[House Hearing, 117 Congress]
[From the U.S. Government Publishing Office]
ASSESSING CBP'S USE OF FACIAL RECOGNITION
TECHNOLOGY
=======================================================================
HEARING
BEFORE THE
SUBCOMMITTEE ON
BORDER SECURITY, FACILITATION,
AND OPERATIONS
OF THE
COMMITTEE ON HOMELAND SECURITY
HOUSE OF REPRESENTATIVES
ONE HUNDRED SEVENTEENTH CONGRESS
SECOND SESSION
__________
JULY 27, 2022
__________
Serial No. 117-68
__________
Printed for the use of the Committee on Homeland Security
[GRAPHIC NOT AVAILABLE IN TIFF FORMAT]
Available via the World Wide Web: http://www.govinfo.gov
__________
U.S. GOVERNMENT PUBLISHING OFFICE
49-891 PDF WASHINGTON : 2022
-----------------------------------------------------------------------------------
COMMITTEE ON HOMELAND SECURITY
Bennie G. Thompson, Mississippi, Chairman
Sheila Jackson Lee, Texas John Katko, New York
James R. Langevin, Rhode Island Michael T. McCaul, Texas
Donald M. Payne, Jr., New Jersey Clay Higgins, Louisiana
J. Luis Correa, California Michael Guest, Mississippi
Elissa Slotkin, Michigan Dan Bishop, North Carolina
Emanuel Cleaver, Missouri Jefferson Van Drew, New Jersey
Al Green, Texas Mariannette Miller-Meeks, Iowa
Yvette D. Clarke, New York Diana Harshbarger, Tennessee
Eric Swalwell, California Andrew S. Clyde, Georgia
Dina Titus, Nevada Carlos A. Gimenez, Florida
Bonnie Watson Coleman, New Jersey Jake LaTurner, Kansas
Kathleen M. Rice, New York Peter Meijer, Michigan
Val Butler Demings, Florida Kat Cammack, Florida
Nanette Diaz Barragan, California August Pfluger, Texas
Josh Gottheimer, New Jersey Andrew R. Garbarino, New York
Elaine G. Luria, Virginia Mayra Flores, Texas
Tom Malinowski, New Jersey
Ritchie Torres, New York
Hope Goins, Staff Director
Daniel Kroese, Minority Staff Director
Natalie Nixon, Clerk
------
SUBCOMMITTEE ON BORDER SECURITY, FACILITATION, AND OPERATIONS
Nanette Diaz Barragan, California, Chairwoman
J. Luis Correa, California Clay Higgins, Louisiana, Ranking
Emanuel Cleaver, Missouri Member
Al Green, Texas Dan Bishop, North Carolina
Yvette D. Clarke, New York Andrew S. Clyde, Georgia
Bennie G. Thompson, Mississippi (ex Mayra Flores, Texas
officio) John Katko, New York (ex officio)
Brieana Marticorena, Subcommittee Staff Director
Natasha Eby, Minority Subcommittee Staff Director
Zachary Wood, Subcommittee Clerk
C O N T E N T S
----------
Page
Statements
The Honorable Nanette Diaz Barragan, a Representative in Congress
From the State of California, and Chairwoman, Subcommittee on
Border Security, Facilitation, and Operations:
Oral Statement................................................. 1
Prepared Statement............................................. 2
The Honorable Clay Higgins, a Representative in Congress From the
State of Louisiana, and Ranking Member, Subcommittee on Border
Security, Facilitation, and Operations......................... 3
The Honorable Bennie G. Thompson, a Representative in Congress
From the State of Mississippi, and Chairman, Committee on
Homeland Security:
Prepared Statement............................................. 7
Witnesses
Ms. Rebecca Gambler, Director, Homeland Security and Justice,
U.S. Government Accountability Office (GAO):
Oral Statement................................................. 8
Prepared Statement............................................. 10
Mr. Jeramie D. Scott, Senior Counsel, Electronic Privacy
Information Center (EPIC):
Oral Statement................................................. 21
Prepared Statement............................................. 22
Ms. Nicol Turner Lee, PhD, Director, The Center for Technology
Innovation (CTI), The Brookings Institution:
Oral Statement................................................. 32
Prepared Statement............................................. 33
Mr. Daniel P. Tanciar, Chief Innovation Officer, Pangiam:
Oral Statement................................................. 44
Prepared Statement............................................. 46
For the Record
The Honorable Clay Higgins, a Representative in Congress From the
State of Louisiana, and Ranking Member, Subcommittee on Border
Security, Facilitation, and Operations:
Letter, Security Industry Association.......................... 4
Letter, Airlines for America................................... 5
ASSESSING CBP'S USE OF FACIAL RECOGNITION TECHNOLOGY
----------
Wednesday, July 27, 2022
U.S. House of Representatives,
Committee on Homeland Security,
Subcommittee on Border Security,
Facilitation, and Operations,
Washington, DC.
The subcommittee met, pursuant to notice, at 2 p.m., in
room 310, Cannon House Office Building, Hon. Nanette Diaz
Barragan [Chairwoman of the Subcommittee] presiding.
Present: Representatives Barragan, Cleaver, Clarke,
Higgins, and Flores.
Chairwoman Barragan. The Subcommittee on Border Security
Facilitation and Operations will come to order. Thank you for
joining today's hearing to assess U.S. Customs and Border
Protection's use of facial recognition technology. CBP tested
several types of biometric technologies, including hand-held
fingerprint scanning devices and iris scanning, before deciding
to pursue facial recognition technology as its biometric
capability. Facial recognition technology uses a computer
algorithm to compare a picture taken in person at the airport
or other border checkpoints to the traveler's passport picture
or visa.
This technology cannot only be a powerful tool for homeland
security, but can also help facilitate travel. However, the use
of facial recognition technology raises questions about data
privacy and how passengers' information is used and stored. It
also raises questions about the adequacy of the oversight
mechanisms in place. For example, although CBP policy does not
allow airlines and partners to store passengers' photos, the
agency does not have a robust system for conducting audits.
These audits are vital to building public trust.
Proper oversight ensures that biometric data gathered in
airports is not monetized by private industry or kept in
industry databases. Potential bias in identification is also a
significant concern, particularly when a technology affects
various races, age groups, and gender differently.
In 2019, a National Institute of Standards and Technology,
NIST, report found that Asian and African American faces were
10 to 100 times more likely to be misidentified than white
faces. The report also found that children and elderly people
were more likely to be misidentified than middle-aged people,
and women were more likely to be misidentified than men. NIST
also found that the best-performing algorithms had undetectable
differences in performance across demographic groups. Though
this sounds promising, the report tested algorithms, not the
system as a whole. These systems include the environment where
the technology is deployed and the cameras that capture facial
images. Lighting and image quality can have a significant
impact on the success of the technology.
We have also heard concerns about potential mission creep
in the Department's use of biometric data. Current authorized
uses are set by policy and guidance, which are more open to
change than laws, rules, and regulations. Understanding CBP's
use of facial recognition technology and the issues and
concerns surrounding its use is crucial to our responsibility
to conduct oversight.
