Service 
seeks to utilize and harness these important advances to enhance our 
effectiveness while upholding rights guaranteed by our Constitution.
                        fingerprint/palm prints
    The Secret Service has a long-standing fingerprint and palm print 
program that plays an integral part in our investigative and personnel 
security processes. The Secret Service's ability to process, store, 
search, and retrieve fingerprint and palm print images is an 
operational necessity.
    The Secret Service Live-Scan Program (SSLSP) is an enterprise-wide 
initiative deploying Live-Scan Booking Stations to Secret Service 
offices agency-wide. Live-Scan Booking Stations electronically capture, 
digitize, and transmit descriptive information, fingerprints, palm 
prints, signatures, and photos of both applicants and investigative 
subjects who are processed through these stations. The records are 
transmitted to the Federal Bureau of Investigation's (FBI) Next 
Generation Identification System (NGI) database for an automated search 
against over 76 million criminal fingerprint records. Simultaneously, 
these records are submitted to the Secret Service's own database for 
searching and archiving. The conduit used to forward the information to 
the FBI is the U.S. Department of Justice's Joint Automated Booking 
System (JABS).
    During the course of investigations involving fingerprint and palm 
print evidence, forensic examiners at the Secret Service utilize a 
variety of regional and National databases to search latent prints for 
matches to known subjects. For example, the Secret Service coordinates 
directly with the FBI and the DHS via their databases, to include the 
DHS Office of Biometric Identity Management's Automated Biometric 
Identification System (IDENT).
                                  dna
    DNA evidence is one of the most effective identification tools 
available to law enforcement today. Advances related to DNA technology 
have been rapid, and the Secret Service remains dedicated to utilizing 
new applications to enhance our integrated mission. DNA technology can 
provide accurate identification, improve prosecution rates, and act as 
a deterrent against future criminal acts.
    The Secret Service collects DNA samples along with a subject's 
fingerprints as part of the identification and arrest process. Buccal 
collection kits from the FBI are used during the booking process and 
are then returned to the FBI for DNA testing, search, and storage in 
the National DNA database.
                     facial recognition technology
    In 2014 former Secretary of Homeland Security Johnson established 
an independent Protective Mission Panel (PMP) to conduct an assessment 
of the security at the White House complex. Among other important 
recommendations, the PMP stated that, ``[t]echnology systems used on 
the complex must always remain on the cutting-edge, and the Secret 
Service must invest in technology, including becoming a driver of 
research and development that may assist in its mission.''\1\
---------------------------------------------------------------------------
    \1\ See Executive Summary to Report from the United States Secret 
Service Protective Mission Panel to the Secretary of Homeland Security, 
2014, p. 7.
---------------------------------------------------------------------------
    Facial recognition technology is a significant tool currently being 
used with great effectiveness in both the private and Government 
sectors. Accordingly, the Secret Service is evaluating the potential 
benefits of this technology to this agency's protective mission. 
Applied correctly and with appropriate controls, this technology could 
potentially be used by the Secret Service to enhance our security 
posture at critical protective venues.
    Specifically, this technology may have the potential to provide an 
early notification to Secret Service personnel of individuals who are 
of record with the agency when they approach a protective site. These 
individuals would have already made a threat against one of our 
protectees or been shown to have expressed an ``unusual interest'' 
toward one of our protectees and, therefore, pose a serious threat to 
protected persons, venues, or the general public in close proximity to 
one of our protected sites.
    While the benefits of technology associated with facial recognition 
may provide greater capabilities than the observations of law 
enforcement personnel, the Secret Service is well aware that there must 
be an appropriate balance between security and any potential privacy or 
other Constitutional concerns. Further, it is noted that the Secret 
Service expects to come in contact with thousands of the general public 
around the White House every day and that the men and women of the 
agency strive to ensure a secure environment while respecting all 
individual's Constitutional rights.
                     facial recognition pilot (frp)
    In furtherance of the 2014 PMP report recommendations, the Secret 
Service Office of Technical Development and Mission Support is 
currently working on a Facial Recognition Pilot (FRP). The goal of the 
FRP is to determine whether facial recognition technology could be 
effectively deployed to enhance the Secret Service's protective 
mission. In addition, the Service will determine whether this 
technology would be a fiscally responsible investment that would assist 
in identifying subjects of interest to the Secret Service as they 
approach a protected site.
    While the FRP started in December 2018 and is scheduled to be 
completed by the end of August 2019, the Secret Service began 
contemplating this pilot in August 2014. Prior to the initiation of the 
program, DHS approved and published a Privacy Impact Assessment, 
evaluating the privacy risks and associated mitigation strategies.\2\
---------------------------------------------------------------------------
    \2\ DHS/USSS/PIA-024 Facial Recognition Pilot (Nov. 26, 2018).
---------------------------------------------------------------------------
    The participants in the FRP are Secret Service employees who 
volunteered to take part. These individuals had their images loaded 
into the FRP server. Video streams capture the volunteers as they move 
through various locations around the White House Complex, and images of 
the volunteers are matched to the video streams. Subsequently, 
volunteers provide notification of their movements in and around the 
Complex for comparison with the generated matches in the system.
    The video streams feed into both the White House CCTV system and 
into the FRP server. The FRP server is operated on a closed network and 
is not capable of remote connections. The data collected is stored in a 
stand-alone database dedicated only to the pilot testing. Only 
individuals cleared by the Secret Service have access to the collection 
database, and they are accompanied by agency personnel while accessing 
the FRP server. All Secret Service personnel and supporting contractors 
with access to the data undergo annual privacy awareness and document 
security training. Facial images are stored when associated with a 
match to one of the volunteers, and, at the conclusion of the FRP, all 
images will be purged.
    The data collected throughout the FRP will be evaluated for its 
effectiveness and accuracy.
             office of biometric identity management (obim)
    The Secret Service recognizes the value offered by OBIM and its 
biometric data storing, matching, and sharing capabilities to assist 
with both our protective and investigative functions. Developing a 
partnership with OBIM will provide a valuable means to search, match, 
and store our biometric data across DHS components as well as with 
external agencies. The Secret Service maintains coordination with OBIM 
liaisons and continues to develop capabilities and policies regarding 
the use, storage, and dissemination of biometric information.
                               conclusion
    The protection of our Nation's leaders is paramount to this agency 
and to the Nation. The partnerships represented here today, both in 
Congress and among those of us within DHS, are critical to the success 
of Secret Service operations. I thank you for the opportunity to 
testify concerning the agency's use of these evolving technologies, and 
I look forward to working with you as we move forward.
    Chairman Thompson, Ranking Member Rogers, and distinguished Members 
of the committee, this concludes my testimony. I welcome any questions 
you have at this time.

    Chairman Thompson. Thank you for your testimony.
    I now recognize Dr. Romine to summarize his statement for 5 
minutes.

STATEMENT OF CHARLES H. ROMINE, PH.D., DIRECTOR OF INFORMATION 
  TECHNOLOGY LABORATORY, NATIONAL INSTITUTE OF STANDARDS AND 
            TECHNOLOGY, U.S. DEPARTMENT OF COMMERCE

    Mr. Romine. Chairman Thompson, Ranking Member Rogers, and 
Members of the committee, I am Chuck Romine, director of the 
Information Technology Laboratory at the Department of 
Commerce's National Institute of Standards and Technology, or 
NIST. Thank you for the opportunity to appear before you today 
to discuss NIST's role in biometric standards and testing for 
facial recognition technology.
    In the area of biometrics, NIST has been working with 
public and private sectors since the 1960's. NIST's work 
improves the accuracy, quality, usability, interoperability, 
and consistency of identity management systems and ensures that 
United States' interests are represented in the international 
arena.
    NIST research has provided state-of-the-art technology 
benchmarks and guidance to industry and to U.S. Government 
agencies that depend on biometrics recognition. NIST leads 
National and international consensus standards activities in 
biometrics, such as facial recognition technology, but also in 
cryptography, electronic credentialing, secure network 
protocols, software and systems reliability, and security 
conformance testing, all essential to accelerate the 
development and deployment of information and communications 
systems that are interoperable, reliable, secure, and useable.
    NIST's biometric evaluations advance the technology by 
identifying and reporting gaps and limitations of current 
biometric recognition technologies. NIST's evaluations advance 
measurement science by providing a scientific basis for what to 
measure and how to measure. NIST evaluations also facilitate 
development of consensus-based standards by providing 
quantitative data for development of scientifically sound, fit-
for-purpose standards.
    Since 2000, NIST's Face Recognition Vendor Testing Program, 
or FRVT, has assessed capabilities of facial recognition 
algorithms for one-to-many identification and one-to-one 
verification.
    NIST expanded its facial recognition evaluations in 2017. 
NIST broadened the scope of its work in this area to understand 
the upper limits of human capabilities to recognize faces and 
how these capabilities fit into facial recognition 
applications.
    Historically and currently, NIST's biometrics research has 
assisted the Department of Homeland Security, DHS. NIST's 
research was used by DHS in its transition from 2 to 10 prints 
for the former US-VISIT Program. Currently, NIST is 
collaborating with DHS OBIM on face image quality standards and 
with DHS Customs and Border Patrol on the evaluation of their 
traveler verification service.
    NIST is working with DHS Customs and Border Patrol to 
analyze performance impact due to image quality and traveler 
demographics, and provide guidance and data that allows CBP to 
set a threshold, given CBP's security and facilitation goals 
for large-scale face recognition of travelers.
    NIST's Face Recognition Vendor Testing Program was 
established in 2000 to provide independent evaluations of both 
prototype and commercially-available facial recognition 
algorithms. Significant progress has been made in algorithm 
improvements since the program was created.
    NIST is researching how to measure the accuracy of forensic 
examiners, matching identity across different photographs. The 
study measures face identification accuracy for an 
international group of professional, forensic, facial 
examiners, working under circumstances approximating real-world 
casework. The findings, published in the proceedings of the 
National Academy of Sciences showed that examiners and other 
human-face specialists, including forensically-trained facial 
reviewers and untrained super recognizers, were more accurate 
than the control groups on a challenging test of face 
identification. It also presented data comparing state-of-the-
art facial recognition algorithms with the best human face 
identifiers.
    Optimal face identification was achieved only when humans 
and machines collaborated. As with all areas for face 
recognition, rigorous testing and standards development can 
increase productivity and efficiency in Government and 
industry, expand innovation and competition, broaden 
opportunities for international trade, conserve resources, 
provide consumer benefit and choice, improve the environment, 
and promote health and safety.
    Thank you for the opportunity to testify on NIST's 
activities in facial recognition, and I would be happy to 
answer any questions that you may have.
    [The prepared statement of Mr. Romine follows:]
                Prepared Statement of Charles H. Romine
                             July 10, 2019
                              introduction
    Chairman Thompson, Ranking Member Rogers, and Members of the 
committee, I am Chuck Romine, director of the Information Technology 
Laboratory (ITL) at the Department of Commerce's National Institute of 
Standards and Technology (NIST). NIST cultivates trust in information 
technology and metrology through measurements, standards, and testing. 
Thank you for the opportunity to appear before you today to discuss 
NIST's role in biometrics standards and testing for facial recognition 
technology.
              biometric and facial recognition technology
    Home to 5 Nobel Prizes, with programs focused on National 
priorities such as advanced manufacturing, the digital economy, 
precision metrology, quantum science, and biosciences, NIST's mission 
is to promote U.S. innovation and industrial competitiveness by 
advancing measurement science, standards, and technology in ways that 
enhance economic security and improve our quality of life.
    In the area of biometrics, NIST has been working with the public 
and private sectors since the 1960's. Biometric technologies provide a 
means to establish or verify the identity of humans based upon one or 
more physical or behavioral characteristics. Examples of physical 
characteristics include face, fingerprint, and iris images. An example 
of a behavioral characteristic is an individual's signature. Used with 
other authentication technologies, such as passwords, biometric 
technologies can provide higher degrees of security than other 
technologies employed alone. For decades, biometric technologies were 
used primarily in homeland security and law enforcement applications, 
and they are still a key component of these applications. Over the past 
several years, the marketplace for biometric solutions has widened 
significantly and today includes public and private-sector applications 
world-wide, including physical security, banking, and retail 
applications. According to one industry estimate, the biometrics 
technology market will be worth $59.31 billion by 2025.\1\ There has 
been a considerable rise in development and adoption of facial 
recognition, detection, and analysis technologies in the past few 
years.
---------------------------------------------------------------------------
    \1\ https://www.grandviewresearch.com/industry-analysis/biometrics-
industry.
---------------------------------------------------------------------------
    Facial recognition technology compares an individual's facial 
features to available images for identification or authentication. 
Facial detection technology determines whether the image contains a 
face. Facial analysis technology aims to identify attributes such as 
gender, age, or emotion from detected faces.
       nist's role in biometric and facial recognition technology
    NIST responds to Government and market requirements for biometric 
standards, including facial recognition technologies, by collaborating 
with other Federal agencies, law enforcement, industry, and academic 
partners to:
   research measurement, evaluation, and interoperability to 
        advance the use of biometric technologies including face, 
        fingerprint, iris, voice, and multi-modal techniques;
   develop common models and metrics for identity management, 
        critical standards, and interoperability of electronic 
        identities;
   support the timely development of scientifically valid, fit-
        for-purpose standards; and
   develop the required conformance testing architectures and 
        testing tools to test implementations of selected standards.
    NIST's work improves the accuracy, quality, usability, 
interoperability, and consistency of identity management systems and 
ensures that United States interests are represented in the 
international arena. NIST research has provided state-of-the-art 
technology benchmarks and guidance to industry and to Federal agencies 
that depend upon biometrics recognition.
    Under the provisions of the National Technology Transfer and 
Advancement Act of 1995 (Public Law 104-113) and OMB Circular A-119, 
NIST is tasked with the role of encouraging and coordinating Federal 
agency use of voluntary consensus standards in lieu of Government-
unique standards, and Federal agency participation in the development 
of relevant standards, as well as promoting coordination between the 
public and private sectors in the development of standards and in 
conformity assessment activities. NIST works with other agencies to 
coordinate standards issues and priorities with the private sector 
through consensus standards developing organizations such as the 
International Committee for Information Technology Standards (INCITS), 
Joint Technical Committee 1 of the International Organization for 
Standardization/International Electrotechnical Commission (ISO/IEC), 
the Organization for the Advancement of Structured Information 
Standards (OASIS), IEEE, the Internet Engineering Task Force (IETF), 
and other standards organizations such as the International Civil 
Aviation Organization (ICAO), and the International Telecommunication 
Union's Standardization Sector (ITU-T). NIST leads National and 
international consensus standards activities in biometrics, such as 
facial recognition technology, but also in cryptography, electronic 
credentialing, secure network protocols, software and systems 
reliability, and security conformance testing--all essential to 
accelerate the development and deployment of information and 
communication systems that are interoperable, reliable, secure, and 
usable.
    Since 2010, NIST has organized the biennial International Biometric 
Performance Testing Conference; more than 100 biometric experts from 
all around the globe traditionally attend. This series of conferences 
accelerates adoption and effectiveness of biometric technologies by 
providing a forum to discuss and identify fundamental, relevant, and 
effective performance metrics, and disseminating best practices for 
performance design, calibration, evaluation, and monitoring.
                facial recognition tests and evaluations
    For more than a decade, NIST biometric evaluations have measured 
the core algorithmic capability of biometric recognition technologies 
and reported the accuracy, throughput, reliability, and sensitivity of 
algorithms with respect to image characteristics such as noise or 
compression, and to subject characteristics such as age or gender. NIST 
biometric evaluations advance the technology by identifying and 
reporting gaps and limitations of current biometric recognition 
technologies. NIST evaluations advance measurement science by providing 
a scientific basis for ``what to measure'' and ``how to measure.'' NIST 
evaluations also facilitate development of consensus-based standards by 
providing quantitative data for development of scientifically sound, 
fit-for-purpose standards. NIST biometrics evaluations are highly 
regarded and valued by developers, users, and policy makers.
    NIST conducted the Face Recognition Grand Challenge (2004-2006) and 
Multiple Biometric Grand Challenge (2008-2010) programs to challenge 
the facial recognition community to break new ground solving research 
problems on the biometric frontier. Since 2000, NIST's Face Recognition 
Vendor Testing Program (FRVT) has assessed capabilities of facial 
recognition algorithms for one-to-many identification and one-to-one 
verification.
    To better align NIST's evaluation schedule with the pace of facial 
recognition advancement in industry and academia, NIST expanded its 
facial recognition evaluations in 2017. NIST broadened the scope of its 
work in this area to understand the upper limits of human capabilities 
to recognize faces and how these capabilities fit into facial 
recognition applications. NIST evaluations have quantified accuracy for 
investigative-use cases which involve human review of candidates from 
an automated system, as well as for fully automated identification 
applications in which decisions would be accepted on the basis of an 
automated search alone.
    NIST's work on demographic effects in facial recognition is on-
going. For example, a report addressing demographic effects in mugshots 
collected in domestic law enforcement applications is under development 
with an expected publication date of Fall 2019.
    NIST provides technical guidance and scientific support for 
analysis and recommendations for utilization of facial recognition 
technologies to various Federal agencies, including the Federal Bureau 
of Investigation (FBI), Office of Biometric Identity Management (OBIM) 
at the Department of Homeland Security (DHS), Department of Homeland 
Security Science and Technology Directorate (DHS S&T), the Department 
of Homeland Security's U.S. Customs and Border Protection agency (DHS 
CBP), and the Intelligence Advanced Research Projects Activity (IARPA) 
at the Office of the Director of National Intelligence. Further, as DHS 
S&T works with Transportation Security Administration (TSA) to 
scientifically analyze data from its biometrics pilots to inform TSA's 
capability development process, NIST has and will continue to provide 
consultation to DHS S&T to assure its analysis methodologies meet 
industry standards.
    Historically and currently, NIST biometrics research has assisted 
DHS. NIST's research was used by DHS in its transition from 2 to 10 
prints for the former US-VISIT program and NIST is currently working 
with DHS CBP to analyze performance impacts due to image quality and 
traveler demographics and provide recommendations regarding match 
algorithms, optimal thresholds and match gallery creation for its 
Traveler Verification Service program. Currently, NIST is collaborating 
with DHS CBP on the evaluation of their Traveler Verification Service 
(TVS), and with DHS OBIM on face image quality standards.
              nist face recognition vendor testing program
    NIST's Face Recognition Vendor Testing Program (FRVT) was 
established in 2000 to provide independent evaluations of both 
prototype and commercially-available facial recognition algorithms. 
These evaluations provide the Federal Government with information to 
assist in determining where and how facial recognition technology can 
best be deployed. FRVT results also help identify future research 
directions for the facial recognition community.
    The 2013 FRVT tested facial recognition algorithms submitted by 16 
organizations, and showed significant algorithm improvement since 
NIST's 2010 FRVT test. NIST defined performance by recognition 
accuracy--how many times the software correctly identified the photo--
and the time the algorithms took to match one photo against large photo 
data sets.