Two weeks ago, Members of this subcommittee were briefed by
Government officials from Customs and Border Protection, the
Department of Homeland Security's Office of Civil Rights and
Civil Liberties, and the National Institute of Standards and
Technology on CBP's use of facial recognition technology and
the safeguards in place to protect privacy. The briefing served
as an opportunity for Members to learn more about the
technology and how it is being deployed.
It was also an opportunity for Members to ask questions and
raise concerns regarding privacy and bias. During the briefing,
we learned that Simplified Arrival has been rolled out with
facial recognition technology in all U.S. international
airports. This is the system travelers use when entering the
United States.
We also learned that biometric exit systems using facial
recognition are active in only 26 airports. CBP continues to
expand the use of facial recognition technology across airports
as well as sea and land ports of entry.
Today, we will have the opportunity to continue our
conversation on CBP's use of facial recognition technology with
experts from the U.S. Government Accountability Office, the
Electronic Privacy Information Center, the Brookings
Institution, and Pangiam. Did I say that right, Pangiam? Our
witnesses will discuss CGP's deployment of facial recognition
technology as well as the implications related to accuracy,
bias, and privacy in verifying traveler identities.
I look forward to a frank conversation on CBP's use of
facial recognition technology and how Congress can conduct
meaningful oversight.
With that, the Chair now recognizes the Ranking Member of
the subcommittee, Mr. Higgins of Louisiana, for an opening
statement.
[The statement of Chairwoman Barragan follows:]
Statement of Chairwoman Nanette Barragan
July 27, 2022
CBP tested several types of biometric technologies, including
handheld fingerprint-scanning devices and iris scanning, before
deciding to pursue facial recognition technology as its biometric
capability. Facial recognition technology uses a computer algorithm to
compare a picture taken in person at the airport or other border
checkpoints to the traveler's passport picture or visa.
This technology cannot only be a powerful tool for homeland
security but can also help facilitate travel. However, the use of
facial recognition technology raises questions about data privacy and
how passengers' information is used and stored. It also raises
questions about the adequacy of the oversight mechanisms in place. For
example, although CBP policy does not allow airlines and partners to
store passengers' photos, the agency does not have a robust system for
conducting audits.
These audits are vital to building public trust. Proper oversight
ensures that biometric data gathered in airports is not monetized by
private industry or kept in industry databases. Potential bias in
identification is also a significant concern, particularly when a
technology affects various races, age groups, and genders differently.
In 2019, a National Institute of Standards and Technology (NIST)
report found that Asian and African American faces were 10 to 100 times
more likely to be misidentified than white faces. The report also found
that children and elderly people were more likely to be misidentified
than middle-aged people, and women were more likely to be misidentified
than men. NIST also found that the best-performing algorithms had
``undetectable'' differences in performance across demographic groups.
Though this sounds promising, the report tested algorithms, not the
system as a whole. These systems include the environment where the
technology is deployed and the cameras that capture facial images.
Lighting and image quality can have a significant impact on the success
of the technology.
We've also heard concerns about potential ``mission creep'' in the
Department's use of biometric data. Current authorized uses are set by
policy and guidance, which are more open to change than laws, rules,
and regulations. Understanding CBP's use of facial recognition
technology and the issues and concerns surrounding its use is crucial
to our responsibility to conduct oversight.
Two weeks ago, Members of the subcommittee were briefed by
Government officials from Customs and Border Protection, the Department
of Homeland Security's Office of Civil Rights and Civil Liberties, and
the National Institute of Standards and Technology on CBP's use of
facial recognition technology and the safeguards in place to protect
privacy. The briefing served as an opportunity for Members to learn
more about the technology and how it is being deployed. It was also an
opportunity for Members to ask questions and raise concerns regarding
privacy and bias. During the briefing, we learned that Simplified
Arrival has been rolled out with facial recognition technology in all
U.S. international airports. This is the system travelers use when
entering the United States. We also learned that biometric exit systems
using facial recognition are active in only 26 airports. CBP continues
to expand the use of facial recognition technology across airports, as
well as at sea and land ports of entry.
Today, we will have the opportunity to continue our conversation on
CBP's use of facial recognition technology with experts from the U.S.
Government Accountability Office (GAO), the Electronic Privacy
Information Center (EPIC), the Brookings Institution, and Pangiam. Our
witnesses will discuss CBP's deployment of facial recognition
technology as well as the implications related to accuracy, bias, and
privacy in verifying traveler identities.
Mr. Higgins. Thank you, Madam Chair, for holding today's
hearing. I also thank our witnesses for appearing before us
today. I thank my colleagues for attending in person or
virtually.
This is a topic that Republicans and Democrats are not that
far apart on. The final yards of this struggle seem to be
challenging, but facial recognition technology is certainly an
emerging asset in this digital realm and wherein it can be
properly deployed and effectively deployed to help our Nation
protect its sovereignty and protect our travelers in their
journeys. We are moving effectively forward through
Congressional oversight on this committee to determine exactly
in what manner shall Congress embrace this technology. I think
it is a pretty much accepted conclusion that it is an effective
asset that we should embrace and use, but with proper
restraints and controls.
Madam Chair, I have a letter to this committee from the
Security Industry Association regarding the effectiveness of
facial recognition technology, a letter to the committee from
Airlines for America essentially stating the same, and a report
from the National Institute of Standards and Technology through
the U.S. Department of Commerce* regarding biometric service
systems and their efficiency I would like to submit for the
record.
---------------------------------------------------------------------------
* The report has been retained in committee files and is available
at https://doi.org/10.6028/NIST.IR.8381.
---------------------------------------------------------------------------
Chairwoman Barragan. Without objection.
[The information follows:]
July 27, 2022.
The Honorable Nanette Barragan,
Chairwoman, Subcommittee on Border Security, Facilitation & Operations,
House Committee on Homeland Security, 2246 Rayburn House Office
Building, Washington, DC 20515.
The Honorable Clay Higgins,
Ranking Member, Subcommittee on Border Security, Facilitation &
Operations, House Committee on Homeland Security, 572 Cannon
House Office Building, Washington, DC 20515.
Dear Chairwoman Barragan and Ranking Member Higgins: On behalf of
the Security Industry Association (SIA), thank you for holding a
hearing on U.S. Customs and Border Protection's (CBP's) use of facial
recognition technologies.
SIA represents over 1,000 companies that provide technology
solutions vital to bolstering National security, promoting public
safety, and protecting information and critical infrastructure. SIA
believes all technologies, including facial recognition technologies,
must only be used for purposes that are lawful and ethical, and SIA has
published principles to promote the responsible and effective use of
facial recognition technologies.
The benefits of facial recognition technologies are proven and
growing across a wide range of use cases and functional applications.