    The 2018 FRVT tested 127 facial recognition algorithms from the 
research laboratories of 39 commercial developers and 1 university, 
using 26 million mugshot images of 12 million individuals provided by 
the FBI. The 2018 FRVT measured the accuracy and speed of one-to-many 
facial recognition identification algorithms. The evaluation also 
contrasted mugshot accuracy with that from lower quality images. The 
findings, reported in NIST Interagency Report 8238,\2\ showed that 
massive gains in accuracy have been achieved since the FRVT in 2013, 
which far exceed improvements made in the prior period (2010-2013). The 
accuracy gains observed in the 2018 FRVT study stem from the 
integration, or complete replacement, of older facial recognition 
techniques with those based on deep convolutional neural networks. 
While the industry gains are broad, there remains a wide range of 
capabilities, with some developers providing much more accurate 
algorithms than others. Using FBI mugshots, the most accurate 
algorithms fail only in about one quarter of 1 percent of searches. 
These failures are mostly associated with images of persons with facial 
injury and those with a long time lapse (17 years or more for the most 
accurate algorithm) since the first photograph. The success of mugshot 
searches stems from the new generation of facial recognition 
algorithms, and from the adoption of portrait photography standards 
first developed at NIST in the late 1990's.
---------------------------------------------------------------------------
    \2\ https://www.nist.gov/publications/ongoing-face-recognition-
vendor-test-frvt-part-2-identification.
---------------------------------------------------------------------------
                 nist face in video evaluation program
    The Face in Video Evaluation Program (FIVE) assessed the capability 
of facial recognition algorithms to correctly identify or ignore 
persons appearing in video sequences. The outcomes of FIVE are 
documented in NIST Interagency Report 8173,\3\ which enumerates 
accuracy and speed of facial recognition algorithms applied to the 
identification of persons appearing in video sequences drawn from 6 
different video datasets. NIST completed this program in 2017.
---------------------------------------------------------------------------
    \3\ https://www.nist.gov/publications/face-video-evaluation-five-
face-recognition-non-cooperative-subjects.
---------------------------------------------------------------------------
                human factors: facial forensic examiners
    NIST is researching how to measure the accuracy of forensic 
examiners matching identity across different photographs. The study 
measures face identification accuracy for an international group of 
professional forensic facial examiners working under circumstances 
approximating real-world casework. The findings, published in the 
proceedings of the National Academy of Sciences,\4\ showed that 
examiners and other human face ``specialists,'' including forensically-
trained facial reviewers and untrained super-recognizers, were more 
accurate than the control groups on a challenging test of face 
identification. It also presented data comparing state-of-the-art 
facial recognition algorithms with the best human face identifiers. The 
best machine performed in the range of the best-performing humans, who 
were professional facial examiners. However, optimal face 
identification was achieved only when humans and machines collaborated.
---------------------------------------------------------------------------
    \4\ https://www.pnas.org/content/115/24/6171.
---------------------------------------------------------------------------
                     voluntary consensus standards
    When properly conducted, standards development can increase 
productivity and efficiency in Government and industry, expand 
innovation and competition, broaden opportunities for international 
trade, conserve resources, provide consumer benefit and choice, improve 
the environment, and promote health and safety.
    In the United States, most standards development organizations are 
industry-led private-sector organizations. Many voluntary consensus 
standards from those standards development organizations are 
appropriate or adaptable for the Government's purposes. OMB Circular A-
119 directs the use of such standards by Federal agencies, whenever 
practicable and appropriate, to achieve the following goals:
   eliminating the cost to the Federal Government of developing 
        its own standards and decreasing the cost of goods procured and 
        the burden of complying with agency regulation;
   providing incentives and opportunities to establish 
        standards that serve National needs, encouraging long-term 
        growth for U.S. enterprises and promoting efficiency, economic 
        competition, and trade; and
   furthering the reliance upon private-sector expertise to 
        supply the Federal Government with cost-efficient goods and 
        services.
      examples of nist consensus standards development activities
    ANSI/NIST-ITL.--The ANSI/NIST-ITL standard for biometric 
information is used in 160 countries to ensure biometric data exchange 
across jurisdictional lines and between dissimilar systems. One of the 
important effects of NIST work on this standard is that it allows 
accurate and interoperable exchange of biometrics information by law 
enforcement globally and enables them to identify criminals and 
terrorists. NIST's own Information Technology Laboratory is an American 
National Standards Institute (ANSI)-accredited standards development 
organization. Under accreditation by ANSI, the private-sector U.S. 
standards federation, NIST continues to develop consensus biometric 
data interchange standards. Starting in 1986, NIST has developed and 
approved a succession of data format standards for the interchange of 
biometric data. The current version of this standard is ANSI/NIST-ITL 
1: 2015, Data Format for the Interchange of Fingerprint, Facial & Other 
Biometric Information.\5\ This standard continues to evolve to support 
Government applications including law enforcement and homeland 
security, as well as other identity management applications. Virtually 
all law enforcement biometric collections world-wide use the ANSI/NIST-
ITL standard. NIST biometric technology evaluations in fingerprint, 
face, and iris have provided the Government with timely analysis of 
market capabilities to guide biometric technology procurements and 
deployments.
---------------------------------------------------------------------------
    \5\ https://www.nist.gov/publications/data-format-interchange-
fingerprint-facial-other-biometric-information-ansinist-itl-1-1.
---------------------------------------------------------------------------
    ISO/IEC Joint Technical Committee 1, Subcommittee 37 (JTC1/SC37)--
Biometrics.--From the inception of the ISO Subcommittee on Biometrics 
in 2002, NIST has led and provided technical expertise to develop 
international biometric standards in this subcommittee. Standards 
developed by the Subcommittee on Biometrics have received wide-spread 
international and National market acceptance. Documents issued by large 
international organizations, such as the International Civil Aviation 
Organization for Machine Readable Travel Documents and the 
International Labour Office (ILO) of the United Nations for the 
verification and identification of seafarers, specify in their 
requirements the use of some of the international biometric standards 
developed by this subcommittee.
    Since 2006, JTC1/SC37 has published a series of standards on 
biometric performance testing and reporting, many of which are based on 
NIST technical contributions. These documents provide guidance on the 
principles and framework, testing methodologies, modality-specific 
testing, interoperability performance testing, access control 
scenarios, and testing of on-card comparison algorithms for biometric 
performance testing and reporting. NIST plays a leading role in the 
development of these documents and follows their guidance and metrics 
in its evaluations, such as the FRVT.
                               conclusion
    NIST is proud of the positive impact it has had in the last 60 
years on the evolution of biometrics capabilities. With NIST's 
extensive experience and broad expertise, both in its laboratories and 
in successful collaborations with the private sector and other 
Government agencies, NIST is actively pursuing the standards and 
measurement research necessary to deploy interoperable, secure, 
reliable, and usable identity management systems.
    Thank you for the opportunity to testify on NIST's activities in 
facial recognition and identity management. I would be happy to answer 
any questions that you may have.

    Chairman Thompson. Thank you very much for your testimony. 
I now recognize myself for 5 minutes of questioning.
    Mr. Wagner, you talked a little bit about the biometric, 
entry-and-exit system, and those of us who have been around, we 
have historically supported that system. But in the beginning, 
we talked about that system would be only used for foreigners, 
and based on what I heard you talk about today, you have 
expanded that to take in American citizens. Can you explain the 
reasoning for that?
    Mr. Wagner. Yes. U.S. citizens are clearly outside the 
scope of the biometric entry-exit tracking. The technology we 
are using for the entry-exit program we are also using to 
validate the identity of the U.S. citizen. Because someone has 
to do that. Someone has to determine who is in scope or out of 
scope, and someone has to validate that the U.S. citizen is the 
person presenting that U.S. passport.
    So, once we take the picture and match it against the 
passport photo, which is what goes on right now just in a 
manual review, we use the algorithm to help make that decision, 
and then the photo is discarded after that because there is no 
need for us to save it.
    Chairman Thompson. Well, and what I am trying to get at is, 
this was a policy that CBP more or less expanded even though 
Congress gave you the authority to look at foreigners.
    Mr. Wagner. Well, it helps us in the airlines determine who 
is in scope for biometric exit and who is out, because someone 
has to make that determination at the boarding area. It would 
be unfair to ask the airline to be able to do that, to 
determine who is in scope or out of scope.
    Chairman Thompson. But you kind-of see what I am saying, 
though. Did CBP come back and say to Congress, we are looking 
at expanding this authority, but we need Congressional 
approval?
    Mr. Wagner. We don't see this as expanding the biometric 
entry-exit authority. We see this as using the authorities we 
have to determine the citizenship of an individual entering or 
departing the United States. If we are looking for a U.S. 
citizen departing the United States right now because they have 
a warrant for their arrest, we will stop travelers in the jet 
way and check their passports.
    Chairman Thompson. I understand why you are doing it.
    Mr. Wagner [continuing]. Using authorities----
    Chairman Thompson. Yes, I understand why you are doing it, 
but what I am getting at is part of this hearing is to make 
sure that we, as Members of Congress, give you the authority 
you need to do your job. But part of what I am hearing is you 
have kind-of taken your own initiative to do some things beyond 
the scope of authority that Congress gave you. So what I would 
like for you to do is provide the committee with the written 
policy by which you are doing this.
    Mr. Wagner. Yes, absolutely.
    Chairman Thompson. Thank you. Dr. Romine--I am going to try 
to get it right--you have been advising DHS a lot on some of 
these things. Have you looked at this expansion of authority 
without Congressional intent with DHS?
    Mr. Romine. No, sir. That would be outside of NIST's 
mission space, which is technical evaluation and standards of 
the algorithms.
    Chairman Thompson. All right. Well, have you looked at the 
collection of data and how the data management is controlled 
once its collected?
    Mr. Romine. No, sir.
    Chairman Thompson. Mr. Wagner, I am back to you, then. 
Explain to the committee, this collection of data that you say 
this policy gives you, what do you do with it?
    Mr. Wagner. So, when the picture is taken and provided and 
comes into CBP and we match it against one of our pre-staged 
gallery photos, that is comprised of passports and visas and 
previous arrivals, if it is a foreign national, subject to the 
biometric entry-exit mandate, that photograph will be sent over 
to DHS, to OBIM, to be stored in IDENT, which is the 
Department's repository for that information. If it is a U.S. 
citizen and that photo matches a U.S. passport or a permanent 
resident or somebody outside of the scope of entry-exit, that 
photograph would be held for 12 hours and then deleted or 
purged from our systems. The only reason we hold it for that 
short period of time is just in case the system crashes, and we 
have to restore everything.
    Chairman Thompson. OK. Are you aware of the recent 
subcontractor breach of data?
    Mr. Wagner. Oh, yes.
    Chairman Thompson. Beg your pardon.
    Mr. Wagner. Yes.
    Chairman Thompson. So how is that inconsistent with what 
you just explained to us?
    Mr. Wagner. What we were doing with that subcontractor, is 
we were testing their camera on the U.S.-Mexico land border in 
a stand-alone pilot system. So it wasn't integrated into the 
main CBP network. We were testing the taking of the photographs 
and the license plates and the ability to take a picture of a 
person in a vehicle and whether that would be matchable. In 
this case, apparently the--as far as I understand, the 
contractor physically removed those photographs from the camera 
itself and put it onto their own network, which was then 
breached. The CBP network was not hacked. The contractor--and 
what we see is--what I believe is they removed that in 
violation of the contract, and that is why a relationship has 
been severed with them, and we are conducting an investigation.
    Chairman Thompson. So you see my concern about how we 
control the data we collect?
    Mr. Wagner. Absolutely.
    Chairman Thompson. Thank you.
    I yield to the Ranking Member.
    Mr. Rogers. Thank you, Mr. Chairman.
    Mr. Wagner, I want to pick up on what the Chairman is 
talking about. My understanding of your response a few moments 
ago is that it is your belief that you have the existing 
statutory authority to do what you are doing. You are just 
exercising new technology in that process. Is that an accurate 
representation of what your answer was?
    Mr. Wagner. Yes.
    Mr. Rogers. Thank you.
    Dr. Romine, this has been an evolving technology. Can you 
tell us, what have been the big changes, if any, over the last 
5 years, when it comes to the use of facial recognition, and 
biometrics in general?
    Mr. Romine. Certainly. Thank you. The advances have been 
dramatic, according to our testing. The accuracy and 
capabilities of the newer systems that we have seen in the last 
few years----
    Mr. Rogers. What would be some examples of newer systems?
    Mr. Romine. The advent of convolutional neural networks as 
machine learning capability to do the image analysis or image 
matching.
    Mr. Rogers. Is that AI, is that what you are talking about?
    Mr. Romine. It is machine learning and artificial 
intelligence, yes, sir.
    Mr. Rogers. What else?
    Mr. Romine. So these are dramatically improved over 
previous technologies that relied specifically on particular 
characteristics of faces, for example. With suitable training, 
these systems have dramatically improved the accuracy for the 
best facial recognition systems.
    Now, I want to be clear, for the testing that we have done, 
there is still a very wide range of performance in the testing 
that we have done, in the algorithms that we have tested, but 
the best ones--and we have no direct knowledge of the 
convolutional neural networks or the machine learning, because 
these are submitted to us as black boxes and we don't examine 
that. But in conversations with vendors who have submitted 
testing, that is the understanding that we have, is that that 
new machine learning capability, that deep neural networks has 
been the significant advance.
    Mr. Rogers. Has this development or this advancement in the 
machine learning alleviated in any way the concerns the 
Chairman expressed about facial recognition being less accurate 
when it comes to females or darker-skinned individuals?
    Mr. Romine. We see, because of the significant increases in 
the accuracy across the board, the effect of those demographic 
effects is diminishing. We have a report--we are doing an 
analysis now, a comprehensive analysis, of demographic effects 
under the testing that we have just done, and that report 
should be out this fall.
    Mr. Rogers. Great. When you have these test results, do you 
share those with not only DHS and the agency but the public, 
the business community?
    Mr. Romine. We do, sir.
    Mr. Rogers. Great.
    Mr. Romine. We do that through public reporting and also 
through dissemination with email and other interested parties.
    Mr. Rogers. Do you publish those guidelines for the public 
consumption as well?
    Mr. Romine. We do. Yes, sir.
    Mr. Rogers. Excellent. Mr. Chairman, I have a letter here 
from the Security Industry Association supporting the use of 
biometrics and facial recognition, and I would like to offer it 
for the record.
    Chairman Thompson. Without objection.
    [The information follows:]
  Letter From Don Erikson to Chairman Bennie G. Thompson and Ranking 
                         Member Mike D. Rogers
                                     July 10, 2019.
The Honorable Bennie Thompson,
Chairman, House Committee on Homeland Security, 310 Cannon House Office 
        Building, Washington, DC 20515.
The Honorable Mike D. Rogers,
Ranking Member, House Committee on Homeland Security, 310 Cannon House 
        Office Building, Washington, DC 20515.
    Dear Chairman Thompson and Ranking Member Rogers: On behalf of the 
Security Industry Association (SIA), thank you for holding a hearing on 
facial recognition technology. SIA represents over 1,000 companies that 
provide safety and security technology solutions vital to public 
safety, protecting lives, property, information and critical 
infrastructure.
    The Security Industry Association (SIA) believes all technology 
products, including facial recognition, must only be used for purposes 
that are lawful, ethical and non-discriminatory. Advanced image and 
video analysis can and should be a catalyst for good. Facial 
recognition has proven to be a force multiplier for efforts to protect 
the homeland, assist law enforcement, and enhance the mission 
capabilities, efficiency, and effectiveness of operations in diverse 
ways. However, arbitrary limits will harm Americans who benefit from it 
in countless but underpublicized ways.
    We are concerned that recent calls to completely ban the use of 
facial recognition technology at various levels of government are based 
largely on a misleading picture of how the technology works and its 
real-world uses in the United States. Such calls misunderstand the role 
of accuracy rates in everyday usage of facial recognition systems and 
misconstrue the real-world implications when algorithms may not work as 
well as intended.
    Responsible use of facial recognition technology ensures that 
appropriate transparency and accountability measures, stakeholder 
education, and privacy considerations and civil liberties protections 
are equally taken into account prior to deployment. Further actions may 
be needed to reassure the public about how facial recognition 
technology is being used and ensure that proper policies are being 
followed. However, such actions must be based on sound analysis and 
involve input from stakeholders with expertise on the technology.
    Prior to considering any legislation impacting the use of facial 
recognition technology, we strongly encourage Members to review SIA's 
recently published policy paper entitled, Face Facts: Dispelling Common 
Myths Associated with Facial Recognition Technology and the U.S. 
Department of Justice's Bureau of Justice Assistance Policy Development 
Template, which was published in concert with the U.S. Department of 
Homeland Security and other law enforcement stakeholders, for law 
enforcement use of the technology.*
---------------------------------------------------------------------------
    * The attachment has been retained in committee files and is 
available at https://www.securityindustry.org/report/face-facts-
dispelling-common-myths-associated-with-facial-recognition-technology/.
---------------------------------------------------------------------------
    SIA and our members stand ready to contribute to a constructive 
dialog surrounding facial recognition technology. Please let us know if 
there is any way we can assist you as you continue to examine these 
issues.
            Sincerely,
                                              Don Erickson,
                                  CEO Security Industry Association

    Mr. Rogers. With that, I yield back. Thank you.
    Chairman Thompson. Thank you.
    Dr. Romine, just so we are clear, the report you referenced 
is not out.
    Mr. Romine. That is correct, sir. It should be out this 
fall.
    Chairman Thompson. So the data right now is that women and 
dark-skinned people are misidentified more than anybody else?
    Mr. Romine. There are demographic effects that affect age--
so significant changes in age over time--age, race, and sex, 
there are demographic effects. Quantifying those in a 
statistically valid manner is what we are currently doing.
    Chairman Thompson. So is that women and dark-skinned 
people?
    Mr. Romine. Yes.
    Chairman Thompson. OK. Thank you. I am just trying to--
thank you.
    The Chair recognizes Mr. Correa for 5 minutes.
    Mr. Correa. Thank you, Mr. Chairman, for bringing up this 
most important issue. This technology is very interesting 
because compared to fingerprints, DNA, you give it without 
essentially giving permission. You walk down a corridor, some 
camera picks you up, picks up your information, and it is used 
without your authority or permission in ways that we don't know 
about.
    Dr. Romine, you talked about false positives, based on 
ethnicity, other factors that are still--that technology has 
not gotten to the point where it can account for these factors.
    Mr. Wagner, I have a question for you, which is, under the 
TSA Modernization Act of last year, it requires a public report 
on the deployment of biometric technologies, TSA's assessments 
of privacy accurate. That report is now late. Any thoughts of 
when that report can be presented to us?
    Mr. Wagner. Sure. The report is drafted. It is just 
circulating for final approval and signature.
    Mr. Correa. So at any time now?
    Mr. Wagner. Any time.
    Mr. Correa. OK. Will that be something that will be 
compared to Dr. Romine's report also that will be coming out 
very soon?
    Mr. Gould. Sir, moving forward, from a TSA perspective, we 
will look at any scientific reports and data that we possibly 
can to ensure that biometric identification is performing 
optimally for our use cases, yes, sir.
    Mr. Correa. So, before we get that report, let me, 
nonetheless, ask you, Mr. Wagner, right now, the way facial 
recognition is being used by your Department, is that affecting 
or unduly burdening foreign travelers, race, gender, 
nationality?
    Mr. Wagner. No. We are not seeing--in a review of our data, 
we are not seeing any significant error rates that are 
attributable to a specific demographic. That is why we have 
also partnered with NIST to come in and review our data and 
help us look at it and make sure.
    Mr. Correa. So statistically you do have Mr. Gould, is it, 
that is reviewing this data, or who is reviewing this data for 
you? To make sure that----
    Mr. Wagner. They are----
    Mr. Correa [continuing]. What you are saying your 
conclusion is that it is not adversely affecting commerce, 
tourism? I am from the State of California, where commerce, 
tourism, is a big part of our economy. I just want to make sure 
we are not having a lot of false negatives.
    Mr. Wagner. This is having a beneficial effect on that 
because it is allowing airlines and cruise lines to board and 
unboard people quicker.
    Mr. Correa. Excellent. Want to hear that. Just want to make 
sure that we see that in the report.
    Mr. Wagner. The passenger experience is being improved by 
that. We are reviewing internally our own data, and we are not 
seeing noticeable discrepancies in that. But we have partnered 
with NIST, and throughout this summer and fall, we will be 
examining our data very closely to make sure that we are not 
unduly hurting people of a specific demographic.
    Mr. Correa. I am glad to hear your enthusiastic, you know, 
positive answer that it is not burdening unduly some of those 
travelers.
    Mr. Wagner. Absolutely. We are not----
    Mr. Correa. Because that great Californian Ronald Reagan 
said: We got to trust, but we got to verify, too.
    Mr. Wagner. Absolutely.
    Mr. Correa. So I look forward to seeing your data on that 
and making sure we are on it. In terms of the data, the purging 
of the data, once you are using it, what system do you have to 
audit to make sure that that data is actually purged in a 
timely manner? You just mentioned one of your subcontractors 
had a breach. That information is somewhere out there. You said 
that is the reason you terminated that contract. Yet, to me, 
when that information gets out there, terminating a contract is 
not enough of a--let's say, a deterrent to making sure that 
those kinds of breaches, that data, is actually purged in a 
timely manner. Are you doing anything to make sure that we 
tighten up that part of your system?
    Mr. Wagner. Yes. So the subcontractor may face subsequent 
action depending on the results of the----
    Mr. Correa. Criminal? Civil?
    Mr. Wagner. Potentially.
    Mr. Correa. Both?
    Mr. Wagner. Potentially. Depending on what the 
investigation--and our Office of Professional Responsibility is 
investigating this, I believe the IG is investigating this--
depending on the circumstances of how the data was taken and 
the intentions and why, you know, how it was used, there 
potentially could be criminal actions or----
    Mr. Correa. When you have those data breaches, who do you 
report those to, and under what time do you actually take to 
say, ``Hey, this purge--or this breach happened''?
    Mr. Wagner. Well, they are supposed to report it to us 
almost immediately. We do report it to Congress if it meets a 
certain threshold. Then internally we will----
    Mr. Correa. What threshold would that be?
    Mr. Wagner. I don't know off-hand.
    Mr. Correa. Like to look at that a little closer because 
clearly small breach versus a large breach, is that your 
threshold, size of the breach? What is the threshold?
    Mr. Wagner. I believe it is a hundred thousand, but I will 
have to--I will get back to you on that.
    Mr. Correa. Mr. Chairman, I am out of time, but I think it 
is very important that these kinds of breaches be reported 
immediately to Congress.
    Chairman Thompson. I agree.
    Mr. Correa. Mr. Chairman, I am out of time, so I yield.
    Chairman Thompson. Thank you very much. The Chair 
recognizes the gentleman from Texas, Mr. McCaul, for 5 minutes.
    Mr. McCaul. Thank you, Mr. Chairman. You know, we all want 
to protect civil liberties and privacy. When somebody is in the 
public domain, as I understood in law school, there is no 
expectation of privacy. This technology, in my judgment, has 
really protected the Nation from drug smugglers, gang members, 
and potential terrorists.
    I introduced the BITMAP bill, which is the Biometric 
Transnational Migration Alert Program. Last Congress, it passed 
unanimously out of this committee. It passed on the House 
floor, 272 to 119. Now it is being held up. I would like to 
examine what the effect of not authorizing this program would 
have.
    Mr. Wagner, can you tell me what successes the BITMAP 
program has had? Particularly when it comes to individuals 
coming from other parts of the world, that are known--that are 
basically countries of special interest, special interest 
aliens, or KSTs, known or suspected terrorists, coming across, 
into this hemisphere up through Latin America, into the United 
States of America?
    Mr. Wagner. Sure. So the BITMAP Program, it is administered 
by ICE. It is a program they work with their foreign 
counterparts to utilize fingerprint technology, to take 
fingerprints of exactly those populations you just referenced, 
as they transit through certain countries in Central or South 
America, making their way on up through Mexico to the United 
States. So, if they show up in a Central American country, the 
foreign authorities will use the BITMAP Program to collect the 
passport information and their fingerprints.
    When that person ultimately shows up at our Southwest 
Border and has mysteriously lost their passport, we are able to 
take their fingerprints and match it back up with that previous 
encounter in Central America to sufficiently identify who that 
person is. This is the passport that they had at that----
    Mr. McCaul. Is it true that, through that journey, that 
they are--while the names and identities may change----
    Mr. Wagner. Sure.
    Mr. McCaul [continuing]. Their biometrics do not change?
    Mr. Wagner. Correct.
    Mr. McCaul. That is the best way to identify who this 
person really is?
    Mr. Wagner. Correct.
    Mr. McCaul. Can you, in this setting--and I don't know if 
that is possible--give us some indication of the numbers of 
special interest aliens that have been stopped in this program 
and also known or suspected terrorists?
    Mr. Wagner. Have to get back to you on that. I don't have 
any today.
    Mr. McCaul. How significant is it?
    Mr. Wagner. It is significant. I mean, it is an absolute 
vulnerability that, as we have seen, terrorists can exploit, 
and it is a vulnerability we need to address.
    Mr. McCaul. Dr. Romine, I guess from what I am hearing from 
you is that we don't want to get this wrong. I think Mrs. 
Watson Coleman was talking about herself being possibly in this 
pool of candidates that could get somehow mischaracterized. I 
mean, tell us where are we right now with the technology? How 
accurate is it?
    Mr. Romine. How accurate is it, oh, I see. The very best 
algorithms that we have tested the most recently have false 
negative rates that are extremely low. The accuracy can range 
into the--for the best algorithms in a one-to-many match--can 
range into the 99.7 range.
    Mr. McCaul. So 99.7 percent accuracy?
    Mr. Romine. Accuracy.
    Mr. McCaul. That is pretty good.
    Mr. Romine. I beg your pardon?
    Mr. McCaul. That is a pretty good number.
    Mr. Romine. From a scientific standpoint, we report the 
number. The judgment on what is a pretty good number is up to 
the policy makers, but it is a high number for me.
    Mr. McCaul. It is very high. You are a scientist, I am not, 
but it sounds pretty high to me. I think it is always a balance 
in this committee and when we deal with security issues, you 
know, we deal with privacy and civil liberties, we always have 
to balance these as Americans, and I think it is important that 
we balance those factors. But I wouldn't want to throw the baby 
out with the bath water. I think the BITMAP Program has been 
extremely successful, has stopped a lot of bad actors from 
coming into the United States, and Mr. Chairman and Ranking 
Member, I hope that this committee, we could still advance that 
authorization and that bill through this Congress because I do 
think it is important to protect the American people. It is one 
of the most important responsibilities that we have as Members 
of Congress.
    With that, I yield back.
    Chairman Thompson. Thank you very much.
    The Chair recognizes the gentle lady from New Mexico, Ms. 
Torres Small, for 5 minutes.
    Ms. Torres Small. Thank you, Chairman. Last month, the CBP 
announced that there was a data breach with some of the 
subcontractors operating at land ports of entry along the 
Southern Border, and as a result, thousands of license plate 
numbers and images of drivers were taken, and images of drivers 
that were taken by facial recognition technology were 
compromised. I represent multiple border towns, where you cross 
back and forth into Mexico for jobs, shopping, tourism, 
medicine.
    Also, within the interior of the district, there are border 
checkpoints, and when they are operating, that same information 
is being taken--license plates and facial--and pictures of 
people's faces. So we want to be able to make sure that the 
citizens' data is secure. Were there audits into the 
subcontractor's system prior to the hack?
    Mr. Wagner. I am not aware of that. I don't know. I will 
have to check.
    Ms. Torres Small. Can you get back to us on that, please? 
Thank you.
    And did these private subcontractors have the authority to 
store those U.S. citizens' data?
    Mr. Wagner. They did not have the authority to have the 
pictures taken by the camera, from what I understand.
    Ms. Torres Small. Oh, so not even to store it, they did not 
have the authority to take any pictures of faces?
    Mr. Wagner. They had the authority to take them. They did 
not have the authority to take it off the camera and put it 
onto their own network, which is apparently what happened.
    Ms. Torres Small. They did. OK. What protocols did CBP have 
in place to oversee contractor and subcontractor data security 
practices?
    Mr. Wagner. I mean, they go through background checks. They 
are vetted. They are cleared. They are trained on use of the 
systems that they are going to work on. As far as having the 
audit controls on--this was a stand-alone pilot, so it was 
outside of our normal network, and we apparently did not have 
the same level of controls and audit capabilities on that, 
because it was a stand-alone, closed system. Those are things 
being put into place now on all those systems to make sure you 
can't connect a portable media drive on that and extract 
information. You know, our main network has these protocols on 
them, but we didn't have them on this type of system.
    Ms. Torres Small. So did you say those are in place now? 
You have corrected the problem?
    Mr. Wagner. They are being put into place now.
    Ms. Torres Small. They are being put into place now?
    Mr. Wagner. Yes.
    Ms. Torres Small. Can you follow up and let us know when 
they are in place?
    Mr. Wagner. Absolutely, yes.
    Ms. Torres Small. Because that is something of deep 
concern. Thank you.
    With all pilot programs, because I remember going through 
the border checkpoints and being told, you know, this is a 
pilot, so don't worry about it yet----
    Mr. Wagner. Right.
    Ms. Torres Small. It is just a pilot. That is actually when 
we need to make sure that we are operating it correctly.
    Mr. Wagner. Agreed.
    Ms. Torres Small. So I want to switch now to Congressional 
authorization.
    Mr. Wagner, it is my understanding that it is the law that 
Congress is enacting a biometric entry-exit system limit data 
collection to foreign nationals. Is that correct?
    Mr. Wagner. Yes.
    Ms. Torres Small. OK. Under what authority is CBP 
collecting biometric information on U.S. citizens as part of 
the entry-exit system?
    Mr. Wagner. We are using the information under 8 U.S.C. 
1357B and 8 CFR 235.1, which allows us to consider any 
information or evidence pertaining to a person crossing the 
border in establishing their U.S. citizenship. So, generally, a 
person will present a U.S. passport to us. We can look at it. 
We can manually review. We can ask them questions how they 
obtained it.
    Ms. Torres Small. Thank you. Actually I am going to switch 
direction really quickly. I apologize. I know some of that was 
already covered, so I appreciate it.
    I want to switch to the Federal agencies that are scanning 
through U.S. citizens' driver's licenses, and ICE is one of 
those that has been identified as potentially scanning through 
these databases. For what purpose--or are your components 
currently attempting to or successfully accessing State 
driver's license databases in any way?
    Mr. Wagner. So, for the biometric program we are 
discussing, we are not using driver's license information. We 
do use driver's license information from the States that have 
entered into agreements with us, where their driver's license 
also substitutes for a passport to cross the border. I think we 
have about 5 U.S. States and maybe 4 Canadian provinces that 
entered into written agreements with us to mark the citizenship 
of the driver's license holder on the document, so they can 
cross the border without having to go get a passport. That 
serves in lieu of the passport.
    Ms. Torres Small. Does the DMV in those States require 
probable cause or warrants to access that information?
    Mr. Wagner. Well, when that person crosses the border, our 
agreement allows us to verify with them that that is a valid 
license and to retrieve the photo from that so we can see who 
it belongs to. We also have other law enforcement access 
through--into biographical driver's license data that we also 
might use in a law enforcement context that is very common for 
law enforcement agencies to access.
    Ms. Torres Small. Thank you, Mr. Wagner.
    Chairman Thompson. Thank you very much.
    The Chair now recognizes the gentleman from New York, Mr. 
Katko, for 5 minutes.
    Mr. Katko. Thank you, Mr. Chairman, and thank you all for 
being here today.
    Just take a step back for a moment. As a Federal prosecutor 
for 20 years routinely dealing with homicides and matters of 
violent crime, some of the tools in the toolbox I had were 
fingerprints at first and, later, DNA.
    When they both came on-line, at first there were concerns 
about how they would be used, and now they are becoming more 
mainstream. I hope and pray that it is the same with facial 
recognition.
    But, you know, all three have the capability not only of 
helping to solve crimes but also making sure that crimes aren't 
committed. But even something we don't think about enough is 
exonerating people who are falsely accused. I mean, look at 
what the DNA system has done for people falsely accused in 
prisons. It has been a remarkable breath of fresh air.
    So my concern is not with the efficacy of using it. My 
concern is that we get it right. Like we have done with 
fingerprints and like I think we are doing with DNA.
    So my questions focus on the accuracy and the things we 
need to do to make it better. My colleagues have asked some 
great questions about the use of it and the extent of the use, 
and we are going to have to have more discussions about that. I 
am very concerned about the accuracy.
    That was a big thing with DNA starting out, and now DNA 
is--the accuracy in the testing is amazing. It is almost--it is 
dispositive almost all the time. I don't think we are there yet 
with facial recognition. I would like to get there.
    So, with that in mind, I want to ask Mr. Romine a couple of 
questions. You talk about the fact that you are charged with 
examining the gaps and limitations of certain things, including 
facial recognition.
    So what do you see as the gaps and limitations of it right 
now?
    Mr. Romine. The principal gaps and limitations we see 
involve a couple of things. One is image quality. It is still 
true garbage-in/garbage-out for software systems. So image 
quality has a huge impact.
    We see--as I said, I will have a report on demographics, 
and there are certain issues associated with demographic 
effects. That is particularly true when you are trying to 
identify someone when you have a reference image that is maybe 
10, 20 years earlier than the person that you are trying to 
identify. That can be a very big challenge.
    Similarly, if someone has been injured or there is some 
obscuring of the face for other reasons, that can have a 
challenge.
    Images that are taken noncooperatively. I don't mean 
uncooperative. I mean, where someone is not standing still 
looking at a camera with the intent of registering an image. If 
you are taking an image through a windshield, for example, or 
if you are taking an image of someone who is walking and not 
facing a camera, those can have a significant impact on the 
accuracy and the ability of these systems to do identification.
    Mr. Katko. OK. What can we do to improve that portion of 
it?
    Mr. Romine. The industry continues to make advances. I 
mentioned the emergence of convolutional neural networks as a 
game-changer in this space. I think we don't know what we don't 
know coming down the pike, but I think there continue to be 
improvements that we see in our testing over time. So the 
industry is making great strides.
    Mr. Katko. You mentioned also, in response to a question 
from one of my colleagues, that the demographic effects of 
facial recognition software are diminishing.
    Could you expound on that and what you mean by that? 
Because you say it is 99.7 percent accurate. But it is probably 
not 99.7 percent accurate for certain segments. So like, for 
example, darker-skinned female, I want to know what you are 
doing to make that better and how we can make it stronger.
    Mr. Romine. That is correct. From NIST's perspective, what 
we do to make things better is provide an evaluation 
capability. So we are not doing any training----
    Mr. Katko. That is understood.
    Mr. Romine [continuing]. Development. However, I would say 
that anytime the overall performance of the system improves as 
dramatically as facial recognition has improved over the last 5 
to 6 years, the compression--the effect of differences in 
demographics shrinks as well. And the report later, once we 
have finished our analysis, the report that comes out in the 
fall, will----
    Mr. Katko. That sort-of answers my question. But you admit 
that certain demographics have a disproportionate error rate. 
So you are saying it is improving. How much has it improved?
    Mr. Romine. We haven't finished the analysis yet, so I am 
not able to answer that question currently. The report will 
come out in the fall.
    I will say that the--it is unlikely that we will ever 
achieve a point where every single demographic is identical in 
performance across the board, whether that is age, race, or 
sex. But we want to know just exactly how much the difference 
is.
    Mr. Katko. This report will detail that when it comes out 
in the fall?
    Mr. Romine. Yes, sir.
    Mr. Katko. All right. Thank you very much. I yield back, 
Mr. Chairman.
    Chairman Thompson. We all look forward to the report.
    Mr. Katko. Indeed.
    Chairman Thompson. I assure you.
    The Chair now recognizes the gentlelady from Illinois, Ms. 
Underwood.
    Ms. Underwood. Thank you, Mr. Chairman.
    Mr. Gould, I represent Illinois' 14th District, where we 
drive about an hour or two to get to major airport in Chicago. 
So our community is always interested in learning more about 
the technologies that can potentially improve security at 
airports while still reducing the flier's wait time.
    However, before implementing any new technologies, like 
biometric screening, it is really important, crucial even, to 
make sure that they are proven to be effective, reliable, and 
fair.
    So can you please run through the ways in which TSA is 
currently employing biometric screening at checkpoints?
    Mr. Gould. Yes, ma'am.
    Currently, we are only using biometrics technology in the 
international terminal, Terminal F, in Atlanta. That is on a 
pilot basis.
    Our approach to biometrics implementation at TSA is 
extremely deliberative. We want to understand how the 
technology works, how it can improve identity verification for 
the traveling public, and how it can improve the passenger 
experience.
    Going back to the discussion on image quality that happened 
before, we are in a fortunate case at TSA in that we really 
control the environment in our checkpoints so we can ensure 
optimal lighting, optimal distance from the camera, so we get 
the highest quality images possible for biometric matching. For 
the pilot in Atlanta, we are matched up with CBP using their 
TVS system, and we see extremely high match rates there.
    Moving forward, we will look to pilot 1-to-1 matching 
capability where a traveler will provide a credential, that 
credential will be assessed by our CAT machine, and it will 
return a match rate on whether or not the face that has been 
captured matches the face that is embedded in that credential.
    In that scenario, no information even leaves the checkpoint 
and nothing is retained on the camera. So that is some of the 
things that we are looking at. I believe that, when we are 
through with, you know, these pilots that we are doing for 
biometric development, we will see that we cannot only improve 
passenger security but also make it a much more positive 
experience for the traveling public by reducing wait times.
    Ms. Underwood. That is great.
    How are the airports and airlines using the biometric 
security screening technology beyond the TSA checkpoints, if 
you are aware, and what other uses are planned for the future?
    Mr. Gould. So, right now, I can comment on really what we 
are doing in Atlanta with Delta Airlines.
    Ms. Underwood. OK.
    Mr. Gould. In Atlanta, the Delta Airlines kiosks use 
biometric identification when the passenger checks in, to make 
sure--should they choose to do so--to make sure that that 
person is the passenger who is ticketed on that particular 
flight.