In the United States, facial recognition technologies have helped
detect identity fraud that fuels other criminal activity, find and
rescue human trafficking victims, thwart potential terrorist attacks,
solve hate crimes, and crack cold cases.\1\ Furthermore, as previous
hearings have established, the Department of Homeland Security's
(DHS's) use of facial recognition technologies helps promote national
security and public safety and helps enable smoother and more efficient
travel in a privacy-protective manner.\2\ CBP has deployed facial
recognition technologies at 238 airports for air entry (including all
international airports in the U.S. and all 14 Preclearance locations
worldwide), 32 airports for air departure, 26 seaports, and all
pedestrian lanes at ports of entry along the northern and southern land
borders.\3\ Through the use of highly accurate facial recognition
technologies, CBP has processed over 193 million travelers, confirmed
more than 163,000 visa overstays, and prevented over 1,500 imposters
from entering the United States at air and land ports under false
identities.
---------------------------------------------------------------------------
\1\ For more information, see https://www.securityindustry.org/
2020/07/16/facial-recognition-success-stories-showcase-positive-use-
cases-of-the-technology/.
\2\ During the February 6, 2020, House Committee on Homeland
Security hearing entitled ``About Face: Examining the Department of
Homeland Security's Use of Facial Recognition and Other Biometric
Technologies, Part II,'' Representative Walker asked John Wagner, the
witness from Customs and Border Protection, if it was ``true that the
Biometric Entry/Exit system uses less personally identifiable
information than the current system that we have in place?'' Mr. Wagner
responded, ``Yes, because currently . . . you're exposing your name,
your date of birth, your passport number, your place of birth--all the
information on your passport page . . . You're disclosing it to a
person who doesn't actually need to know all of that additional
information versus standing in front of a camera with no identifiable
information other than your face, which they can already see--and your
picture is taken, and on the screen comes a green checkmark and that
person now knows you've been validated by the Government record to
proceed. So you're sharing actually, less information in this
instance.''
\3\ https://biometrics.cbp.gov/.
---------------------------------------------------------------------------
Algorithm testing by the National Institute of Standards and
Technology (NIST) and full system testing by the Department of Homeland
Security's Science & Technology Directorate (DHS S&T) show that facial
recognition technologies are rapidly becoming more and more accurate--
often achieving accuracy rates >99 percent \4\--and DHS's facial
recognition technology providers continue to rank among the most
accurate in these tests. NIST's December 2019 FRVT Part 3: Demographic
Effects report found that a version of the algorithm that DHS currently
deploys had ``undetectable'' false positive error rate differentials
across demographic groups based on skin tone and sex,\5\ and CBP has
testified that it does not see demographic-based error rates in its
operations.\6\ Furthermore, a September 2020 report by the Government
Accountability Office found that air exit, which is part of the
Congressionally-mandated Biometric Entry-Exit program, ``met or
exceeded its two accuracy requirements--specifically, for the true and
false acceptance rates.''\7\
---------------------------------------------------------------------------
\4\ https://pages.nist.gov/frvt/html/frvt1N.html; https://mdtf.org/
Rally2021/Results2021.
\5\ National Institute of Standards and Technology, Face
Recognition Vendor Test (FRVT) Part 3: Demographic Effects (NISTIR
8280), p. 8, https://nvlpubs.nist.gov/nistpubs/ir/2019/
NIST.IR.8280.pdf.
\6\ During the February 6, 2020, House Committee on Homeland
Security hearing, John Wagner said, ``Well, again, we're using a high-
performing algorithm that we're not seeing those demographic-based
error rates.''
\7\ Government Accountability Office, CBP and TSA are Taking Steps
to Implement Programs, but CBP Should Address Privacy and System
Performance Issues, GAO-20-568 (September 2020), p. 51, https://
www.gao.gov/assets/gao-20-568.pdf.
---------------------------------------------------------------------------
SIA recognizes and commends the benefits that DHS's use of facial
recognition technologies has already produced. We also understand that
legislation governing the Federal Government's procurement and use of
facial recognition technologies could help build public trust and
provide additional safeguards, and we support efforts to develop use-
case-specific legislation that helps mitigate the risks and promote the
numerous, wide-ranging benefits that facial recognition technologies
can produce. Before considering legislation that would impact the use
of facial recognition technologies, we encourage Members to review
SIA's facial recognition technology resources, including Principles for
the Responsible and Effective Use of Facial Recognition Technology,
What NIST Data Shows About Facial Recognition and Demographics, and
Face Facts: How Facial Recognition Makes Us Safer & the Dangers of a
Blanket Ban.
SIA and our members appreciate and welcome opportunities to
contribute to the on-going dialog about facial recognition technologies
and associated policy issues and governance approaches. Please let us
know if there is any way we can be of assistance as you continue to
examine these issues.
Sincerely,
Don Erickson,
CEO, Security Industry Association.
______
July 26, 2022
The Honorable Nanette Barragan,
Chairwoman, Subcommittee on Border Security, Facilitation, &
Operations, House Committee on Homeland Security, U.S. House of
Representatives, 2246 Rayburn House Office Building,
Washington, DC 20515.
The Honorable Clay Higgins,
Ranking Member, Subcommittee on Border Security, Facilitation, &
Operations, House Committee on Homeland Security, U.S. House of
Representatives, 572 Cannon House Office Building, Washington,
DC 20515.
Dear Chairwoman Barragan and Ranking Member Higgins: On behalf of
our member carriers, Airlines for America (A4A) appreciates the
opportunity to provide our perspective on facial recognition
technology. Identity verification is a cornerstone of aviation security
and facilitation, and our member airlines \1\ have worked closely with
the Department of Homeland Security (DHS) for over 10 years to support
evaluation, testing, and fielding of biometric technologies including
facial recognition. The principal goals of this technology are to
enhance security and improve the passenger experience while ensuring
the highest levels of privacy and transparency.
---------------------------------------------------------------------------
\1\ A4A is the principal trade and service organization of the U.S.
scheduled airline industry. Members of the association are Alaska
Airlines, Inc.; American Airlines Group, Inc.; Atlas Air, Inc.; Delta
Air Lines, Inc., Federal Express Corporation; Hawaiian Airlines;
JetBlue Airways Corp.; Southwest Airlines Co.; United Holdings, Inc.;
and United Parcel Service Co. Air Canada is an associate member.
---------------------------------------------------------------------------
As you are aware, U.S. Customs and Border Protection (CBP) is
implementing facial recognition technology to comply with the
congressional mandate to develop a biometric air entry/exit program for
arriving and departing international air passengers. The Transportation
Security Administration (TSA) is also evaluating facial recognition for
identity verification at security checkpoints. It is critical to
consider the unique use case of facial recognition technology in the
air travel environment, as these tools simply automate a mandatory
manual process.
Airlines serve customers globally. We recognize the importance of
accuracy in facial recognition algorithmic performance across all
ethnicities and genders. Inaccuracy rates, even at small percentages,
have outsized impacts on populations as large and diverse as air travel
passengers. False negatives and false positives in the air travel
environment can undermine the government's ability to fulfill its
security mission, undercut carriers' ability to confer benefits and
facilitate the passenger experience and tax operational resources for
government and industry alike. High inaccuracy rates, therefore, do not
scale for the security or airline use cases for biometrics.
We are therefore encouraged by the tremendous technological strides
in industry and the commitment of our DHS partners to ensuring accuracy
in facial matching. A 2019 National Institute of Standards and
Technology (NIST) report on the performance of facial recognition
algorithms across different demographic groups shows that the
development of this technology is already highly accurate and
improving.\2\ The most accurate algorithms achieved greater accuracy
than humans. Algorithms refined during the pandemic showed increased
matching rates of masked passengers to the pre-pandemic algorithms,
according to NIST.\3\ We applaud the facial recognition industry's
rapid adaptability and overall commitment to continuous improvement.
---------------------------------------------------------------------------
\2\ Grother, P., Ngan, M., and Hanaoka, K. (2019). Face Recognition
Vendor Test (FRVT) Part 3: Demographic Effects. NIST.IR 8280. Available
at: https://nvlpubs.nist.gov/nistpubs/ir/2019/NIST.IR.8280.pdf.
\3\ Ngan, M., Grother, P. and Hanaoka, K. (2020), Ongoing Face
Recognition Vendor Test (FRVT) Part 6B: Face recognition accuracy with
face masks using post-COVID-19 algorithms. NIST.IR.8331. Available at:
https://doi.org/10.6028/NIST.IR.8331.
---------------------------------------------------------------------------
Privacy and security of our passengers' biometric data is also of
the utmost concern. Automated facial matching has privacy and data
security protections built in to protect the biometric information in-
transit and at-rest. As required by DHS when using DHS matching
capability, photos taken for the purpose of automated facial matching
are purged by air carriers following their secure verification by DHS.
Airline connections to secure, encrypted DHS systems for verification
ensure passenger data is protected in-transit.
We work with DHS to educate passengers on how the technology is
used and which personal data elements are shared or stored. All these
steps are key to encourage passenger acceptance and to achieve
operational benefits of facial recognition technology.
While we believe the privacy protections currently in place are
effective, we will continue to work with the DHS, CBP, TSA, and our
passengers to ensure the highest levels of privacy. Airlines already
collect and transmit biographic data to DHS to comply with Federal
security requirements, so we have experience.
We commend CBP for moving forward with the deployment of Simplified
Arrival at all major airports of entry during the pandemic. As
international arrivals continue to increase, Simplified Arrival is
helping to prevent congestion and long lines within the Federal
Inspection Station (FIS) during peak arrival times. Additionally, we
applaud CBP's deployment of facial recognition technology for the
Global Entry Trusted Traveler program. Upgrading the Global Entry
kiosks to eliminate the need to provide fingerprints and rely on facial
recognition technology has also helped to prevent congestion.
We value our ongoing collaboration with DHS as the Department and
its component agencies further deploy facial recognition technology in
air travel to improve our nation's security. We recognize this is an
area of rapidly changing technology and public acceptance and we look
forward to working with Congress and the Administration to continue to
make our nation's aviation system even more secure while improving the
passenger experience.
Sincerely,
Lauren Beyer,
Vice President, Security and Facilitation.
Mr. Higgins. Thank you, Madam Chair. Over the last several
years, biometric technology has improved significantly. We all
recognize this, the technological advance of facial recognition
tech should not be a surprised. Most of us here do not have the
same iPhone in our pocket that we had 2 or 3 years ago, much
less 10 years ago. So, some of the challenges and algorithm
issues and recognition concerns that originally became part of
the narrative of facial recognition technology were completely
reasonable assessments of the technology at the time. But the
industry has advanced the tech and it is an effective tool.
Our border agents who are not with us today, though they
should be, have asked for this technology to help them not just
with recognition, but with streamlining the entry process. At
our ports of entry it is not uncommon that you have foot
traffic that comes across from Mexico. These are Mexican
citizens that have earned their living by essentially shopping
for their neighbors in their community. They walk across. I
have been there and visited with them and the bottom line is
that as the cartels have strengthened their criminal efforts,
their trafficking at the border, the United States has been
forced to respond with more stringent vetting at our ports of
entry, including the foot traffic that comes across.
These are just, you know, squared away, law-abiding Mexican
citizens that are earning a little living shopping for their
neighbors and friends. They walk across, they buy some stuff,
they go back. But because the vetting is required to be more
stringent due to the cartels' criminal operations, the lines
take longer, so they can only make--it may be a line for 4
hours now whereas years ago you were only in line for maybe 45
minutes. So, they can only make maybe 1 or 2 trips a day
instead of 3 or 4. So, it has had an economic impact on our
fellow children of God and our neighbors across the border.
Facial recognition technology could absolutely be deployed
to those ports of entry where the foot traffic coming through
would roll right through. If they were not recognized, then
they would be pulled from the line, or they had a random check,
they would go through the human verification that is currently
a requirement.
So, the deployment of this technology is something that we
should carefully consider and control and we should also
embrace and recognize that it has advanced tremendously since
its introduction and our awareness of it over the course of the
last decade.
Madam Chair, I thank you for holding this hearing and I
look forward to questioning the panelists today.
Chairwoman Barragan. Thank you, Mr. Ranking Member. Other
Members are reminded that stateents may be submitted for the
record.
[The statement of Chairman Bennie G. Thompson follows:]
Statement of Chairman Bennie G. Thompson
July 27, 2022
Today's discussion is an opportunity to better understand how CBP
uses facial recognition technology to secure the homeland and the
measures or policies in place to ensure people's privacy is protected.
It is also an important opportunity to further understand the concerns
surrounding bias in the use of the technology. The committee has
followed this topic closely for a long time.
In 2019 and 2020, we held hearings with representatives from CBP,
the Transportation Security Administration, the DHS Office of Civil
Rights and Civil Liberties, the U.S. Secret Service, as well as the
National Institute of Standards and Technology. At that time, several
DHS components were in the process of expanding their use of facial
recognition technology. These two hearings provided insight into the
Department's plan to use biometric technology to automate traveler
processing while increasing security. Facial recognition technology has
improved since then.
Industry continues to enhance the accuracy, speed, and performance
of the systems and algorithms used by the Federal Government. DHS has
also significantly expanded its rollout. CBP has now fully deployed
facial recognition technology for travelers entering the United States
at all international airports. In addition, 26 airports are now using
this technology for individuals departing the United States. Despite
these advances, concerns regarding privacy and bias remain.
I am troubled that CBP has not yet ensured that travelers are
appropriately notified of their ability to opt out of using the facial
recognition technology. I visited a biometric exit gate in Las Vegas
earlier this year, and no such signage was present. CBP and airport
stakeholders must post proper signage notifying travelers of their
ability to opt out. CBP must also ensure that facial recognition
systems and algorithms do not lead to biased outcomes based on the
race, gender, or age.
As facial biometric technology becomes more common, we must
continue to examine the agency's implementation and implications of its
use. Our witnesses today have closely tracked CBP's deployment of
facial recognition technology. I look forward to their insights about
the issues surrounding CBP's current and future plans for this
technology.
Chairwoman Barragan. I now would like to welcome our panel
of witnesses.