    TSA has oversight of the bag drop to ensure the passengers 
are positively matched to bags in the international--you know, 
for international travel. So Delta Airlines has a security 
program amendment that we have granted them to use biometric 
technology to do that matching at the bag drop.
    We use it at our checkpoint in Atlanta. Then it is, of 
course, subject--it is used at the exit point, at the gate.
    Ms. Underwood. OK. So is that the only specific agreement 
with an airport or airline that TSA has to govern the use of 
biometrics? So you said----
    Mr. Gould. Right now, the security program amendment that 
we have granted Delta for the limited use only in Atlanta is 
the only formal agreement that we have entered into with the 
airlines.
    Ms. Underwood. So does TSA have any role in improving 
airport and airline uses of biometric technology?
    Mr. Gould. We have roles in improving the use of biometric 
technology where TSA has equities. Again, I would go back to 
say that would be the checkpoint and the bag drop. So, if an 
airline wanted to use biometrics at the bag drop to positively 
match that traveler to that bag, they would have to request a 
security program amendment, and we would have to issue it.
    Ms. Underwood. OK. As the use of biometric data continues 
to expand, Illinoisans understandably have a lot of questions 
about how such sensitive personal data is used and stored.
    So I would like to open this question up to the panel.
    Under what circumstances do your components collect 
biometric data on U.S. citizens?
    We can start with Mr. Wagner.
    Mr. Wagner. You say collect on U.S. citizens?
    Ms. Underwood. Yes, sir.
    Mr. Wagner. We are temporarily holding it while we validate 
that it corresponds to the passport that person is presenting, 
and then it is purged after 12 hours from our system.
    Ms. Underwood. OK.
    Mr. Gould. From a TSA perspective, we are leveraging 
photographs that travelers have provided to facilitate travel 
like passport photographs. When we capture the image at the 
checkpoint, it is not retained at the camera. Once that image 
is encrypted and transmitted, we only get back a match result.
    Ms. Underwood. Interesting. OK.
    Mr. Di Pietro. Ma'am, Secret Service collects fingerprints, 
palm prints, mugshots, other identifying information on 
individuals who we arrest as part of our criminal 
investigations.
    Ms. Underwood. But not as part of regular screening?
    Mr. Di Pietro. Pardon?
    Ms. Underwood. You don't retain the data that you collect 
as part of the regular screening?
    Mr. Di Pietro. That is correct.
    Ms. Underwood. You don't store it?
    Mr. Di Pietro. No, no. Regular screening, we use metal 
detectors, cabinet X-rays, things like that cap.
    Ms. Underwood. And fingerprints. So to get into the White 
House----
    Mr. Di Pietro. No, we do not use fingerprints at the White 
House. We don't scan for that.
    Ms. Underwood. Great.
    Yes, sir?
    Mr. Romine. The data that we have is sequestered in servers 
that are air gapped--they are not connected to the internet--in 
a locked door. I am the director of the laboratory, and I am 
not permitted to go into that room without being escorted. So 
it is very tightly controlled.
    Ms. Underwood. Thank you so much.
    I yield back.
    Chairman Thompson. Thank you.
    The Chair recognizes the gentleman from North Carolina, Mr. 
Walker.
    Mr. Walker. Thank you, Mr. Chairman.
    Ninety-nine-point-seven percent, that is pretty good, or 
about ironically the same on-base percentage that Cedric 
Richmond has at our annual baseball game, but that is another 
topic. A problem, I should, say not a topic.
    But I do have a question for you, Dr. Romine.
    How do you ensure--and I think Ms. Underwood was just kind-
of approaching this. How do you ensure that the biometric data 
collected is secured?
    Let me unpack a little bit more. Is the biometric 
identifier connected directly to other possibly sensitive or 
private information about the person?
    Mr. Romine. The data that we have on facial recognition is 
not connected to identifying information. So I will have to 
double check the exact features there, but I am----
    Mr. Walker. Can you do that for us and report back?
    So you are saying that the information that you are 
collecting is secured?
    Mr. Romine. The information we are collecting--we don't 
collect information. We obtain it from our partners for the 
purposes of evaluation only, and we secure that in--it is in a 
secure server.
    Mr. Walker. Let's use the word ``obtain'' instead of 
``collect.''
    Have you ever had a breach on the information you have 
obtained?
    Mr. Romine. No, sir.
    Mr. Walker. OK. Thank you.
    Questions for the panel. Keep it about 10 or 15 seconds 
will be good. That way we can get everybody in here.
    Can you elaborate more on these programs that have been 
successful, specifically on the ones identifying facial 
recognition, any other biometric technologies? If you can 
elaborate either on the success of them or adding security 
benefits or expediting travel for passengers?
    We will start with Mr. Wagner.
    Mr. Wagner. Sure. It gives us the ability to validate a 
person's biographical identity within 2 to 3 seconds without 
having to handle the physical passport and allows us to link it 
up in a secure way. So the person we did all our National 
security checks against in TSA, international security checks 
on international flights, corresponds to the person who is in 
front of us.
    Mr. Walker. Mr. Gould.
    Mr. Gould. Sir, with our pilot in Atlanta, we do data 
collection on the number of people who were choosing not to 
provide biometric identification at our checkpoint, and it was 
less than 1 percent. People seem to enjoy it. The traveling 
public moves through the checkpoint very rapidly. The best part 
of it is we enhance identity verification, thereby enhancing 
security.
    Mr. Walker. OK. Mr. Di Pietro, does it impact you at all?
    Mr. Di Pietro. Not really. Right now, we are piloting some 
technology, but we are in the middle of that test right now, so 
we haven't compiled the data. The tests will finish up at the 
end of August, and then we will have a chance to go through and 
review the data, and then we will be able to draw some 
conclusions. But at this point, we are still in the middle of 
the test.
    Mr. Walker. Dr. Romine, anything there?
    Mr. Romine. No, sir.
    Mr. Walker. OK. Going down the panel again.
    Based on these successes--specifically Mr. Wagner and Mr. 
Gould--where do you see the use of biometric technologies 
expanding in your specific agency, even beyond a complete roll-
out of the pilot programs?
    Mr. Wagner.
    Mr. Wagner. It will significantly transform the arrivals 
and departures on international travel in all our different 
environments, air, land, and sea, and can really build a very 
convenient, efficient, facilitative but yet secure process for 
us to do that.
    Mr. Walker. Mr. Gould.
    Mr. Gould. Sir, so for us, we will build on the success of 
our international partnership with CBP that we are doing in 
Atlanta to other international travel locations. We will look 
to use the CBP system for our trusted traveler population--
PreCheck, Global Entry--to do one-to-few or one-to-many 
matching for biometrics purposes at our checkpoints.
    Then really the next step that we are looking at is that 1-
to-1 matching that I mentioned before, where a traveler can 
approach the checkpoint, provide a credential, have the CAT 
machine, credential authentication technology machine, assess 
the image embedded in that credential and then match it to a 
photograph that is taken right there.
    Mr. Walker. All right.
    Mr. Di Pietro, do you ever share your information with 
local or State governments?
    Mr. Di Pietro. Information with respect to fingerprints?
    Mr. Walker. Information that you collect. Let me back up 
and ask this question, because I think I have got time to get 
it in. Ms. Underwood asked a couple of questions, and there 
seemed to be just a touch of hesitancy, so I wanted to follow 
back up there.
    The data that you collect, is it ever collected without 
subjects being aware?
    Mr. Di Pietro. No, sir.
    Mr. Walker. OK. All right. So the information that you do 
collect, fingerprints, et cetera, do you ever share that with 
State or local?
    Mr. Di Pietro. I would have to check with our lab director 
on that, sir, and get back to you.
    Mr. Walker. Are you familiar with any circumstances that 
you have in the past?
    Mr. Di Pietro. Sir, I am the Secret Service's chief 
technology officer. I work more on the engineering and 
technical side. I would have to get with our Forensic Services 
Division to answer that.
    Mr. Walker. Fair enough. I thank you for your time.
    I yield back, Mr. Chairman.
    Chairman Thompson. Just let me comment.
    In a Classified setting, we are going to ask that question 
again of the data collected that people don't know, because I 
think there is information being collected in the pilot at the 
White House that is different from the answer. But we plan to 
have a Classified briefing on that issue.
    The Chair recognizes the gentlelady from New York for 5 
minutes, Ms. Clarke.
    Ms. Clarke. Thank you, Mr. Chairman.
    Some would say let's not make--when it comes to National 
security, let's not make the perfect be the enemy of the good. 
But, unfortunately, the good is not good enough when bias is 
baked into the algorithms that create false positives. The 
stakes are far too high for individuals and too costly, 
particularly for women and people of color.
    The wide-scale deployment of facial recognition technology 
will have profound implications on privacy. We must look before 
we leap. It is imperative that Congress impose safeguards 
against mission creep and ensure biased algorithms do not make 
their way into wide-spread use.
    As a New Yorker, one who lives just miles away from Ground 
Zero, National security is crucially important. I know that 
first-hand.
    But facial recognition technology that routinely 
misidentify women and people of color don't make us safer; they 
make us less safe. Using this technology to help ICE target 
immigrants for deportation doesn't protect us from terrorism; 
it terrorizes hardworking families. When CBP uses these 
technologies on U.S. citizens traveling abroad without 
providing a transparent opt-out process, that is potentially 
unlawful.
    We have seen what happens when technology is widely 
deployed before Congress can impose meaningful safeguards. 
Let's not make the same mistake with facial recognition 
technology.
    You have a contractor that has a breach, and we know that 
we are seeing more use of video; deep-face, if you will. That 
information gets in the hand of an adversary overseas, and they 
want to create a disruption in our Nation, all you have to do 
is take that information, create a video from it, and, bam, we 
are already into a really bad situation.
    I don't know if we are looking at the interconnectedness of 
all of these technologies, particularly because they are all 
evolving. I am very concerned about the lack of specificity 
that we have at this stage.
    So my question is about accuracy. Mr. Wagner, CBP boasts 
that the facial recognition algorithm it uses is able to make a 
match of 98 or 99 percent of the time. But that statistic does 
not include instances where facial recognition technology is 
unable to capture a high-quality image due to human error, poor 
lighting, or other environmental factors.
    Recent testing by the DHS science and technology director 
has shown that, when data capture factors are included, the 
error rate increases to around 10 percent.
    Do you dispute S&T's findings?
    Mr. Wagner. No.
    Ms. Clarke. OK. Why does CBP insist on tracking a bogus 
statistic that ignores passengers who cannot be photographed 
well enough by the system to be matched?
    Mr. Wagner. What we are accounting for is, if we take a 
photograph that is of sufficient quality, are we able to match 
it.
    Ms. Clarke. If?
    Mr. Wagner. Correct.
    Ms. Clarke. OK.
    Mr. Wagner. Then we know we need to address the camera 
itself and the lighting conditions to make sure that we are 
capturing 100 percent of those photographs that we can then 
match at the 98 to 99 percent. Two separate statistics. They 
are both valuable to us.
    Ms. Clarke. Yes. There is also the false positive, the cost 
of the false positive. That individual that is detained for 
whatever reason because there is a false positive, the cost of 
that person's health, the cost of that person's well-being, 
perhaps there is a commerce concern involved. I am concerned 
about the lack of accuracy. I am very concerned about the 
lack----
    Mr. Wagner. If the person doesn't match the photo in this 
case, they present their passport as they are doing today.
    Ms. Clarke. Excuse me?
    Mr. Wagner. If a person doesn't match a photograph, they 
simply present their passport and their boarding pass.
    Ms. Clarke. If they trying to match them and they don't 
match, what happens to that individual?
    Mr. Wagner. They present their boarding pass and their 
passport----
    Ms. Clarke. Uh-huh.
    Mr. Wagner [continuing]. And it is manually reviewed at 
that point in time, just as happens today.
    Ms. Clarke. Is that--and those people are not detained in 
any way? They are not asked to step aside, they are not asked--
the process does not delay that person?
    Mr. Wagner. No. They just show their passport.
    Ms. Clarke. OK. I hope that is the case.
    Will CBP commit to tracking a more meaningful statistic 
that captures the usefulness and accuracy of the full facial 
recognition process, including the rate at which the system 
fails to capture a quality image?
    Mr. Wagner. We do track those rates. We track the--what we 
call the gallery completion rate. We are never going to have 
100 percent of a gallery because not everybody needs a passport 
to travel.
    Ms. Clarke. Including the images that are not high-quality, 
those that fail to meet your standard?
    Mr. Wagner. Right. We want to build it so that the camera 
will take a high-quality photograph.
    Ms. Clarke. I know that is what you want to do. But will 
you be keeping statistics on what doesn't meet that standard?
    Mr. Wagner. So we are, correct, yes.
    Ms. Clarke. Very well.
    I yield back, Mr. Chairman.
    Chairman Thompson. The Chair recognizes the Ranking Member.
    Mr. Rogers. Thank you, Mr. Chairman.
    I just want to clarify with the Secret Service: The 
information that you have collected in this pilot program that 
you talked about earlier, is it my understanding that everybody 
that is in that are employees of the Secret Service, and they 
volunteered to be in it?
    Mr. Di Pietro. That is correct. Maybe if I can explain how 
we are doing the pilot, that might help.
    Mr. Rogers. Also, when did the pilot start?
    Mr. Di Pietro. So we published the PIA back in November, it 
began in December, and it is going to run through August. We 
did that on purpose. We wanted it to go from the winter into 
the summer because of the different items people wear, so that 
we have a good amount of time where we were assessing it.
    Maybe if I just explain a little bit of how the pilot is 
working, that might help explain this for you.
    As you indicated, the participants of the pilot are Secret 
Service employees who volunteer to take part in this effort. 
The facial images are stored when associated match is 
recognized on an individual, on one of the volunteers. At the 
conclusion of the pilot, all of that information will be 
deleted.
    We are using our current CCTV system, video management 
system we have at the White House. I can imagine you have got a 
similar system up here on Capitol Hill that you use for CCTV 
surveillance. We are using those video feeds there, and we are 
trying to match the individuals that are in the pilot, the 
volunteers, to the people who we are seeing in those cameras. 
If there is no match, there is no record. If there is a match, 
then there is a record. That will be retained till the end of 
the pilot, and then that information will be deleted at the 
conclusion of the pilot.
    Mr. Rogers. Thank you, Mr. Chairman.
    Chairman Thompson. Thank you. But I think Mr. Katko's 
question was, if you were collecting data, capturing data, and 
you said no. My question is, whether it is a volunteer or a 
person walking the street, you are collecting data?
    Mr. Di Pietro. That is correct. That is right.
    Chairman Thompson. The Chair now recognizes the gentleman 
from Louisiana, Mr. Higgins.
    Mr. Higgins. Thank you, Mr. Chairman.
    Director Romine, would you describe biotech--biometric 
technology and facial recognition technology as designed to 
work with trained agents? In other words, man and machine 
working together? Is this what this is working toward?
    Mr. Romine. We are agnostic as to whether that is the use 
case or not. But our testing has verified that, in the case of 
facial recognition, the best algorithms and the best human face 
recognizers, the trained face recognizers----
    Mr. Higgins. I thank you for pointing that out. In your 
testimony, NIST has researched in an effort to measure the 
accuracy of forensic examiners, including forensically-trained 
facial reviewers.
    Mr. Romine. That is correct.
    Mr. Higgins. Your statement stated that it presented data 
comparing state-of-the-art facial recognition algorithms with 
the best human face identifiers, the best machines performed in 
the range of the best performing humans----
    Mr. Romine. That is correct.
    Mr. Higgins [continuing]. Who are professional facial 
examiners. But you went on to state that optimal face 
identification was achieved only when humans and machines 
collaborated.
    Is that an accurate assessment?
    Mr. Romine. That is correct.
    Mr. Higgins. Let me ask, Commissioner Wagner, is there ever 
an arrest made or denial to travel based solely on facial 
recognition technology?
    Mr. Wagner. No.
    Mr. Higgins. Thank you.
    So facial recognition technology gets a--let's call it a 
hit, a high probability based on algorithms, that a particular 
traveler is a person of interest. Then an agent looks into the 
documentation further and has personal interaction with that 
individual, which then approves the individual for travel or 
prompts further and deeper investigation. Is that correct?
    Mr. Wagner. Yes, that is correct.
    Mr. Higgins. So, just to clarify for America watching, this 
technology is being used to enhance the efficiency and the 
speed by which the trained agents can move travelers through 
screening points. Is that contract?
    Mr. Wagner. Yes.
    Mr. Higgins. Thank you for clarifying that.
    Is the general consensus amongst travelers and airlines 
that this technology is a good idea, is working well?
    Mr. Wagner. I believe so, yes.
    Mr. Higgins. Thank you for clarifying that.
    Let me jump into your data breach. It is a concern for all 
of us, regardless of which side of the aisle we are on.
    Who reported that breach? Did they self-report, or was it 
discovered? How was it discovered? Is my first two questions 
about that. Who reported it, the contractor, or did you all 
discover it?
    Mr. Wagner. No. I believe we asked them about it.
    Mr. Higgins. How much time went by?
    Mr. Wagner. A significant amount of time. I need to verify 
this, but my recollection seems to be that we asked them if any 
of our data was included in it, and they came back and said 
yes.
    Mr. Higgins. Not to put you on the spot here, my brother, 
but I am going to. When you say an amount of time, a pretty 
significant amount of time, are you talking days, weeks, 
months?
    Mr. Wagner. I have that answer. Let me look for that, and I 
will come back to you.
    Mr. Higgins. OK. We would like to know that, because it 
is--the contract was referred to as subsequently terminated. We 
would like very much to know what the course of events were 
regarding--what was the time line here with this contractor 
from the time the breach happened till the time it was 
discovered and inquired about and reported and verified, and 
then how much time before that contract was terminated?
    I believe--I would like to know, and perhaps my colleagues 
would like to know, if that contractor is still on the 
contracting list? If that contract was terminated with that 
contractor, but are they still out there bidding on other 
contracts? I believe we would like to know that.
    Commissioner Wagner, you have a tremendous job to do.
    You, gentlemen, thank you for your service, all of you. It 
is important to the Members of this committee to get things 
right.
    Many ports of entry, particularly land ports, face unique 
challenges implementing the biometric entry/exit system.
    Can you just share what--this is my final question--what 
are the primary challenges and how can we help?
    Mr. Wagner. The primary challenge was finding a way to 
implement this into a travel system that wasn't designed to 
support the, say, collection of biometrics on only a segment of 
the traveling public.
    You know, unlike Europe and Asia and other places, we don't 
have departure controls. You don't see a CBP Officer to get 
your passport stamped to depart the United States. We have 
never restricted departures like that. So international flights 
comingle with domestic flights. Then with each individual 
flight, you have got U.S. citizens, permanent residents, and 
visitors. So how do you sift and sort and differentiate between 
who is in scope or out of scope of the biometric exit 
requirement, what technology do you use to collect that 
biometric, and how do you ensure a way that is not going to 
create gridlock at the airports or the seaports or the land 
border, when we get to it, on how to do that.
    Mr. Higgins. That is exactly what you are working through 
right now, correct?
    Mr. Wagner. Right. So we found a way using the facial 
recognition and compare people against data they have already 
provided in a convenient, quick, and accurate way that we can 
apply to all travelers using different authorities and help the 
airlines board the planes even faster.