Rebecca Gambler is the director of the Government
Accountability Office's Homeland Security and Justice team. In
her role Ms. Gambler leads GAO's work on a myriad of topics,
including border security efforts and technology deployments
along the Southern Border.
Jeramie Scott is senior counsel at the Electronic Privacy
Information Center. Mr. Scott's work focuses on the nexus
between surveillance technology such as facial recognition
technology and privacy issues. He is with us remotely.
Nichol Turner Lee is the director of the Center for
Technology Innovation at The Brookings Institution. Dr. Turner
Lee is an expert in the intersection of race, wealth, and
technology within the context of civic engagement, criminal
justice, and economic development. She is also with us
remotely.
Daniel Tanciar is the chief innovation officer at Pangiam.
He previously served as the executive director of planning,
program analysis, and evaluation in the Office of Field
Operations, Customs and Border Protection, where he helped
advance CBP's biometric exit and entry system.
Without objection, the witnesses' full statements will be
inserted into the record.
I now will ask each witness to summarize his or her
statement for 5 minutes beginning with Ms. Rebecca Gambler.
STATEMENT OF REBECCA GAMBLER, DIRECTOR, HOMELAND SECURITY AND
JUSTICE, U.S. GOVERNMENT ACCOUNTABILITY OFFICE (GAO)
Ms. Gambler. Good afternoon, Chairwoman Barragan, Ranking
Member Higgins, and Members of the subcommittee. Thank you for
the opportunity to testify at today's hearing to discuss GAO's
work on CBP's use of facial recognition technology at ports of
entry as part of its biometric entry/exit program.
Beginning in 1996, a series of Federal laws has required
CBP to develop and implement a biometric entry-exit system to
match arrival and departure records of foreign nationalists.
Since 2004, CBP has implemented a biometric entry system.
However, we have identified long-standing challenges to CBP
developing and deploying a biometric exit capability.
Over the years, CBP has tested various biometric
technologies to determine which type of technology could be
deployed on a large scale without disrupting travel and trade.
Based on the results of its testing, CBP concluded that facial
recognition technology was the most operationally feasible and
traveler-friendly option.
CBP has partnered with airlines and airports to deploy
facial recognition technology to at least one gate at 32
airports for travelers exiting the United States and at all
airports for travelers entering the country. It has also
deployed the technology at 26 seaports for travelers entering
the United States. At land ports of entry CBP has deployed
facial recognition technology at all 159 land ports for
pedestrians entering the United States, and is in the early
stages of pilot testing the technology for other areas of the
land environment.
GAO has issued numerous reports on CBP's efforts to develop
and deploy a biometric entry-exit system. Today I will
summarize our most recent report on this topic from September
2020, which focused on CBP's use of facial recognition
technology. In particular, I will highlight two key findings
from that report.
First, CBP's Biometric Entry-Exit Program has incorporated
some privacy principles by, for example, prohibiting partners
like air carriers from storing travelers' photos and providing
public notices on privacy protections. However, CBP notices
have not always been current, complete, or available, and have
provided limited information on how to request to opt out of
facial recognition. For example, at the time of our review,
CBP's public website on the program did not accurately reflect
the locations where CBP used or tested facial recognition
technology. Therefore, travelers who check the website would
not see a complete list of locations where they may encounter
the technology.
In another example, during one of our airport visits, an
airline was using facial recognition technology at a gate, but
there were no privacy signs posted. Further, while CBP allows
eligible travelers to request to opt out of facial recognition
identity verification, the CBP notices we observed provided
limited information on the process for opting out. We
recommended that CBP ensure its privacy notices contain
complete and current information, and that the privacy signage
is consistently available at all locations.
CBP implemented that first recommendation by, for example,
creating a new website that outlines the locations where CBP
uses facial recognition. For the second recommendation CBP has
reviewed its language on signs and is in the process of
updating them, but CBP needs to complete those efforts.
Second, CBP requires its commercial partners, contractors,
and vendors to follow CBP's data collection and privacy
requirements such as restrictions on retaining or using
traveler photos for their own use. CBP can conduct audits to
assess their compliance. However, at the time of our review CBP
had audited only one of its airline partners and did not have a
plan to ensure that all partners, contractors, and vendors are
audited for compliance.
We recommended that CBP develop and implement a plan to
conduct privacy audits at its commercial partners, contractors,
and vendors. Since our report, CBP has completed additional
audits of its airline partners and has others planned or under
way. This is positive, but CBP needs to complete those
assessments and audit partners in the sea and land environments
as well as vendors and contractors who have access to
personally identifiable information.
In closing, CBP has made progress in deploying facial
recognition for traveler identification and verification, and
is addressing some privacy considerations. But additional
action is needed to fully implement our remaining
recommendations and we will continue to monitor CBP's efforts
to address those recommendations.
This concludes my prepared statement and I am happy to
answer any questions the committee Members may have.
[The prepared statement of Ms. Gambler follows:]
Prepared Statement of Rebecca Gambler
Wednesday, July 27, 2022
gao highlights
Highlights of GAO-22-106154, a testimony before the Subcommittee on
Border Security, Facilitation, and Operations, Committee on Homeland
Security, House of Representatives.
Why GAO Did This Study
Within the Department of Homeland Security (DHS), CBP is charged
with the dual mission of facilitating legitimate travel and securing
U.S. borders. Federal laws require DHS to implement a biographic and
biometric data system for foreign nationals entering and exiting the
United States. In response, CBP has been pursuing FRT to verify a
traveler's identity in place of a visual inspection of travel
identification documents.
This statement addresses the extent to which CBP has: (1)
Incorporated privacy principles in and (2) assessed the accuracy and
performance of its use of FRT. This statement is based on a September
2020 report (GAO-20-568), along with updates as of July 2022 on actions
CBP has taken to address prior GAO recommendations. For that report,
GAO conducted site visits to observe CBP's use of FRT; reviewed program
documents; and interviewed DHS officials.
What GAO Recommends
In September 2020, GAO made five recommendations to CBP regarding
privacy and system performance of its FRT. DHS concurred with the
recommendations and has implemented two of them. CBP is taking steps to
address the remaining three recommendations related to: (1) Current and
complete privacy signage, (2) implementing an audit plan for its
program partners, and (3) capturing required traveler photos.
facial recognition technology.--cbp traveler identity verification and
efforts to address privacy issues
What GAO Found
U.S. Customs and Border Protection (CBP) has made progress testing
and deploying facial recognition technology (FRT) at air, sea, and land
ports of entry to create entry-exit records for foreign nationals as
part of its Biometric Entry-Exit Program. As of July 2022, CBP has
deployed FRT at 32 airports to biometrically confirm travelers'
identities as they depart the United States (air exit) and at all
airports for arriving international travelers.
In September 2020, GAO reported that CBP had incorporated privacy
principles in its program, such as prohibiting airlines from using
travelers' photos for their own purposes. However, CBP had not
consistently provided travelers with information about FRT locations.