    Mr. Higgins. Mr. Chair----
    Thank you for that answer.
    My time has expired, Mr. Chairman.
    Chairman Thompson. Thank you very much.
    The Chair recognizes the gentlelady from New Jersey for 5 
minutes, Mrs. Watson Coleman.
    Mrs. Watson Coleman. Thank you, Mr. Chairman.
    Thank you, gentlemen, for your testimony. This is a very, 
very important issue for us. I mean, we want to be safe and 
secure, but we also want to recognize that our privacy is our 
privacy, and we have guarantees under the Constitution and that 
we are not in any way infringing upon that.
    Mr. Wagner, I would like to ask you a question. I 
understand the Department has sent an interim final rule to OMB 
that would expand CBP's collection of biometric data, something 
we have obviously expressed tremendous interest in.
    The committee is eager to learn as much as possible about 
what you intend with this rule and why you haven't pursued a 
more transparent and deliberative process.
    What does this interim final rule entail, how does it 
address CBP's collection of biometric data on U.S. citizens, 
and why did you choose this closed process rather than 
providing notice and allowing public comment?
    Mr. Wagner. There are several pieces of rulemakings 
underway. There is an interim final rule that is drafted and is 
circulating through the Government for comment. There is also 
notice of proposed rulemakings on other parts of what we would 
like to propose to do. We are evaluating all of those right now 
based on a lot of the comments we have received back from 
within Government, and we may take a different approach.
    There are regulations in place already, though, concerning 
biometric exit that have been in place that we are utilizing 
today. Through the privacy impact assessments, we have 
explained in great detail--in greater detail than would be in 
the regulations probably even--how the program operates and 
what exactly what happens with it. That is publicly available.
    Mrs. Watson Coleman. Are you having conversations with 
stakeholders?
    Mr. Wagner. Absolutely. I have personally done meetings 
with--two different meetings, the East Coast and West Coast, 
with the privacy community and all of the privacy 
representatives. We are certainly talking with all of our 
travel and tourism stakeholders. There is vehement support 
behind this in the travel and tourism arena. Of course, we are 
talking with the airlines and airports and our Government 
partners as well.
    Mrs. Watson Coleman. Why is it that I am asking you this 
question about why the committee doesn't have the information 
it needs? If these discussions have been in the public realm, 
why am I asking you about this process? What part of this 
process fits this question about why you have chosen to do it 
in a more closed way as opposed to a more transparent way? Or 
am I just misunderstanding and just misstating?
    What part of your consideration, your rulemaking request, 
your request to OMB, don't fit this sort of public sharing?
    Mr. Wagner. I am not sure I understand the question.
    Mrs. Watson Coleman. Well, according to the information 
that I was given, the Department has sent an interim final 
report to OMB. This interim report has to do with expanding 
your collection of biometric data and that the process that you 
all are using in dealing with OMB has been a closed process.
    What does that mean?
    Mr. Wagner. So there are certain provisions that would be 
in the interim final rule that, if OMB were to approve it, we 
could publish that in the Federal Register. You can still 
accept comments, I believe, on that, but the rule goes into 
effect.
    Really that----
    Mrs. Watson Coleman. What is the problem with there being a 
more open process now as----
    Mr. Wagner. We are doing that, too, for the other 
provisions.
    Mrs. Watson Coleman. Well, what about the provisions--I am 
specifically asking about the provisions that you are not doing 
it on. What is the reason for that?
    Mr. Wagner. I am----
    Mrs. Watson Coleman. Alright. So have you a number of 
proposals, rulemaking proposals----
    Mr. Wagner. Correct.
    Mrs. Watson Coleman. Right?
    Part of this, the Department has sent a final--an interim 
final rule to OMB. In this particular rule, it deals with the 
expansion of CBP's collection of biometric data.
    The understanding that I have been given is that the 
process that you are engaging in is a closed process, and we 
don't have--the committee doesn't have the benefit of what is 
being considered, what you are asking for. Instead, you have 
used another process that forecloses that opportunity.
    So I am asking, why would you choose to do that? What is it 
that you are asking for that you can't share in the asking? Not 
after the fact.
    Mr. Wagner. Well----
    Mrs. Watson Coleman. Or is there not such a thing, and we 
are just completely uninformed?
    Mr. Wagner. No. It is just the different portions of 
rulemaking process. Before the rule is even finalized, it would 
be premature to talk about what is in it or what is not in it, 
because that is going to change. Based on the feedback and our 
discussions with OMB, it is going to change.
    Mrs. Watson Coleman. But you do that on other rulemaking 
requests, but not on this specific area?
    Mr. Wagner. We will be publishing a notice of proposed 
rulemaking with anything that would fall within those 
parameters.
    Mrs. Watson Coleman. It is somewhat frustrating----
    Chairman Thompson. What I think the point is, at this 
point, the public has no input in this process, as far as we 
understand.
    Mrs. Watson Coleman. Yes.
    Chairman Thompson. The rulemaking process.
    Normally the notice for rulemaking----
    Mr. Wagner. Right.
    Chairman Thompson [continuing]. You push it out and receive 
comment.
    Mr. Wagner. We will do notice of proposed rulemakings to 
solicit that feedback.
    Chairman Thompson. You will?
    Mr. Wagner. We will.
    Mrs. Watson Coleman. OK. After that.
    Chairman Thompson. We finally got to where we--OK.
    Mrs. Watson Coleman. May I just have 30 seconds, since you 
so generously----
    Chairman Thompson. I will give the lady an additional 30 
seconds.
    Mrs. Watson Coleman. I am just sort-of curious about the 
Secret Service pilot project, and I wanted to understand--I 
understand that you are using this pilot project now with 
volunteer Service agents, so that when they are walking, you 
collect that information, if it matches, it works.
    Are you incidentally collecting other information on people 
who are not part of this voluntary effort? If so, what are you 
doing with those sort of pictures that you capture?
    Mr. Di Pietro. So, ma'am, the cameras that we are using as 
part of this pilot are part of the White House video management 
system. That is the CCTV system that records videos from all of 
the cameras around the complex. We retain that data for 30 days 
as part of the CCTV process.
    If we are--as we are going through and we are identifying 
those volunteers that are in there, that record is saved, and 
we save that and we are going to evaluate that to the end of 
the process.
    Mrs. Watson Coleman. But do you have the opportunity to 
review other--other faces that you are capturing that are in 
the vicinity, tourists, demonstrators, whatever?
    Mr. Di Pietro. If it would be something like a false 
positive, somebody who wasn't in our pilot but thought it was, 
that image would be retained in the----
    Mrs. Watson Coleman. We are concerned about what happens 
with----
    Chairman Thompson. Part of--we will have a Classified 
briefing.
    Mrs. Watson Coleman. Thank you.
    Chairman Thompson. We will have a lot of those questions 
responded to.
    Mrs. Watson Coleman. Thank you for your extension of time. 
Thank you very much for your----
    Chairman Thompson. Thank you.
    The Chair recognizes the gentlelady from Arizona, Mrs. 
Lesko, for 5 minutes.
    Mrs. Lesko. Thank you, Mr. Chairman.
    First, if you don't mind, I would like to yield a few 
seconds to my colleague, Mr. Higgins.
    Chairman Thompson. 5 minutes.
    Mr. Higgins. Thank you, ma'am.
    Mr. Chairman, I ask unanimous consent to enter into the 
record 2 op-ed articles in support of law enforcement 
application of biometric technology.
    The first is from New York City Police Commissioner James 
O'Neill, and the second is from managing director of the 
Chertoff Group, Lee Kair.
    Chairman Thompson. Without objection.
    [The information follows:]
                 How Facial Recognition Makes You Safer
Used properly, the software effectively identifies crime suspects 
        without violating rights.
            By James O'Neill, June 9, 2019, New York Times.
    In 1983, when I was sworn in as a police officer, many of the 
routine tasks of the trade would have seemed more familiar to a cop 
from my grandfather's day than to a new police academy graduate today. 
I took ink fingerprints on paper cards and used a Polaroid camera for 
mug shots. Reports were handwritten or typed on carbon triplicates. 
Biological evidence could be analyzed only in terms of blood type.
    Technology has improved the profession beyond what the most 
imaginative officer could have conceived in those days. These 
innovations include facial recognition software, which has proved its 
worth as a crime-fighting resource since we adopted it in 2011. But the 
technology has also raised concerns about privacy, so the public should 
know how the New York Police Department uses its system--and the 
safeguards we have in place.
    When detectives obtain useful video in an investigation, they can 
provide it to the Facial Identification Section, of the Detective 
Bureau. An algorithm makes a template of the face, measuring the shapes 
of features and their relative distances from each other. A database 
consisting solely of arrest photos is then searched as the sole source 
of potential candidates--not photos from the Department of Motor 
Vehicles, Facebook, traffic cameras or the myriad streams of closed-
circuit TV video from around the city. Facial ``landmarks'' are 
compared without reference to race, gender or ethnicity.
    After the software generates a list of possible matches, an 
investigator assesses their resemblance to the suspect. If one is 
selected, a review is conducted by detectives and seasoned supervisors, 
noting similarities and differences. If they affirm the match, the 
investigator proceeds with further research, including an examination 
of social media and other open-source images.
    We might find social media images of a person at a birthday party 
wearing the same clothing as the suspect in a robbery. That person then 
becomes a lead; the facial identification team will provide only a 
single such lead to the case detective. Leads provided by the unit are 
comparable to tips to our Crime Stoppers hotline--no matter how 
compelling, they must be verified to establish probable cause for an 
arrest. No one can be arrested on the basis of the computer match 
alone.
    In 2018, detectives made 7,024 requests to the Facial 
Identification Section, and in 1,851 cases possible matches were 
returned, leading to 998 arrests. Some investigations are still being 
conducted and some suspects have not been apprehended.
    But in many cases there have been clear results. Recently, the work 
of the facial identification team led to the arrest of a man accused of 
raping a worker at a day spa, and another charged with pushing a subway 
passenger onto the tracks. We have made arrests in murders, robberies 
and the on-air assault of a TV reporter. A woman whose dismembered body 
was found in trash bags in two Bronx parks was identified. So was a 
woman hospitalized with Alzheimer's, through an old arrest photo for 
driving without a license.
    The software has also cleared suspects. According to the Innocence 
Project, 71 percent of its documented instances of false convictions 
are the result of mistaken witness identifications. When facial 
recognition technology is used as a limited and preliminary step in an 
investigation--the way our department uses it--these miscarriages of 
justice are less likely.
    We have never put police sketches into the system; they would be of 
no value. We have used editing software to substitute a generic feature 
when a suspect is closing his eyes or sticking out his tongue in the 
submitted photo. The system can also create a mirror image of the right 
side of a face if we have only the left side, for example, to produce a 
3-D model.
    We use these methods solely to fill in missing or distorted data. 
And when we do so, we bring an additional degree of scrutiny to the 
process. To compare this to filling in a partial fingerprint, as the 
Georgetown Center for Privacy and Technology did in a recent report, is 
absurd. It makes sense to create an image of a suspect's left ear using 
his right ear as a model. But it is impossible to infer the shape of a 
nose from the shape of a chin. As the algorithm is constantly improving 
in its ability to read lower-quality images, the editing software is 
used less and less frequently.
    The department does not conduct civil immigration enforcement, and 
neither does our Facial Identification Section. But we do work with 
other police departments when appropriate. A recent request from the 
F.B.I. led to the identification of a child sex trafficker who 
advertised his services on social media.
    Biometric technology is no longer new. It is routinely used 
everywhere from shopping malls to doctors' offices. Its application by 
the department is carefully controlled and its invaluable contributions 
to police investigations have been achieved without infringement on the 
public's right to privacy. When cases using this technology have been 
prosecuted, our methods and findings are subject to examination in 
court.
    Facial recognition technology can provide a uniquely powerful tool 
in our most challenging investigations: When a stranger suddenly 
commits a violent act on the street. In the days of fingerprint cards 
and Polaroid mug shots, these crimes defined New York City, for 
visitors and residents alike.
    Though far rarer now, they remain life-altering, and sometimes 
life-ending, events. To keep New York City safe requires enormous and 
relentless effort. It would be an injustice to the people we serve if 
we policed our 21st-Century city without using 21st-Century technology.
    James O'Neill is the police commissioner for New York City.
                                 ______
                                 
       Biometrics can protect our borders--along with our privacy
By Lee Kair, opinion contributor, 05/09/19 11 o'clock AM EDT, 
        TheHill.com
    Customs and Border Protection (CBP) has been expanding its 
biometric programs with the use of facial recognition technology for 
inbound passengers, achieving early success both in identifying 
imposters attempting to enter the U.S. and improving the efficiency of 
the screening process itself.
    Based on this success, the Department of Homeland Security (DHS) 
recently announced efforts to expand programs to those departing the 
U.S., with the goal of covering 97 percent of outbound international 
travelers in the next 4 years.
    As DHS applies facial recognition and other biometric technologies 
to confirm travelers' identities and to intercept potential threats, it 
is important to look at how it balances travelers' privacy with 
security goals.
    Not surprisingly, the expanded use of biometrics raises questions 
about individual privacy, particularly in light of proliferating, high-
profile data breaches that can affect--and should alarm--all of us.
    As the lead agency for protecting our nation's borders, CBP has 
evolved its process for identifying and screening passengers over time. 
In ``the old days,'' passengers flying into the United States would 
present their passport to a CBP officer. The officer compared the 
laminated picture within the passport to the person standing in front 
of them, researched available government data sources to determine if 
the traveler was high-risk, and conducted in-person interviews to 
determine if additional screening was necessary. Although a sufficient 
process, it was time-consuming and dependent on CBP personnel to make 
accurate assessments and detect anomalies in real time.
    Since 2005, CBP has required airlines to provide manifest data 
shortly after departure so officers can leverage existing targeting 
infrastructure and resources, including government documentation and 
photographs (such as passport and visa photos), to determine the risk 
of incoming passengers before they arrive. Upon landing, low-risk 
passengers are expedited through customs while CBP focuses its 
resources on higher risk passengers.
    Today, CBP is leveraging commercially available biometric 
technologies to streamline and automate the existing process of 
manually matching images from data bases to individual travelers 
attempting entry into or exit from the U.S. The Transportation Security 
Administration (TSA) and aviation industry partners also are conducting 
biometric pilots across the country to expedite the traveler experience 
at the airport. These pilots are intended to confirm the identity of 
traveling passengers at various points in the airport ecosystem, with 
the goal of enhancing security while reducing friction in the travel 
process.
    As stakeholders evaluate CBP's deployment of biometric technology, 
there are three areas where CBP has demonstrated best practices that 
meet the goal of promoting both security and an improved traveler 
experience. These include leveraging new technology for more efficient 
and effective screening; providing transparency around the collection 
and use of biometrics in the screening process; and voluntary opt-in or 
opt-out participation for other biometric programs:
    Transparency.--CBP and TSA have issued several Systems of Records 
Notices and Privacy Impact Assessments while inviting public comment 
and publicizing strategies and roadmaps to educate and inform 
stakeholders on the steps they are taking to leverage technology for 
the security of the traveling public. This level of transparency is 
critical to developing trust between travelers and the government. In 
an era in which commercial companies often use ``terms of service'' 
obfuscated with pages of legal language, the government is being clear 
about its use of biometrics.
    Leveraging existing systems to make them more efficient.--Where the 
government already had access to--and used--biometrics through existing 
systems (such as photos from passports, visas, previous border 
crossings or trusted-traveler programs), the use of matching technology 
expedites old manual processes. This speeds the traveler experience and 
is more effective than manual visual comparisons. For example, 
automated matching of a facial or fingerprint biometric at the TSA 
screening checkpoint is likely more accurate and faster than a security 
officer's visual driver-license check. These enhancements allow TSA to 
increase speed and security while reallocating officer resources to 
focus on detecting additional threats to aviation security.
    Voluntary use.--CBP and TSA strategies also require the ability to 
opt in or opt out of other biometric matching programs and third-party 
use of biometrics. Specifically, CBP programs allow passengers to opt 
out of technical demonstrations as well as the sharing of biometric 
information with third parties (such as airlines); TSA requires opt-in 
participation for its biometric trusted traveler programs at TSA 
checkpoints.
    Many privacy advocates are concerned that the government could use 
the data for continuous surveillance without any suspicion of 
wrongdoing, to identify and track people without their knowledge. 
Critics claim that it's an overreach for the government to require U.S. 
citizens to submit to facial scans to board a plane.
    However, it is important to point out that CBP privacy policies 
only allow the biometric data to be used for identification purposes 
and that it must be deleted within 12 hours, in the case of U.S. 
citizens. Similarly, TSA is limiting its biometric programs to trusted-
traveler programs, in which travelers have already chosen to share 
information.
    In a time when we have seen rising concerns about stockpiling user 
data on social media, the use of biometrics by both the government and 
commercial entities must continue to be evaluated. Countries around the 
world are assessing the privacy exposure related to biometrics and 
facial recognition. The potential for commercial entities to combine 
biometric data with other user data--including geolocation, online 
activity and retail purchases--has the potential to significantly 
expose sensitive information about private citizens.
    While DHS's pilot programs must be evaluated on a continuous basis, 
I believe that DHS has handled the implementation correctly. This 
should be the standard for other organizations and government entities 
looking to deploy biometric-based solutions that create a more secure, 
trusted environment for the public.
    Lee Kair is managing director of The Chertoff Group, a security and 
risk management advisory firm. He served more than 15 years in senior 
executive positions at the U.S. Department of Homeland Security, 
including the Transportation Security Administration. The Chertoff 
Group is a frequent adviser to clients in the defense technology and 
aviation industries, including clients that work in identity management 
and biometrics technology. Follow on Twitter @ChertoffGroup.

    Chairman Thompson. The gentlelady is recognized for the 
additional time.
    Mrs. Lesko. Thank you, Mr. Chairman.
    I, too, ask unanimous consent to enter into the record 3 
letters expressing support for the effective and responsible 
use of biometrics by TSA and CBP. These letters are from 
Airlines for America, the International Air Transport 
Association, and the Global Business Travel Association.
    Chairman Thompson. Without objection.
    [The information follows:]
Letter From Sharon Pinkerton to Chairman Bennie G. Thompson and Ranking 
                           Member Mike Rogers
                                      July 8, 2019.
The Honorable Bennie Thompson,
Chairman, Committee on Homeland Security, U.S. House of 
        Representatives, 2466 Rayburn House Office Building, 
        Washington, DC 20515.
The Honorable Mike Rogers,
Ranking Member, Committee on Homeland Security, U.S. House of 
        Representatives, 2184 Rayburn House Office Building, 
        Washington, DC 20515.
    Dear Chairman Thompson and Ranking Member Rogers: Over the past 
decade, the Department of Homeland Security (DHS) has been evaluating 
and testing approaches to determine the most effective manner to add 
biometrics to its arrival and departure procedures to provide better 
security while maintaining privacy and facilitating the travel 
experience. We support those efforts.
    The work is being done so that the U.S. Customs and Border 
Protection (CBP) can implement the congressional mandate to administer 
a biometric air entry/exit program for departing international air 
passengers. The Transportation Security Administration (TSA) also is 
evaluating biometrics for identity verification at the security 
checkpoint. The primary benefits of the biometric programs are the 
enhanced ability to protect against identification fraud and to improve 
DHS's ability to determine the rate of visa overstays.
    A4A members have worked closely with CBP and TSA during this 
process and participated in the DHS Science and Technology 
Directorate's technology evaluations and pilot programs. DHS has worked 
to address and meet our principal goals of ensuring that any biometric 
program would increase security, improve the passenger experience and 
not require airlines to perform government functions.
    The security benefits of biometrics are undeniable. For example, 
the CBP match rate associated with facial recognition technology is 
consistently high, above 98 percent, and it is expected that technology 
will continue to improve. TSA, through collaboration with CBP, also is 
seeing the benefits of biometric technology, in particular facial 
recognition technology.
    While we believe the privacy protections currently in place are 
effective, we will continue to work with the DHS, CBP, TSA and our 
passengers to ensure the highest levels of privacy. Airlines already 
collect and transmit biographic data to DHS to comply with Federal 
security requirements, so we have experience in the area. Airlines, 
like DHS, also have committed to strict privacy principles as it 
relates to the use of biometric information. For facial recognition 
technology, these principles include opt-out options and non-retention 
of photos for business purposes. In fact, airlines and airports must 
immediately purge images following transmittal to CBP for identity 
verification. We all agree that privacy is of the utmost importance.
    We appreciate the collaboration that DHS has demonstrated in 
implementing the statutory mandate to administer biometrics to improve 
our nation's security. We recognize this is an area of rapidly changing 
technology and public acceptance and we look forward to working with 
Congress and the Administration to continue to make our nation's 
aviation system even more secure while improving the passenger 
experience. We believe that Congress can play a constructive role in 
incentivizing the best biometrics technology and we look forward to 
working with you as the technological capabilities continue to advance.
            Sincerely,
                                           Sharon Pinkerton
  Senior Vice President, Legislative & Regulatory Policy, Airlines 
                                                       for America.
                                 ______
                                 
 Letter From Douglas E. Lavin to Chairman Bennie Thompson and Ranking 
                           Member Mike Rogers
                                      July 8, 2019.
The Honorable Bennie Thompson,
Chairman, Committee on Homeland Security, U.S. House of 
        Representatives, Washington, DC 20515.
The Honorable Mike Rogers,
Ranking Member, Committee on Homeland Security, U.S. House of 
        Representatives, Washington, DC 20515.
    Dear Chairman Thompson and Ranking Member Rogers: On behalf of the 
International Air Transport Association (IATA) and its 290 member 
airlines, I appreciate the opportunity to comment on the use of 
biometric technologies in aviation. IATA is a strong supporter of the 
use of biometrics to facilitate a safe, secure, and efficient 
commercial air travel experience for our members' passengers.
    IATA estimates that the number of airline passengers globally will 
double by 2037. Given that aviation infrastructure development (e.g. 
airports and air traffic management) will likely not be able to keep 
pace with such growth, IATA has undertaken several initiatives designed 
to improve the experience and efficiency of the current travel process, 
particularly passenger facilitation at airports. IATA's ``One ID'' 
program seeks to introduce a streamlined, friction-free, and passenger-
centric process that allows an individual to assert their identity to 
the required level at every process step while maintaining the privacy 
of personal data. One ID is premised on a single token biometric that 
can be used at each touchpoint across the end-to-end journey.
    In June 2019, the IATA Annual General Meeting passed the attached 
resolution on the One ID program which affirms the significant benefits 
of paperless travel by means of biometric recognition and encourages 
governments to collaborate on a biometric-based identify management 
solution.
    IATA and several our member airlines have also worked closely with 
U.S. Customs and Border Protection (CBP) on their proposed biometric 
entry/exit system. We are very pleased with CBP's engagement with 
industry on this program and their consideration of important 
operational issues and the protection of passenger privacy. We look 
forward to continuing to work with CBP in a collaborative fashion as 
they implement this system.
    Thank you for your consideration.
            Sincerely,
                                          Douglas E. Lavin,
      Vice President, Member and External Relations--North America.
                   Attachment.--RESOLUTION ON ONE ID
    RECALLING that global air passenger traffic is projected to double 
by 2037, meaning that the air transport sector will accommodate an 
additional four billion passengers by this time;
    FURTHER RECALLING that the practical obligation to obtain and check 
passenger identity documentation and travel authorizations is often 
placed upon carriers as a part of immigration and border security 
processes;
    ACKNOWLEDGING that a safe, secure and seamless passenger experience 
is an objective of primary importance for consumers, governments and 
the airline industry;
    RECOGNIZING that efficient and optimized communication standards 
support both enhanced customer experiences and more effective security 
outcomes;
    FURTHER RECOGNIZING that important shifts in consumer behaviour, 
together with changing expectations in respect of real-time 
information, paperless processes and data privacy, require a high 
degree of collaboration between air transport sector stakeholders;
    The 75th IATA Annual General Meeting:
    1. AFFIRMS the significant benefits of paperless passenger travel 
        by means of biometric recognition;
    2. ENCOURAGES government authorities, member airlines and airports 
        to support the One ID strategy;
    3. ENCOURAGES ICAO and its member states to urgently identify 
        specifications for a digital travel credential that will offer 
        a secure and efficient alternative to passports;
    4. ENCOURAGES member airlines and all other actors in the air 
        transport system to work together toward a ``use case'' for 
        such a globally accepted digital travel credential;
    5. CALLS on government authorities, member airlines and airports to 
        urgently:
        (i) collaborate on identity management solutions for the 
        sharing of identity information to avoid duplication in 
        passenger checks and enable secure paperless processes, with 
        such solutions to satisfy the highest security principles and 
        meet the important requirements of privacy law;
        (ii) work together to find interoperable and innovative 
        solutions;
        (iii) further explore and apply the benefits of biometric 
        recognition, including in terms of security and speed;
    6. ENCOURAGES governments to explore the possibility of offering 
        the verification of passenger identity information as a 
        service.
                                 ______
                                 
       Letter From Shane C. Downey to Ranking Member Mike Rogers
                                      July 9, 2019.
Ranking Member Mike Rogers,
House Homeland Security Committee, H2-117 Ford House Office Building, 
        Washington, DC 20515.
    Dear Ranking Member Rogers: The Global Business Travel Association 
(``GBTA'') is the world's premier business travel and meetings trade 
organization headquartered in the Washington, DC area with 40 State 
chapters in the U.S. and operations on six continents. GBTA's 9,000-
plus members manage more than $345 billion of global business travel 
and meetings expenditures annually. GBTA delivers world-class 
education, events, research, advocacy, and media to a growing global 
network of more than 28,000 travel professionals and 125,000 active 
contacts.
    GBTA members work for the majority of Fortune 100 companies, 
buying, sourcing and managing the corporation's travel budget, among 
other responsibilities like ensuring the safety and security of their 
travelers. In a well-managed travel program, a corporation can see a 
return on investment of $20 for every $1 spent.
    Air travel is a major part of business travel and corporate spend. 
GBTA research on the U.S. economic impact of business travel shows 515 
million domestic business trips are taken in a year. Nearly 30 percent 
involve air travel meaning business travelers take to the skies on over 
144 million trips a year.
    Because of this mass of travelers, GBTA has made secure and 
efficient travel a key platform of GBTA's legislative policy. GBTA has 
consistently called for increased security at airports, including the 
hiring of additional officers to man these critical areas. However, as 
travel in general, and business travel specifically, has continued to 
grow exponentially, it has become clear that simply hiring more people 
is not enough, and that technology and pre-screening of passengers are 
necessary to support a system that is safe and efficient.
    GBTA has been a supporter of U.S. Customs and Border Protection's 
(CBP) Global Entry and Transportation Security Administration's (TSA) 
PreCheck since their inception. GBTA believes the use of biometrics and 
facial recognition is the logical next step to further increase 
traveler safety and efficiency in moving through security checkpoints.
    This support stems from understanding the issues that impact 
business travel. GBTA surveys of business travelers consistently cite 
moving through airport security as one of the largest pain points. 
PreCheck and Global Entry have delivered business travelers a risk-
based, intelligence-driven aviation security system that is safe, fast 
and efficient. Time is money for business travelers, and inefficient 
procedures reduce business travel due to the ``hassle factor'' and hurt 
the economy.
    To further illustrate the impact efficient screening can have, look 
to GBTA's ``Business Traveler Sentiment Index,'' which profiles 
business travelers' attitudes around business travel and how that 
impacts their actual travel behavior. Our research shows TSA PreCheck 
enrollees are significantly more satisfied with air travel than those 
not enrolled. Two-thirds (66 percent) of travelers enrolled in TSA 
PreCheck are satisfied with getting through airport security, compared 
with just 47 percent of business travelers not enrolled in the program. 
More striking is the impact the program has on the overall travel 
experience, 66 percent report satisfaction, compared to 54 percent for 
those not enrolled.
    Today's airport experience involves heavy friction and endless 
queuing at the counter check-in, bag drop, security screening and 
boarding. As facial recognition security programs expand, meeting the 
goal of frictionless travel improves. GBTA supports industry, 
governments and travelers working together to create a multi-layered 
approach that includes facial recognition for travel security screening 
purposes. GBTA believes the business traveling public will continue to 
embrace this security tool provided the following continue to progress:
    Data security is paramount, and the operators must ensure all 
protocols and procedures are followed to ensure the safety of the 
individual's data;
    False Identification Mitigation must continue to advance and be a 
part of all future plans. Prior to the enactment of Secure Flight, 
business travelers all too often had their identities confused with 
others on flight watch lists, causing delays and unnecessary hassles at 
the airport. Without a mitigation strategy in place, the same could 
occur with biometrics and facial recognition;
    And, travelers are made aware of the ability to opt in and out of 
facial screening checkpoints.
    GBTA encourages Congress to continue to work with the Department of 
Homeland Security and other key agencies, the security industry and 
travelers to strengthen and streamline travelers' safety and security.
            Sincerely,
                                           Shane C. Downey,
      Vice President, Government Relations, Global Business Travel 
                                                       Association.

    Mrs. Lesko. Thank you.
    All my questions, Mr. Chairman and Members, are for Mr. 
Gould.
    My first question, Mr. Gould, is the pilot program that you 
have working with Delta down in Atlanta, where do you get the 
photos from? Is it opt-in? Do you share--get the database of 
passports from CBP?
    That is my first question.
    Mr. Gould. Yes, ma'am. We use CBP's TVS matching service 
for that. CBP has access to State Department photos for the 
back-end matching.
    Then it is an opt-in program. Passengers have the 
opportunity to choose whether to present biometric 
identification using the facial capture or to present a 
credential. We see very high rate of people choosing to provide 
the facial image.
    Mrs. Lesko. OK. So just so that I understand, where do you 
ask them if they want their photo taken?
    Mr. Gould. Ma'am, there are signs throughout the checkpoint 
area that say we are piloting this technology and that should 
you choose not to participate, please let the TSO, the officer, 
know.
    As you approach the TDC, the travel document checker 
position, there is an officer there. The officer will say, you 
know, do you choose to provide biometric identification? In 
which case, if the passenger says yes, they are directed to 
stand in a specific location for that facial capture. So there 
is interaction with the officer at that point.
    Mrs. Lesko. Thank you. That is very informative.
    My next question is due to, I guess, the success of CBP's 
use of biometrics. I think this is--you know, this technology 
is going to happen. I do agree with other Members that we need 
to make sure that we have privacy and security in it, of 
course.
    But are you going to use any of the--is TSA planning on 
looking at how they can work, I guess, with CBP on their 
success in order to implement it in more airports?
    Mr. Gould. Yes, absolutely, ma'am. That is the reason we 
are doing the pilot in Atlanta, is to understand that 
interaction between us and the CBP TVS system and what benefit 
that system brings to the TSA checkpoint and the identification 
verification process.
    Mrs. Lesko. Good. I am glad that you are working on it, and 
hopefully we can get a fairly fast turnaround. I probably would 
be interested in going and seeing what you are doing down in 
Atlanta myself.
    Mr. Gould. Yes, ma'am.
    Mrs. Lesko. Also, Mr. Gould, are you planning on using 
this, or have you thought of using biometric technology, or do 
you, for the employees, the airport employees?
    Mr. Gould. Yes, ma'am. We are considering using biometric 
identification processes for employees as well.
    Mrs. Lesko. Thank you.
    The reason that I ask that is because from some of our 
briefings, hearings, I think we have been concerned about 
insider-type threats. I think what happened up in--what was it, 
Washington airport? I can't remember where--an employee take a 
plane and flew it----
    Mr. Gould. Yes, ma'am, Seattle.
    Ms. Lesko. Yes, Seattle, Washington. So--and with baggage 
handlers and those types of things. So it seems to me that it 
would be logical that we use biometric screening for the 
employees themselves.
    Mr. Gould. Yes, ma'am. That is certainly something we will 
be looking at.
    Mrs. Lesko. Thank you.
    I yield back my time.
    Mr. Payne [presiding]. Thank you. We now recognize the 
gentlelady from Texas for 5 minutes of questioning.
    Ms. Jackson Lee. Mr. Chairman, thank you very much.
    I want to start off by asking unanimous consent to put into 
the record an op-ed by the Houston Chronicle, Real Abuses at 
the Border: Squalid conditions for detained migrants are worthy 
of all outrage Americans can muster. Ask unanimous consent.
    Mr. Payne. Without objection.
    [The information follows:]
            Border Patrol abuses real, and worthy of outrage
The Editorial Board, July 5, 2019, Updated: July 5, 2019 8:59 a.m., 
        Houston Chronicle
    A ticking time bomb.
    That's how a senior manager described the situation at a Border 
Patrol detention facility in the Rio Grande Valley, according to a 
report by the Office of Inspector General released this week. The 
independent watchdog's findings describe squalid, overcrowded 
conditions at several facilities, where men, women and children are 
poorly fed and held without access to showers, sometimes for weeks.
    The investigators' words and images--men crammed together in 
standing-room-only cells, dozens of women and children lying side to 
side on concrete floors--support the testimony of doctors and lawyers 
who spoke out last week after interviewing immigrants in detention. 
They also lend credence to the stories Democratic lawmakers heard 
during a recent visit to a holding facility outside El Paso.
    Some had dismissed these claims as politically self-serving, or as 
the embellishments of partisans and activists looking to gin up 
outrage. Turns out the government's own reporting shows conditions at 
these detention centers are worthy of all the outrage Americans can 
muster.
    Along with overcrowding, investigators found more than 800 of the 
2,669 children in custody at the facilities had been held longer than 
72 hours, violating a court settlement as well as Customs and Border 
Protection policy. This included a group of 50 unaccompanied children 
under 7 years old, some of whom had been in these deplorable 
circumstances for more than 2 weeks.
    This report follows a similar warning by the OIG in May after a 
visit by investigators to holding locations in the El Paso area.
    The excuse that the government has been overwhelmed by the number 
of arrivals, many asylum-seekers from Central America, has worn thin. 
During a previous increase under the Obama Administration in 2014, 
mostly by unaccompanied minors, officials were also unprepared. Yet 
they quickly opened detention space across the country while officials 
made arrangements for the children to be released as quickly as 
possible into the custody of family or other sponsors. Although it was 
far from an ideal situation--this is where the first images of 
``children in cages'' came from--it relieved overcrowding and sped up 
processing time.
    The numbers this time around are larger, but the response has been 
anemic--seemingly, by design.
    So far, the lack of urgency in easing these conditions fits 
squarely into the spirit of deterrence through pain that has been at 
the heart of U.S. immigration policies over the years, but which have 
hardened unconscionably during the Trump administration.
    The need to quickly move detained immigrants from Border Patrol 
custody intensified on Monday, after some of the exchanges of a private 
Facebook group were released. As reported by ProPublica, group members, 
including current and former Border Patrol agents, posted racist, 
sexist and violent memes about immigrants and New York Congresswoman 
Alexandria Ocasio-Cortez.
    On an image of a migrant fording the Rio Grande while dragging a 
young boy in a plastic bag, group members wrote disparaging comments 
such as, ``At least it's already in a trash bag.'' Under a photo of a 
father and his 23-month-old daughter who drowned in the river, the 
member who posted the image asked if it was fake because the 
``floaters'' were so ``clean.''
    The revelation of the Facebook group comes on the heels of text 
messages between Border Patrol agents made public as part of an ongoing 
court case in Arizona, where an agent is accused of knocking down a 
Guatemalan man with his vehicle and then covering it up. In one 
exchange, the agent refers to immigrants as ``disgusting subhuman s--- 
unworthy of being kindling for a fire.''
    All these statements are vile and intolerable, but this isn't just 
name calling. When these attitudes are brought to bear, they can mean 
the difference between life and death. Between ignoring the jugs of 
water that humanitarian groups leave for migrants in the desert or 
slashing and stomping them. Between taking cover with your fellow 
agents as rocks fly overhead from across the border fence or 
indiscriminately shooting into Mexico at anything that moves.
    Of course, that side of Border Patrol is countered with the many 
agents who act humanely while fulfilling their duties, who put their 
lives on the line to protect immigrants and enforce our laws. But even 
some of the good actors are pressured to remain silent by a culture 
that protects its own, no matter the cost, while whistleblowers are 
ostracized.
    Tolerance of these attitudes has gone on long enough.
    The House Judiciary and Oversight Committees announced hearings 
next week into the conditions at detention centers. That's a good 
start. The agents who violated policy, and basic human decency, should 
also be punished. And over time, leadership should not only set an 
example, but work to improve the culture at the Border Patrol, which 
for far too long has gotten away with little accountability or 
transparency.
    Meanwhile, the time bomb keeps ticking.

    Ms. Jackson Lee. Ask unanimous consent from the CNET 
article, Monday, July 9, Acting DHS Secretary Defends Border 
Conditions.
    Mr. Payne. Without objection.
    [The information follows:]
       DHS Official Defends Conditions at Border Patrol Stations
July 8, 2019.
    WASHINGTON (AP).--Acting Homeland Security Secretary Kevin 
McAleenan on Sunday defended conditions at U.S. Border Patrol stations 
following reports of crowded and unsanitary conditions that have 
heightened debate about President Donald Trump's immigration policy, a 
trademark issue for his reelection campaign.
    ``It's an extraordinarily challenging situation,'' McAleenan told 
ABC's ``This Week.''
    The Homeland Security Department's internal watchdog provided new 
details Tuesday about the overcrowding in Texas' Rio Grande Valley, the 
busiest corridor for illegal crossings. The report said children at 
three facilities had no access to showers and that some children under 
age 7 had been held in jammed centers for more than 2 weeks. Some cells 
were so cramped that adults were forced to stand for days on end.
    Government inspectors described an increasingly dangerous 
situation, both for migrants and agents--a ``ticking time bomb,'' in 
the words of one facility manager. The report echoed findings in May by 
the department's inspector general about holding centers in El Paso, 
Texas: 900 people crammed into a cell with a maximum capacity of 125; 
detainees standing on toilets to have room to breathe; others wearing 
soiled clothing for days or weeks.
    In tweets Sunday afternoon, Trump went further than McAleenan in 
defending his administration's response, accusing the news media of 
``phony and exaggerated accounts'' but without providing evidence.