Also, CBP's privacy signage provided limited information on how
travelers could request to opt out of FRT screening and were not always
posted. Since that time, CBP has ensured that privacy notices contain
complete information and is taking steps to ensure signage is more
consistently available, but needs to complete its efforts to update
signs in locations where FRT is used. Further, CBP requires its
commercial partners, such as airlines, to follow CBP's privacy
requirements and could audit partners to assess compliance. As of May
2020, CBP had audited one airline partner and did not have a plan to
ensure all partners were audited. In July 2022, CBP reported that it
has conducted five assessments of its air partners and has three
additional assessments under way. These are positive steps to help
ensure that air traveler information is safeguarded. However, CBP
should also audit other partners who have access to personally
identifiable information, including contractors and partners at land
and sea ports of entry.
CBP assessed the accuracy and performance of air exit FRT
capabilities through operational testing. Testing found that air exit
exceeded its accuracy goals but did not meet a performance goal to
capture 97 percent of traveler photos. As of July 2022, CBP officials
report that they are removing the photo capture goal because airline
participation in the program is voluntary and CBP does not have staff
to monitor the photo capture process at every gate.
Chairwoman Barragan, Ranking Member Higgins and Members of the
subcommittee: I am pleased to be here today to discuss our work on U.S.
Customs and Border Protection's (CBP) use of facial recognition
technology (FRT) at ports of entry.\1\ FRT has become increasingly
common across business and Government as a tool for identifying or
verifying customers or persons of interest. Within the Department of
Homeland Security (DHS), CBP is the lead Federal agency charged with
the dual mission of facilitating legitimate trade and travel at our
Nation's borders while also keeping terrorists and their weapons,
criminals and contraband, and other inadmissible individuals out of the
country. As part of this mission, Federal laws require DHS to implement
a biographic and biometric data system for foreign nationals entering
and exiting the United States. In response to these laws, CBP has been
pursuing FRT to automatically verify a traveler's identity in place of
a visual inspection of travel identification documents.\2\
Traditionally, CBP has relied on biographic information (i.e., name or
date of birth) on travel documents to verify that a traveler is who
they claim to be. According to CBP, automating the identity
verification process using FRT helps increase their ability to detect
fraudulent travel identification documents, as well as expedite
identity verification processes.
---------------------------------------------------------------------------
\1\ Ports of entry are facilities that provide for the controlled
entry into or departure from the United States. Specifically, a port of
entry is any officially designated location (seaport, airport, or land
border location) where CBP officers clear passengers, merchandise and
other items; collect duties; enforce customs laws; and inspect persons
entering or applying for admission into the United States pursuant to
U.S. immigration and travel controls.
\2\ Under 8 U.S.C. � 1365b(d), the entry and exit data system is to
require the collection of biometric exit data for all categories of
individuals who are required to provide such entry data, regardless of
the port of entry. For categories of individuals required to provide
biometric entry and departure data, see 8 C.F.R. �� 215.8 (DHS
authority to establish pilot programs at land ports and at up to 15 air
or sea ports, requiring biometric identifiers to be collected from
foreign nationals on departure from the United States) 235.1(f) (any
foreign national may be required to provide biometric identifiers on
entry, except certain Canadian tourists or businesspeople; foreign
nationals younger than 14 or older than 79; and diplomatic visa
holders, among other listed exemptions. Additionally, foreign nationals
required to provide biometric identifiers on entry may be subject to
departure requirements for biometrics under � 215.8, unless otherwise
exempted). We use the term foreign national in this statement to refer
to someone who does not have U.S. citizenship or nationality seeking
entry into the United States on a temporary basis pursuant to a
nonimmigrant category (i.e. foreign visitor), such as tourists,
diplomats, international students, or exchange visitors, among other
types of nonimmigrant travelers. Lawful permanent residents are also
in-scope for biometric collection and included in the definition of
foreign nationals.
---------------------------------------------------------------------------
CBP officers are responsible for inspecting international
travelers--including foreign nationals and U.S. citizens--arriving at
ports of entry. Officers review travelers' identification documents,
including passports, visas, or other entry permits, to verify their
identities; determine their admissibility to the United States; and
create entry records, among other things. Additionally, CBP is
responsible for confirming foreign national departures from the United
States to determine if their exit occurred by expiration of the
authorized period of stay as defined by their temporary status.
Beginning in 1996, a series of Federal laws were enacted to develop
and implement an entry-exit data system, which is to integrate
biographic and, since 2004, biometric records of foreign nationals
entering and exiting the country and identify overstays.\3\ Since 2004,
DHS has tracked foreign nationals' entries into the United States as
part of an effort to comply with legislative requirements and, since
December 2006, a biometric entry capability has been fully operational
at all air, sea, and land ports of entry. However, in previous reports
we have identified long-standing challenges to DHS developing and
deploying a biometric exit capability to create biometric records for
foreign nationals when they depart the country, such as differences in
logistics and infrastructure among ports of entry.\4\
---------------------------------------------------------------------------
\3\ 8 U.S.C. � 1365b, 8 C.F.R. Sec. � 215.8, 235.1. A foreign
national in the United States on a temporary basis who remains in the
country beyond their authorized period of admission is classified as an
overstay. A foreign national overstays by: (1) Failing to depart by the
status expiration date or completion of qualifying activity (plus any
time permitted for departure) without first obtaining an extension or
other valid immigration status or protection, or (2) violating the
terms and conditions of their visitor status at any point during their
stay. Certain individuals are allowed to seek admission without a visa,
such as citizens of Canada, as well as participants in the Visa Waiver
Program, through which nationals of certain countries may apply for
admission to the United States as temporary visitors for business or
pleasure without first obtaining a visa from a U.S. embassy or
consulate abroad. See 8 U.S.C. � 1187; 8 C.F.R. �� 212.1, 214.6(d),
217.1-217.7; 22 C.F.R. �� 41.0-41.3.
\4\ See, for example, GAO, Border Security: DHS Has Made Progress
in Planning for a Biometric Air Exit System and Reporting Overstays,
but Challenges Remain, GAO-17-170 (Washington, DC: Feb. 27, 2017) and
Border Security: Actions Needed by DHS to Address Long-Standing
Challenges in Planning for a Biometric Exit System, GAO-16-358T
(Washington, DC: Jan. 20, 2016).
---------------------------------------------------------------------------
To meet the requirement to implement a biometric exit capability,
over the years CBP has tested various biometric technologies in
different locations to determine which type of technology could be
deployed on a large scale without disrupting legitimate travel and
trade.\5\ Based on the results of its testing, CBP concluded that FRT
was the most operationally feasible and traveler-friendly option for a
comprehensive biometric solution for travelers departing the United
States, as well as those entering. Since then, CBP has prioritized
testing and deploying FRT for departing and arriving travelers at
airports (referred to, respectively, as air exit and air entry), with
seaports and land ports of entry to follow. These tests and deployments
are part of CBP's Biometric Entry-Exit Program.
---------------------------------------------------------------------------
\5\ Specifically, from 2014 to 2016, CBP tested facial recognition,
iris scanning, and mobile fingerprint readers in simulated operational
conditions at air and land ports of entry. CBP used the results from
each test to gauge the feasibility of real-time biometric
identification that is traveler-friendly and easy to deploy for travel
industry partners.
---------------------------------------------------------------------------
As of July 2022, CBP has partnered with airlines and airport
authorities to deploy FRT to at least one gate at 32 airports for
travelers exiting the United States (air exit) and to all airports for
travelers entering the United States (air entry), according to CBP
officials.\6\ With regard to the sea environment, CBP has deployed FRT
at 26 seaports for travelers entering the United States (sea entry).
With regard to the land environment, CBP has deployed FRT at all 159
land ports of entry for pedestrians entering the United States (land
entry), and is in the early stages of pilot testing FRT for travelers
entering the United States in vehicles and departing the United States
as pedestrians or in vehicles (land exit). Figure 1 shows examples of
cameras used for air exit facial recognition.
---------------------------------------------------------------------------
\6\ As of July 2022, CBP officials said that FRT was currently
deployed for air exit at 26 airports. There are an additional 6
airports where FRT was piloted or previously deployed, but where it is
not currently deployed or in use.
In September 2020, we reported on CBP's efforts to develop its FRT
capabilities at ports of entry, including the extent to which CBP
incorporated privacy protection principles and assessed the accuracy
and performance of its FRT.\7\ My statement today will summarize
information from that report, as well as actions CBP has taken, as of
July 2022, to address our recommendations from the report. To conduct
the work from the September 2020 report, we conducted site visits to
observe CBP's use of FRT in all three travel environments--air, land,
and sea; reviewed program documents; and interviewed DHS officials.
More detailed information on our objectives, scope, and methodology is
contained in our September 2020 report.
---------------------------------------------------------------------------
\7\ GAO, Facial Recognition: CBP and TSA Are Taking Steps to
Implement Programs, but CBP Should Address Privacy and System
Performance Issues, GAO-20-568 (Washington, DC: Sept. 2, 2020).
---------------------------------------------------------------------------
We conducted the work on which this statement is based in
accordance with generally accepted Government auditing standards. These
standards require that we plan and perform the audit to obtain
sufficient, appropriate evidence to provide a reasonable basis for our
findings and conclusions based on our audit objectives. We believe that
the evidence obtained provides a reasonable basis for our findings and
conclusions based on our audit objectives.
background
How Facial Recognition Technology Works
FRT uses an image or video of a person's face to identify them or
verify their identity. Facial recognition, like fingerprint-matching
technology, is a form of biometric identification that measures and
analyzes physical attributes unique to a person that can be collected,
stored, and used to confirm the identity of that person. FRT uses a
photo or a still from a video feed of a person and converts it into a
template, or a mathematical representation of the photo.\8\ For some
facial recognition functions, if the technology detects a face, a
matching algorithm then compares the template to a template from
another photo and calculates their similarity.\9\ Facial recognition
matching generally falls into one of two types: The first, known as
``one-to-many'' or ``1:N'' matching, compares a live photo against a
number (N) of photos in a gallery to determine if there is a match
(identification of a particular face among many photos). The second,
known as ``one-to-one'' or ``1:1'' matching, compares a live photo to
another photo of the same person (verification of a face against a
source photo, such as a passport photo).
---------------------------------------------------------------------------
\8\ Templates are generated according to the vendor-provided
algorithm, and it is very difficult, if not impossible, to convert back
to the original photo.
\9\ An algorithm is a set of rules that a computer or program
follows to compute an outcome. Private companies have developed
hundreds of facial recognition algorithms for a variety of uses. For
more information on the commercial use of FRT see GAO, Facial
Recognition Technology: Privacy and Accuracy Issues Related to
Commercial Uses, GAO-20-522 (Washington, DC: July 13, 2020).
---------------------------------------------------------------------------
In 2017, CBP developed and implemented the Traveler Verification
Service (TVS) as the facial recognition matching service for the
Biometric Entry-Exit Program. Since then, CBP has been deploying TVS in
segments based on the air, sea, and land travel environments at ports
of entry.\10\ TVS is a cloud-based service that uses an algorithm to
compare live photos against existing photos and is designed to perform
both 1:N and 1:1 facial recognition matching.
---------------------------------------------------------------------------
\10\ For example, beginning in 2017, CBP partnered with airlines
and airport authorities to deploy facial recognition for identity
verification at airport departure gates. CBP's program partners are
responsible for purchasing the cameras to capture facial images from
departing international travelers and facilitating the facial
recognition identity verification process at gates.
---------------------------------------------------------------------------
In the air and sea environments, CBP receives travelers' biographic
information in advance of travel through passenger manifests submitted
by aircraft operators and sea carriers. TVS searches DHS databases of
photos associated with travelers listed on the manifest and then
creates a pre-staged ``gallery'' of those photos.\11\ These may include
photos previously captured by CBP during entry inspections, photos from
U.S. passports and U.S. visas, or photos from other DHS encounters.
With 1:N matching, TVS compares a live photo of a traveler against
photos of multiple travelers in the pre-staged gallery. For 1:1
matching, TVS electronically compares a live photo of a traveler
against another photo of that traveler, such as a passport photo from
their travel documents. This type of matching can be used when CBP does
not have passenger manifest information or does not have an existing
photo available for matching. Figure 2 shows how TVS performs facial
matching.
---------------------------------------------------------------------------
\11\ According to CBP officials, CBP has also begun creating
galleries from commercial vehicle manifests at land ports of entry, as
well as testing the feasibility of creating galleries of frequent
border crossers.
cbp's biometric entry-exit program incorporates some privacy protection
principles, but privacy notices and audits are inconsistent
CBP's Privacy Notices to Inform the Public of Facial Recognition
Contained Limited Privacy Information and Were Not Consistently
Available
In our September 2020 report, we found that CBP's Biometric Entry-
Exit Program incorporated some privacy protection principles consistent
with the Fair Information Practice Principles DHS adopted, which serve
as the basis for DHS's privacy policy.\12\ For example, CBP's
commercial partners, such as air carriers, are prohibited from storing
or using travelers' photos for their own business purposes and can only
view a match/no match result, which relate to the data use limitation
principle. Further, CBP has published a Privacy Impact Assessment for
TVS that includes information on privacy protections, has a website for
the program, and provides on-site signage to notify travelers about
facial recognition, which relate to the transparency principle.
---------------------------------------------------------------------------
\12\ The Fair Information Practice Principles adopted by the DHS
chief privacy officer are the basis for DHS's privacy policy and
include the following 8 principles: Transparency, purpose
specification, individual participation, data minimization, use
limitation, security, data quality and integrity, and accountability
and auditing. DHS requires its components--including CBP--to comply
with the principles when using personally identifiable information. See
Department of Homeland Security, The Fair Information Practice
Principles: Framework for Privacy Policy at the Department of Homeland
Security, DHS Privacy Policy Guidance Memorandum 2008-01; and Privacy
Policy and Compliance, DHS Directive 047-01-001 (Washington, DC: July
25, 2011).