    ``Border Patrol, and others in Law Enforcement, have been doing a 
great job. We said there was a Crisis--the Fake News & the Dems said it 
was `manufactured,' '' Trump wrote. Federal detention centers ``are 
crowded (which we . . . brought up, not them) because the Dems won't 
change the Loopholes and Asylum. Big Media Con Job!''
    Democrats faulted Trump for not offering an immigration overhaul 
that could pass a divided Congress.
    ``The president is acting like we are some weak, pathetic 
country,'' said Colorado Sen. Michael Bennet, a Democratic Presidential 
candidate. ``We have the ability to treat human beings humanely. We 
have the ability to lead our hemisphere in a discussion about how to 
deal with this refugee crisis,'' he said on ``Fox News Sunday.''
    McAleenan said that since the first of the year, 200 medical 
providers have been added to facilities, including personnel from the 
U.S. Coast Guard and the Public Health Service Commission Corps.
    ``We have pediatricians in border patrol stations for the first 
time in history trying to help address conditions where children are 
coming across 300 a day in . . . April and May,'' McAleenan said.
    ``We've built soft-sided temporary facilities. These are spaces 
that are much more appropriate--high ceilings, more room for children 
and families. We've put them both in Donna, Texas, in South Texas as 
well as in El Paso to provide additional space . . . We've bought buses 
to transport people to better places.''
    McAleenan disputed news reports, including those by The Associated 
Press, of especially troubling conditions at a border station in Clint, 
Texas, where a stench was coming from children's clothing and some 
detainees were suffering from scabies and chickenpox.
    ``There's adequate food and water,'' he said. ``The facility's 
cleaned every day, because I know what our standards are and I know 
they're been followed because we have tremendous levels of oversight. 
Five levels of oversight.
    ``Inadequate food, inadequate water and unclean cells. None of 
those have been substantiated.''
    He said everyone in the chain of command is worried about the 
situation of children detained at the border. He said that on June 1, 
his department had 2,500 children in custody, including 1,200 who had 
been there for more than 3 days. As of Saturday, McAleenan said there 
were 350 children, and only 20 have been in the department's custody 
for more than 3 days.
    ``So that's huge improvement based on the resources we asked for 
from Congress and were finally given,'' he said.
    Sen. Jeff Merkley, D-Ore., told NBC's ``Meet the Press'' that he is 
stunned when administration officials say that reports on the 
conditions are unsubstantiated.
    ``I'm just like, `What world are they living in?' '' Merkley said, 
citing government and news reports. ``From every direction you see that 
the children are being treated in a horrific manner. And there's an 
underlying philosophy that it's OK to treat refugees in this fashion. 
And that's really the rot at the core of the administration's policy.''
    Separately, McAleenan addressed questions about U.S. Border Patrol 
agents who are under fire for posting offensive messages in a 
``secret'' Facebook group that included sexually explicit posts about 
U.S. Rep. Alexandria Ocasio-Cortez and dismissive references to the 
deaths of migrants in U.S. custody. The existence of that group was 
reported Monday by ProPublica. Prior to that, few people outside the 
group had ever heard of it.
    He said an allegation about such activity was investigated in 2016. 
``Discipline was meted out on an agent that made an offensive post on 
that website,'' he said.

    Ms. Jackson Lee. I ask unanimous consent to put into the 
record the IG inspector's report, dated July 2, 2019.
    Mr. Payne. Without objection.*
---------------------------------------------------------------------------
    * The information has been retained in committee files and is 
available at https://www.oig.dhs.gov/sites/default/files/assets/2019-
07/OIG-19-51-Jul19_.pdf.
---------------------------------------------------------------------------
    Ms. Jackson Lee. I ask to put into the record an article 
found in The New York Times, ICE uses facial recognition to 
mine State driver's license. That is July 7. Ask unanimous 
consent.
    Mr. Payne. Without objection.
    [The information follows:]
  ICE Used Facial Recognition to Mine State Driver's License Databases
By Catie Edmondson, July 7, 2019.
    WASHINGTON.--Immigration and Customs Enforcement officials have 
mined state driver's license databases using facial recognition 
technology, analyzing millions of motorists' photos without their 
knowledge.
    In at least three states that offer driver's licenses to 
undocumented immigrants, ICE officials have requested to comb through 
state repositories of license photos, according to newly released 
documents. At least two of those states, Utah and Vermont, complied, 
searching their photos for matches, those records show.
    In the third state, Washington, agents authorized administrative 
subpoenas of the Department of Licensing to conduct a facial 
recognition scan of all photos of license applicants, though it was 
unclear whether the state carried out the searches. In Vermont, agents 
only had to file a paper request that was later approved by Department 
of Motor Vehicles employees.
    The documents, obtained through public records requests by 
Georgetown Law's Center on Privacy and Technology and first reported on 
by The Washington Post, mark the first known instance of ICE using 
facial recognition technology to scan state driver's license databases, 
including photos of legal residents and citizens.
    Privacy experts like Harrison Rudolph, an associate at the center, 
which released the documents to The New York Times, said the records 
painted a new picture of a practice that should be shut down.
    ``This is a scandal,'' Mr. Rudolph said. ``States have never passed 
laws authorizing ICE to dive into driver's license databases using 
facial recognition to look for folks.''
    He continued: ``These states have never told undocumented people 
that when they apply for a driver's license they are also turning over 
their face to ICE. That is a huge bait and switch.''
    The use of facial recognition technology by law enforcement is far 
from new or rare. Over two dozen states allow law enforcement officials 
to request such searches against their databases of driver's licenses, 
a practice that has drawn criticism from lawmakers and advocates who 
say that running facial recognition searches against millions of photos 
of unwitting, law-abiding citizens is a major privacy violation.
    The F.B.I., for example, has tapped state law enforcement's troves 
of photos--primarily those for driver's licenses and visa 
applications--for nearly a decade, according to a Government 
Accountability Office report. The bureau has run over 390,000 searches 
through databases that collectively hold over 640 million photos, 
F.B.I. officials said.
    The Georgetown researchers' documents covered 2014 to 2017, and it 
was not immediately clear if those states still comply with the ICE 
requests. Representatives for the states' motor vehicles departments 
could not immediately be reached for comment Sunday night.
    On Monday, Amy Tatko, the public outreach manager for the Vermont 
Agency of Transportation, said in a statement that the use of facial 
recognition technology by the agency was discontinued in 2017 ``at the 
direction of current Governor Phil Scott as soon as it was brought to 
his attention.''
    Matt Bourke, an ICE spokesman, said the agency would not comment on 
``investigative techniques, tactics or tools'' because of ``law-
enforcement sensitivities.''
    But he added: ``During the course of an investigation, ICE has the 
ability to collaborate with external local, Federal and international 
agencies to obtain information that may assist in case completion and 
subsequent prosecution. This is an established procedure that is 
consistent with other law enforcement agencies.''
    The researchers sent public records requests to each state, 
searching for documents related to law enforcement's relationship with 
state motor vehicles departments. They received varying degrees of 
responsiveness but discovered the ICE requests in Utah, Washington and 
Vermont, which have come under fire before for sharing driver's license 
information with the agency.
    The Seattle Times reported last year that Washington State's 
Department of Licensing turned over undocumented immigrants' driver's 
license applications to ICE officials, a practice its Governor, Jay 
Inslee, pledged to stop. And a lawsuit in Vermont filed by an activist 
group cited documents obtained under public records law that showed 
that the State Department of Motor Vehicles forwarded names, photos, 
car registrations and other information on migrant workers to ICE, 
Vermont Public Radio reported this year.
    The relationship between Washington's Department of Licensing and 
ICE officials may prove to be particularly interesting to privacy 
experts because of a law the State Legislature passed in 2012 
stipulating that the department could use a facial recognition matching 
system for driver's licenses only when authorized by a court order, 
something ICE did not provide.
    Facial recognition technology has faced criticism from experts who 
point to studies that show that recognition algorithms are more likely 
to misidentify people of color--and in particular, women of color. At 
least 25 prominent artificial-intelligence researchers, including 
experts at Google, Facebook and Microsoft, signed a letter in April 
calling on Amazon to stop selling its facial recognition technology to 
law enforcement agencies because it is biased against women and racial 
minorities.
    The use of the technology has also come under fire from a 
bipartisan group of lawmakers. The House Homeland Security Committee, 
led by Representative Bennie G. Thompson, Democrat of Mississippi, will 
hold a hearing on Wednesday grilling Department of Homeland Security 
officials about their use of facial recognition. The chairman of the 
House Committee on Oversight and Reform, Representative Elijah E. 
Cummings of Maryland, has pledged to investigate the use of the rapidly 
expanding technology in the public and private sectors.
    ``This technology is evolving extremely rapidly, without any, 
really, safeguards, whether we are talking about commercial use or 
government use,'' Mr. Cummings said at a hearing on the issue last 
month. ``There are real concerns about the risks that this technology 
poses to our civil rights and liberties, and our right to privacy.''

    Ms. Jackson Lee. First of all, let me say to all of you, 
let me thank you for your service to the Nation. I have had the 
privilege of serving on this committee for a very, very long 
time.
    Mr. Wagner, I will get to the underlying basis of this 
hearing. But let me be very clear that I have to speak with 
great ire and dismay for the behavior of individuals at the 
border and the refusal of the Department of Homeland Security 
to cooperate with Members of Congress.
    I want to indicate that the $4.6 billion that was given 
last week and the whining that went on for a period of time to 
blame Congress was a misrepresentation to the American people.
    Because we understand that reprogramming of dollars can 
happen at the drop of a hat. The reason why I say that is, as I 
go into my questioning regarding the facial recognition, unless 
the answer changed from the time I was here, I understand there 
is no statutory legislation or anything that is giving you that 
authority. You are going to look for it. Maybe you will answer 
that question differently.
    But I just quickly want to say that we will not be able to 
tolerate--we respect you as servants of the Nation. It is 
unfortunate that very destructive policies of this 
administration has tainted very fine American servants of the 
people. That is what happened. Because when you don't have 
toothpaste and a toothbrush and you have a truckload of that 
material or nonprofits like the conscious presence that I met 
at the border station, one, and also Clint, begging to be of 
help, and you are telling the American people there is no one 
helping you, I think it is a sad commentary.
    So I just want to make sure you are aware of my dismay, 
that will not be tolerated, and the mismanagement will not be 
tolerated, and the accusations against Members will not be 
tolerated.
    If Vice President Pence can go in and look after it is 
cleaned up, spic and span, then Members who have oversight 
responsibility should be able to go in and look.
    Mr. Wagner. Understood.
    Ms. Jackson Lee. I would appreciate it if you would report 
that back to the Secretary.
    Mr. Wagner. I will.
    Ms. Jackson Lee. Thank you. Let me say to the gentleman 
from Transportation Security Administration, I am interested in 
you looking into the treatment of Crystal Lynette Sonea and 
Sharif Mohamad Hotef--we will give you that information--around 
April 14 in the Atlanta airport.
    So let me start with Mr. Wagner. This is horrific, the 
information regarding the use of these--and my earlier 
information was that you know that people of color and women--
so I get it twice--are unfortunately targeted the most.
    In the article, it says agents with the FBI and ICE have 
turned the State driver's license databases recognition into a 
gold mine scanning through hundreds of millions of American 
photos without their knowledge or consent.
    In addition, it says that the State department motor 
vehicle databases into the bedrock of unprecedented 
surveillance and infrastructure.
    I want to submit into the record, Mr. Chairman, an article 
by Amazon that says ``Amazon facial recognition''--not by 
Amazon--``Amazon facial recognition mistakenly confused 28 
Congresspersons with known criminals''. I will not put the 
Congressperson's names into the record, but I think most of us 
would like not to be known as known criminals.
    My question----
    Mr. Payne. No objection.
    [The information follows:]
 Amazon's Facial Recognition Wrongly Identifies 28 Lawmakers, A.C.L.U. 
                                  Says
By Natasha Singer, July 26, 2018, New York Times.
    Representative John Lewis of Georgia and Representative Bobby L. 
Rush of Illinois are both Democrats, members of the Congressional Black 
Caucus and civil rights leaders.
    But facial recognition technology made by Amazon, which is being 
used by some police departments and other organizations, incorrectly 
matched the lawmakers with people who had been charged with a crime, 
the American Civil Liberties Union reported on Thursday morning.
    The errors emerged as part of a larger test in which the civil 
liberties group used Amazon's facial software to compare the photos of 
all Federal lawmakers against a database of 25,000 publicly available 
mug shots. In the test, the Amazon technology incorrectly matched 28 
Members of Congress with people who had been arrested, amounting to a 5 
percent error rate among legislators.
    The test disproportionally misidentified African-American and 
Latino Members of Congress as the people in mug shots.
    ``This test confirms that facial recognition is flawed, biased and 
dangerous,'' said Jacob Snow, a technology and civil liberties lawyer 
with the A.C.L.U. of Northern California.
    On Thursday afternoon, three of the misidentified legislators--
Senator Edward J. Markey of Massachusetts, Representative Luis V. 
Gutierrez of Illinois and Representative Mark DeSaulnier of California, 
all Democrats--followed up with a letter to Jeff Bezos, the chief 
executive of Amazon, saying there are ``serious questions regarding 
whether Amazon should be selling its technology to law enforcement at 
this time.''
    In the letter, the lawmakers asked for details on how Amazon tested 
its facial technology for accuracy and bias. They also requested a list 
of all government agencies using Amazon's facial technology as well as 
all law enforcement and intelligence agencies Amazon had communicated 
with about the system.
    Separately, two other congressmen wrongly matched with mug shots--
Mr. Lewis and Representative Jimmy Gomez, a California Democrat--wrote 
their own letter to Mr. Bezos requesting an immediate meeting ``to 
discuss how to address the defects of this technology.'' The letter was 
first obtained by BuzzFeed.
    Nina Lindsey, an Amazon Web Services spokeswoman, said in a 
statement that the company's customers had used its facial recognition 
technology for various beneficial purposes, including preventing human 
trafficking and reuniting missing children with their families. She 
added that the A.C.L.U. had used the company's face-matching 
technology, called Amazon Rekognition, differently during its test than 
the company recommended for law enforcement customers.
    For one thing, she said, police departments do not typically use 
the software to make fully autonomous decisions about people's 
identities. ``It is worth noting that in real-world scenarios, Amazon 
Rekognition is almost exclusively used to help narrow the field and 
allow humans to expeditiously review and consider options using their 
judgment,'' Ms. Lindsey said in the statement.
    She also noted that the A.C.L.U had used the system's default 
setting for matches, called a ``confidence threshold,'' of 80 percent. 
That means the group counted any face matches the system proposed that 
had a similarity score of 80 percent or more. Amazon itself uses the 
same percentage in one facial recognition example on its site 
describing matching an employee's face with a work ID badge. But Ms. 
Lindsey said Amazon recommended that police departments use a much 
higher similarity score--95 percent--to reduce the likelihood of 
erroneous matches.
    Facial recognition--a technology that can be used to identify 
unknown people in photos or videos without their knowledge or 
permission--is fast becoming a top target for civil liberties groups 
and privacy experts.
    Proponents see it as a useful tool that can help identify 
criminals. It was recently used to identify the man charged in the 
deadly shooting at The Capital Gazette's newsroom in Annapolis, Md.
    But civil liberties groups view it as a surveillance system that 
can inhibit people's ability to participate in political protests or go 
about their lives anonymously. This month, Microsoft said the 
technology was too risky for tech companies to deploy without 
government oversight and called on Congress to regulate it.
    Over the last 2 months, Amazon has come under increasing pressure 
for selling its Rekognition technology to law enforcement agencies. The 
company has sold the service as a way for police departments to easily 
identify suspects in photos or videos.
    Amazon's site describes how its system can perform ``real-time face 
recognition across tens of millions of faces'' and detect ``up to 100 
faces in challenging crowded photos.'' (The New York Times recently 
used the Amazon technology to help identify guests at the royal wedding 
of Prince Harry and Meghan Markle.)
    In May, two dozen civil liberties groups, led by the A.C.L.U., 
wrote a letter to Mr. Bezos, demanding that his company stop selling 
the facial technology to law enforcement. The groups warned that the 
software could be used to trail protesters, undocumented immigrants or 
other members of the public--not just criminal suspects.
    Similar demands of Mr. Bezos from Amazon employees, Amazon 
investors, and several hundred academics soon followed.
    Mr. Snow of the A.C.L.U. said his group's test of Amazon's software 
should push Congress to put a moratorium on law enforcement's use of 
facial recognition technology.
    But in a blog post last month, Matt Wood, general manager of 
artificial intelligence at Amazon Web Services, said that there had 
been no reports of law enforcement abuse of Amazon's facial technology. 
He added that Amazon believed it was ``the wrong approach to impose a 
ban on promising new technologies because they might be used by bad 
actors for nefarious purposes in the future.''
    In a letter to Amazon, the Congressional Black Caucus noted the 
potential for racial bias with the technology--an issue raised by a 
recent M.I.T. study that found some commercial facial recognition 
systems correctly identified a higher proportion of white men than 
darker-skinned women. In their letter, the caucus members urged Mr. 
Bezos to hire ``more lawyers, engineers and data scientists of color to 
assist in properly calibrating this technology to account for racial 
bias that can lead to inaccuracies with potentially devastating 
outcomes.''
    In the civil liberties group's test, the Amazon software 
misidentified several members of the Congressional Black Caucus, 
including Mr. Lewis and Mr. Rush, as other people who had been 
arrested.
    ``We think these test results really raise the concern that facial 
recognition has a race problem,'' said Mr. Snow, the A.C.L.U. lawyer.

    Ms. Jackson Lee. To both of you, and a little extra time 
for them to answer, the two gentlemen from TSA and from CBP, 
how are you doing this, with the protections of due process and 
notice, without the notice of the American people that the 
process even exists? What framework is there to have the 
firewalls that you are not turning Congress people or children 
into convicted criminals?
    Mr. Wagner. We are not seeing those same error rates that 
are--that can be attributed to specific demographics in how we 
are doing this.
    How we are doing this cannot be compared to previous 
studies on this. There are different control factors in place. 
You know, there are different--we are taking a person that is 
standing in front of a camera where we can take a clear 
picture, and we are comparing it against a clear set of 
baseline photos from their passports or their visas where they 
were also standing still in front of a camera to capture a 
clear picture. That is why we have such accurate rates.
    Previous studies didn't quite take the same control factors 
into place. This is not us taking an image of a person and 
randomly running it against a gallery set of indistinguishable, 
say, quality photographs and lowering down the accuracy rate as 
to what constitutes a match to make it match someone that it is 
not.
    I mean, you can do the same thing with fingerprints. If you 
only take two----
    Ms. Jackson Lee. How do you secure that--how do you secure 
that data?
    Mr. Wagner. When the photo is taken at the airport, it is 
encrypted and transmitted to the CBP into our cloud space. It 
is then templatized, which my understanding of that is it is 
turned into a mathematical formula. There is a unique 
identifier associated with that. There is no biographical data 
or PII associated with that. It is matched up against our 
gallery of templatized photos. When there is a match, a message 
goes back to the camera with just yes or no and that unique 
identifier.
    Ms. Jackson Lee. Let me move quickly to Mr. Gould and TSA. 
Let me thank TSA for their front-line service of protecting 
America.
    Mr. Payne. Thank you, Ms. Lee.
    Ms. Jackson Lee. Thank you, Mr. Chairman, for your 
indulgence.
    The same question as to how you are utilizing and how you 
are protecting the data and avoiding this intrusion into the 
privacy of the American public without them knowing it.
    Mr. Gould. Yes, ma'am. So I would--we are using CBP's TVS 
system. So the answer that Mr. Wagner provided applies to TSA 
as well.
    With respect to the accuracy and the matching, the one 
thing that I would like to add is, the technology is evolving 
so quickly and it is improving so quickly, we will continue to 
assess at every step, for any additional pilots, from when we 
consider employing this in a wider scale, we will assess the 
best way to get quality image capture and be sure to employ the 
highest-quality algorithms to ensure the highest match rate.
    Mr. Payne. OK. Thank you.
    Ms. Jackson Lee. Thank you, Mr. Chairman.
    I yield back. Thank you very much.
    Mr. Payne. The Chair recognizes Mr. Green.
    Mr. Green of Texas. Thank you, Mr. Chairman.
    Thank the Ranking Member. Thank the witnesses for 
appearing.
    My questions have to do with the surveillance. My first 
question is, are all people who are traversing areas within an 
airport under some degree of suspicion?
    Who would like to answer, please?
    Mr. Gould. Well, I would say that when a person is 
traversing an airport, they are not necessarily under 
suspicion. Airports, you know, utilize security cameras, closed 
circuit television, for security reasons.
    With respect to TSA, though, the only reason that we use 
cameras and capture images is solely for the purpose of 
identification.
    Mr. Wagner. If I could just add that----
    Mr. Green of Texas. Please.
    Mr. Wagner [continuing]. What we are doing is absolutely 
not a surveillance program. The picture of an individual is 
taken with their complete knowledge, because they are standing 
in front of a camera at a time and place where they have to 
present a physical ID in order to establish their identity to 
move forward. We are just replacing the evaluation and the 
scrutiny of the physical ID with a computer algorithm.
    Mr. Green of Texas. Should I assume that persons who enter 
the airport and who are not within the secured area will not be 
a subject of this technology?
    Mr. Gould. Not by TSA, sir. It solely occurs at either the 
bag drop or the checkpoint.
    Mr. Wagner. Or a time and place where you have to present 
an identification to establish your identity to go through 
whatever process that is.
    Mr. Green of Texas. In Houston, the bag drop occurs outside 
of the building, before you enter the building. You drive up in 
your car, you have friends, neighbors with you perhaps, and you 
go over to an agent, and that person then receives your bag, 
gives you a ticket.
    So would it occur in this area, please?
    Mr. Gould. Sir, right now, the only place that the 
biometric identification that the bag drop is occurring is in 
Terminal F in Atlanta. I went down there. I observed the way 
the technology----
    Mr. Green of Texas. If I may, because time is of the 
essence. But we are talking about expanding, are we not?
    Mr. Gould. Yes, sir.
    Mr. Green of Texas. OK. Here is my concern. Let me go to 
the point, and I will be as pithy as I can.
    But one can only imagine what Mr. J. Edgar Hoover would 
have done with this technology. It was Mr. Hoover who 
surveilled Dr. King. They went so far as to send a letter to 
Dr. King encouraging him to take his life. One can only 
imagine.
    Now, I am not placing you under the eye of suspicion, but 
it is my job to make sure that this kind of technology is not 
abused. I take my job seriously because I am protecting you by 
doing my job.
    So my concerns are, do you alert people in some way to--so 
as to advise them that they are being surveilled?
    Mr. Gould. Sir, I wouldn't characterize it as surveillance. 
The way the alert happens, to use your term, is when you 
approach the bag drop, the agent will say, ``Would you like to 
use biometric identification to match you to your bag?'' or 
something along those lines.
    Mr. Green of Texas. Permit me to ask this. If you thought--
if you believed that this was a form of surveillance, would you 
alert people? Would you alert the public, if you thought this 
was some form of surveillance?
    Mr. Gould. So we don't do surveillance, but we are----
    Mr. Green of Texas. Excuse me. If you thought--would you 
recommend--if we were of the opinion that this is surveillance, 
what do you think we should do? Should we indicate that person 
should be noticed that they are being surveilled?
    Mr. Gould. Sir, we provide notice before the image is 
captured. It is purely with the consent of the traveler.
    Mr. Green of Texas. What about the consent of the person 
who happens to be with the traveler who is just a friend?
    Mr. Gould. We solely capture the picture of the traveler 
who has consented. The camera is only about 2 feet away. You 
step right in front of it, and it solely captures that image.
    Mr. Green of Texas. All right. Thank you. But we are 
considering expansion.
    My concern is suspicionless surveillance, suspicionless 
surveillance, surveilling persons who are not under suspicion 
perhaps by accident.
    Final question is this because time is running out.
    Will there be any means by which persons who engaged in 
litigation can acquire access to this intelligence that you 
have preserved for some length of time, meaning the 
photographs?
    Will there be any means by which persons who are engaged in 
litigation can acquire it?
    Mr. Gould. Sir, the photographs we match against are in the 
CBP TVS system. They are passport photographs. The images that 
are captured are not retained in the camera in any respect. We 
solely get back a match/no match return, if that answers your 
question.
    Mr. Green of Texas. It really does not, because what I am 
trying to get to is this: If persons are engaged in some form 
of litigation--and one can only imagine what that might be--
will they be able to acquire a photo so as to show that a 
person was at a given location on a given occasion?
    Mr. Gould. I understand, sir. That photo is not retained at 
all by TSA, so they will not be maybe to retain it.
    Mr. Green of Texas. It is retained----
    Mr. Gould. It is encrypted. It is transmitted to CVP, and a 
match rate is returned.
    Mr. Green of Texas. OK.
    Mr. Wagner. If it is a U.S. citizen, the photo is deleted 
after 12 hours. If it is a foreign national, at the baggage 
drop, that photo would also be deleted. What we would keep on a 
foreign national, though, is their boarding on the plane and 
their final departure to serve as the biometric exit of their 
departure.
    Mr. Green of Texas. Thank you. I greatly appreciate this. I 
assure you that I want us to secure our airports, our ports of 
entry, but I am also concerned about suspicionless 
surveillance.
    Thank you.
    Mr. Payne. Thank you.
    The gentleman, Mr. Guest, you are recognized for 5 minutes.
    Mr. Guest. Thank you, Mr. Chairman.
    Mr. Wagner and other guests, thank you for being here 
today. I know that at least 3 of our witnesses, your 
departments fall under the Department of Homeland Security.
    Your website reads as follows: The Department of Homeland 
Security has a vital mission: To secure the Nation for the many 
threats we face. This requires the dedication of more than 
240,000 employees in jobs that range from aviation and border 
security to emergency response, from cybersecurity analysts to 
chemical facility inspectors. Our goal is clear: Keeping 
America safe.
    In addition to the agencies that are represented here 
today, Homeland Security includes the Cybersecurity and 
Infrastructure Security Agency, the United States Citizen and 
Immigration Services, the United States Coast Guard, the United 
States Immigration and Customs Enforcement. It includes FEMA as 
well as the Customs and Border Protection, Secret Service, and 
the TSA.
    I believe that if these agencies that I just spoke of, if 
these agencies were abolished, that our country would be 
substantially less safe.
    My question--I will begin with you, Mr. Wagner--is can you 
please tell me what impact it would have on the people of 
America if Homeland Security and these agencies for which you 
serve, if these agencies were abolished by Congress?
    Mr. Wagner. Well, there would be no one to process people 
coming and going across the border, either U.S. citizens or 
visitors. There would be no one to process commercial cargo, to 
look for harmful goods or products coming in. There would be no 
one to collect the taxes that are due on those duties. CBP 
collects over $40 billion a year into the U.S. Treasury through 
duties, taxes, and fees. There would be no one to do that.
    Mr. Guest. Would you agree with me that the different 
enforcement capacities that the Department of Homeland Security 
polices, that it runs a gamut of different things? We just 
talked about everything from the Secret Service, which provides 
protection for our dignitaries; TSA, which is responsible for 
air travel; Coast Guard; border enforcement--that those are 
very important functions of our Government to make sure that 
these agencies are funded? Would you agree with that, Mr. 
Wagner?
    Mr. Wagner. Yes. The origins of our agency go back to 1789 
and the very beginning of the country.
    Mr. Guest. Mr. Gould, would you care to expound on that at 
all?
    Mr. Gould. I agree with what Mr. Wagner said, and, you 
know, if TSA were not there, the security of transportation 
systems, not solely air travel, would be in some degree of 
jeopardy.
    Mr. Di Pietro. Congressman, as you indicated, you know, we 
protect the President and the Vice President, others. We also 
have criminal investigations. So that is critical work that we 
are doing.
    Mr. Guest. Would each of you agree that it would be 
irresponsible to talk about abolishing these agencies that 
perform such very important tasks on behalf of the American 
people?
    Mr. Wagner. Yes.
    Mr. Gould. Yes, sir.
    Mr. Di Pietro. I would agree with that.
    Mr. Guest. No further questions, Mr. Chairman. I yield 
back.
    Mr. Payne. Thank you. I, you know, just--I know I was late 
to the hearing today, but I don't really--and maybe it happened 
before I got here, but I don't really ever mention--hearing 
anyone mention that these institutions should be abolished, so 
just for the record.
    We have the gentleman from Kansas City, Mr. Cleaver.
    Mr. Cleaver. Thank you, Mr. Chairman.
    I am deviating a little. Do you know James Wilson? Do any 
of you know who he is? Probably one of the most important 
figures that we don't know much about. He signed the 
Declaration of Independence and eventually became a member, 1 
of the first 6 members of the Supreme Court. He said that the 
Congress shall form the grand inquisition of the Executive 
branch. I think that my children's children, and even their 
children, will study this era and say: That is when it got 
started.
    I am concerned, you know, I was in the executive branch 
municipality, mayor of Kansas City, and so I know you guys are 
busy, especially right now. A group of my colleagues and I 
signed a letter and sent it to you, Mr. Wagner and Mr. Gould, 
almost 30 days ago. We haven't gotten an answer. So I didn't 
know if this was a part of the plan to ignore Congress or if 
you are just consumed. I am not stupid, so I know you don't 
have--nobody should expect you to write a personal letter to 
everybody who writes you a letter, even Members of Congress, 
but if you don't have enough staff, we need to know. Because 
until it completely collapses, we are still supposed to provide 
oversight. I am not trying to be hostile. I am not sure I can 
do a good job of being hostile, but I can certainly do a good 
job of being frustrated. So I appreciate your work and what you 
do, but I just--I have to say that it is frustrating, just 
listening, just seeing what is going on, refusal after refusal 
to allow Congress to do its oversight. I hope that if I am 
around at a time when my voice is important, to say, I am not 
going to support nonresponsiveness to Congress, that I get the 
opportunity to say it, even if my daddy is in the White House.
    Now, having said that, some of the questions that my 
colleagues and I asked because we thought they were important, 
I will ask a couple of them. Time is running out, but is there 
any statutory authority that would allow the whole process of 
facial recognition, or is that just an internal move? Anybody?
    Mr. Wagner. There are several pieces of statutory authority 
that authorize us to do and run this program. There are several 
pieces of legislation from Congress, requiring a biometric-
based, entry-exit system for certain foreign nationals. There 
are other statutes which authorize us to determine identity and 
citizenship, including U.S. citizens. There has to be a way for 
us to make that determination that a person is a U.S. citizen, 
and there are statutes to authorize us to consider evidence 
presented by that person to make that determination, and then 
if it is not to the examining officer's satisfaction, the 
regulations stipulate that person would be considered and 
inspected as an alien.
    Mr. Cleaver. OK. Thank you.
    Mr. Gould.
    Mr. Gould. Sir, from a TSA perspective, the Aviation and 
Transportation Security Act requires that we screen all 
passengers and crew boarding aircraft. Fundamental in that 
screening process is that we positively identify them. The Act 
mentions exploring the use of biometrics for that purpose. So 
that is the authority that we are operating under.
    Mr. Cleaver. OK. I mean, it wasn't a trick question. I just 
wanted to know.
    Mr. Gould. No, I understand, sir.
    Mr. Cleaver. Yes. Last week, I participated in a 
demonstration in front of the Treasury Department, along with a 
number of other individuals, the refusal to put a 
Congressionally-approved likeness of an African American woman 
on the dollar. That is another whole issue, but I was in front 
of the demonstration. Should I and the other folk who got off 
that bus to demonstrate expect that we were somehow surveilled 
and put in the category of subjects of interest? I mean, since 
that is what apparently takes place on the grounds of the White 
House. I don't want to suggest I am as important as, you know, 
the President or Patrick Mahomes or somebody, but, you know, 
should I expect that?
    Mr. Di Pietro. Congressman, we do have a CCTV video 
surveillance system in and around the White House. There is a 
PIA that is published through the Department of Homeland 
Security alerting people to that. In addition, the cameras that 
we have, many of them are overt, all down Pennsylvania Avenue 
and on the buildings adjacent to the White House there.
    Mr. Cleaver. What about other Federal departments?
    Mr. Di Pietro. I can't speak to what other Federal 
Departments are doing, Congressman.
    Mr. Cleaver. OK. All right. Thank you.
    Mr. Gould, nice suit.
    Mr. Gould. Thank you very much, sir. I like yours, too.
    Mr. Cleaver. I yield back, Mr. Chair.
    Mr. Payne. Thank you, sir. Now we recognize the gentlelady 
from Florida, Mrs. Demings.
    Mrs. Demings. Thank you so much, Mr. Chairman, and thank 
you to our witnesses today. Let me just for the record say that 
I respect the jobs that you have to do. I understand how tough 
they are. I think that all of our jobs have gotten tougher in 
recent years. I am not sure why my colleague felt the need to 
talk about abolishing your agencies, because I know no one on 
this committee, on either side of the aisle, has ever proposed 
such an idea. We are the Committee on Homeland Security, and we 
are here to make sure that you have the tools and resources to 
effectively do your jobs, but I know that gets a little tougher 
when sometimes you receive unjust and improper orders and do 
not have the resources to effectively do your job.
    Earlier I heard one of my colleagues talk about the reason 
for biometric technologies involved speed and efficiency. Well, 
I was assigned to the Orlando International Airport as a police 
commander on the worst day in aviation history, on 9/11. I know 
that the No. 1 responsibility for you is the safety of the 
traveling public, and if you can ensure that, or increase those 
odds and do it in an efficient and faster way, then that is 
just icing on the cake.
    But what sets us apart as we work to keep our Nation safe, 
what sets us apart in this country is that we can enforce the 
laws and write the laws, but also protect an individual's civil 
rights. That is what sets us apart. I will not--violating civil 
rights or the perception of violating civil rights is an issue 
that we cannot ignore and we have to deal with. Look, when we 
are able to deploy new technology, that is a great and 
wonderful thing. I remember how exciting that was, but it is 
our job, on the committee, and your jobs, as the head of your 
agencies, to make sure that we can do it all. I believe in this 
Nation we can.
    I know we have talked about every different thing that we 
possibly could. We do thank you for your endurance. I just want 
to go back for just a minute to testing for accuracy and any 
biases. Could you tell me who sets the minimum standards for 
this particular program, like, who decides what testing is done 
for accuracy or bias, is conducted before deploying the 
technology? How do you get that baseline and say that this 
technology, we have done the testing, we have spoken to the 
stakeholders, we are ready for prime time now? Understanding, 
as I believe you said earlier, that we are always fine-tuning 
and going back and checking up, but who sets the original kind-
of standards before deployment? What is acceptable and 
unacceptable? Mr. Wagner, we will start with you.
    Mr. Wagner. Sure. So we would do that internally. We would 
determine what constitutes a match versus a nonmatch to a 
photo. We would evaluate this with our DHS Science and 
Technology Department. We would do it in consultation with 
NIST. We do it in consultation with experts from the industry 
and the vendors of this equipment. We have partnered with NIST, 
and starting this summer into the fall, we will be deeply 
analyzing the results of our data to make sure that we are not 
seeing those error rates that are attributable to a certain 
demographic. We are not seeing it from our internal review of 
it, but we want to make sure, so we are bringing the experts in 
to make sure----
    Mrs. Demings. Right. So you are saying it is a perception 
that there is an increased error rate among people of color, or 
have we seen some data, although not significant, to show that?
    Mr. Wagner. I think the studies that have shown there were 
these biases in it had different control factors than how we 
are using this program. No one has really studied the way that 
we are implementing this using those same control factors on 
how we are doing it, and I would expect them to get the similar 
results as to we are seeing.
    Mrs. Demings. Mr. Gould, can you----
    Mr. Gould. Ma'am, from a TSA perspective, we work very 
closely with the DHS Science and Technology Director as well. 
They inform our test plans and how we collect data on the 
biometric pilots and how well they are working, and then they 
analyze that data on our behalf. So we really do rely on them 
for their semi-independent and very, very accurate assessments 
of our capability.
    Then, like CBP, we rely on our friends at NIST as well to, 
you know, really set the standards and say how well the 
algorithms are actually working.
    Mrs. Demings. So when you decide--Mr. Chairman, if I could 
just--when you decide that this--we are ready for deployment, 
this technology, based on the testing we have done, is ready 
for prime time, who makes that decision? Is it a collective 
effort between the different people that you work with, or do 
you decide that individually based on the feedback that you 
receive?
    Mr. Wagner. We would decide that for our agency, because it 
is our responsibility. The officer's determination, you match 
your passport, and if I use a tool or an algorithm to help me 
make that decision, at the end of the day, it is still my 
judgment to do that. So we would evaluate this to say, is this 
helpful to the officer making that determination, that this 
document corresponds to that person.
    Mrs. Demings. OK.
    Mr. Gould. One thing I would add to your original point, 
for us, the main reason to do this is increased--better 
identity verification, right, and the secure enhancements that 
are associated with that. Getting people through the checkpoint 
more quickly, like you said, is kind of icing on the cake. But 
better security through using this technology is really, really 
key to us. If the algorithms and the match rates are not 
acceptable, if we are not enhancing security, then we will not 
deploy it, but that decision would be made internal at the TSA.
    Mrs. Demings. Thank you, Mr. Chair.
    I yield back.
    Mr. Payne. I thank the gentlelady, and I just--probably due 
to the time, I will dispense with my questions, but I would 
just like to say that obviously based on the questioning from 
the Members of Congress, you can get a feeling on where we are 
concerned about issues around privacy, around equality, and 
making sure that the American people and the traveling public 
is safe. So we need to continue to evolve, and we know that 
Homeland Security has been an evolving, living, breathing 
entity that continues to have to see and recognize issues, try 
to curtail them, and rectify matters that are important to the 
American people.
    So I would just like to say, thank you for your service in 
TSA, CBP. Your jobs, all of you actually, Secret Service, are 
doing a yeoman's job for this Nation, and we appreciate your 
service and your time here today, so thank you.
    With that, the hearing is adjourned.
    [Whereupon, at 12:18 p.m., the committee was adjourned.]