---------------------------------------------------------------------------
While CBP uses a variety of methods to provide privacy notices to
travelers about the Biometric Entry-Exit Program and the use of facial
recognition for traveler identification, in September 2020 we found
that CBP's privacy notices to inform the public were not always current
or complete, provided limited information on how to request to opt out
of facial recognition, and were not always available. In particular, we
identified limitations related to the completeness of information in
CBP's on-line resources and call center, outdated signs at airports,
information on opting out included in privacy notices, and placement of
signs at ports of entry. For example:
CBP on-line resources and call center had incomplete
information. We found that CBP's public website on the
Biometric Entry-Exit Program did not accurately reflect the
locations where CBP used or tested FRT. Therefore, travelers
who checked the website would not see a complete list of
locations where they may encounter FRT. In addition, CBP has a
call center for travel or customs questions. During five calls
we placed to the call center between November 1, 2019, and
January 1, 2020, we found the phone line was either not working
or the operator was not aware of the ports of entry where
facial recognition was in use or being tested.
Signs at airports contained outdated information. We found
that some signs at air exit locations (airport gates where
facial recognition is used for departing travelers) were
outdated, while others contained current information. For
example, during our visit to the Las Vegas McCarran
International Airport in September 2019, we saw one sign that
said photos of U.S. citizens would be held for up to 14 days,
and a second sign at a different gate that said photos would be
held for up to 12 hours (the correct information). The first
sign was an outdated notice, as CBP changed the data retention
period for photos of U.S. citizens in July 2018. However, CBP
had not replaced all of the signs at this airport with this new
information. CBP officials said that they try to update signs
when new guidance is issued but said that printing new signs is
costly and it is not practical to print and deploy a complete
set of new signs immediately after each change or update.
Notices provided limited information on opting out of facial
recognition identity verification. While CBP allows eligible
travelers to request to opt out of facial recognition identity
verification, the CBP notices we observed provided limited
information on the process for opting out. For example, CBP's
signs at airport facial recognition locations state that
travelers who do not want to have their photos taken should see
a CBP officer or a gate agent to ``request alternative
procedures for identity verification.'' However, the signs do
not state what those alternatives are or the consequences of
making such requests. In addition, CBP officers are typically
not present at airport gates, so including this information on
a sign could potentially be confusing to a traveler or make it
less likely they would request to opt out during air exit.
Signs were missing. We found that CBP signs at facial
recognition locations were not consistently posted or were
posted in such a way that they were not easily seen by
travelers. CBP requires that its commercial partners--such as
airlines, airports, or cruise lines--post CBP-approved privacy
signs at gates where FRT is used to provide travelers with
notice that their photos are being taken and for what
purposes.\13\ However, CBP has not enforced the requirement to
post these signs or consistently monitored air exit facial
recognition locations to ensure that signs are posted for each
flight using FRT. For example, during our visit to the Las
Vegas McCarran International Airport in September 2019, no
privacy signs were posted at a gate where facial recognition
had been in operation for about 2 months.
---------------------------------------------------------------------------
\13\ CBP allows commercial partners to use their own signs to
provide notice of facial recognition, but these signs must be approved
by CBP. CBP's requirements for commercial partners specify the minimum
size for the signs, and specifies that the signs ``must be clearly
visible and placed at a sufficient distance in front of the camera in
order to provide the traveler with a reasonable opportunity to read the
content and opt-out before reaching the photo capture area.'' CBP also
allows partners to display e-signage announcing the use of FRT. CBP's
commercial partners may also choose to provide additional notices. For
example, one airline official told us that their airline informs
travelers about the use of FRT through emails sent along with
reservation information.
---------------------------------------------------------------------------
CBP program officials noted that they have a relatively small
office and they do not have the capacity to install signs for
all new locations themselves or to conduct inspections to
ensure that signs are present and visible. Instead, program
officials said they rely on local CBP officers at airports to
ensure that signs are posted in the appropriate locations
through periodic checks. However, local CBP officers told us
they do not have the personnel to check if signs are present at
boarding gates for each flight that uses FRT since they have
other duties and responsibilities and are not required by CBP
policy or guidelines to do so. Nonetheless, CBP officials
acknowledged that CBP is ultimately responsible for informing
travelers about FRT across all environments and locations
through signs, handouts, and the CBP website, among other
methods.
In September 2020, we recommended that CBP ensure that the
Biometric Entry-Exit Program's privacy notices contain complete and
current information, including all of the locations where facial
recognition is used and how travelers can request to opt out as
appropriate. CBP implemented this recommendation. Specifically, CBP
created a new website that outlines the locations (air, land, and sea
ports) where CBP uses FRT. CBP also updated its biometrics website to
include information on how travelers can opt out of the facial
recognition verification process. Furthermore, CBP has begun providing
its call center and information center staff with additional training,
so staff are prepared to provide the public with complete and current
information about the facial recognition verification program.
We also recommended that CBP ensure that the Biometric Entry-Exit
Program's privacy signage is consistently available at all locations
where CBP is using facial recognition. In June 2022, CBP reported that
the program office developed a plan to ensure privacy signage for the
Biometric Entry-Exit program is consistently available at all locations
where FRT is used. As part of that plan, CBP officials said they
reviewed the signage language and updated it to be more understandable
by, for example, making it clearer that travelers can request
alternative screening procedures. CBP also stated that the program
office is in the process of upgrading the signs and intends to do so by
September 2022. These actions, if fully implemented, should address the
intent of our recommendation.
CBP Has Not Audited Most of Its Partners and Has Not Developed a Plan
for Future Audits
CBP requires its commercial partners, as well as contractors and
vendors, to follow CBP's data collection and privacy requirements, such
as restrictions on retaining or using traveler photos, and CBP can
conduct audits to assess compliance. However, in September 2020 we
reported that as of May 2020, CBP had audited one of its more than 20
commercial airline partners and did not have a plan to ensure that all
partners are audited for compliance with the program's privacy
requirements. In particular, we found that although CBP's commercial
airline partners have used FRT for identity verification since 2017,
and cruise lines since 2018, CBP's first audit of a commercial partner
occurred in March 2020. For this initial audit, CBP officials said they
reviewed one commercial air carrier's privacy and security controls to
ensure its compliance with program requirements. At that time, CBP
officials said that they expected this initial audit to inform how they
design and conduct future audits of commercial partners. However, CBP
had not developed a plan with time frames for conducting audits of all
of its commercial partners.
Similar to CBP's commercial partners, contractors and vendors
associated with the Biometric-Entry Exit Program are subject to CBP's
privacy and security requirements, including restrictions on their use
of photos collected as part of the program, and CBP can audit them to
ensure compliance. However, prior to a 2019 data breach involving a CBP
subcontractor, CBP had not conducted security or privacy audits of its
contractors. In 2019, a CBP subcontractor downloaded photos used in
facial matching pilot testing at a land port of entry against CBP
protocols.
The subcontractor was later the subject of a data breach.\14\ CBP
information security officials stated that it is unclear if this
particular security vulnerability would have been identified through an
audit because protocols were in place that prohibited contractors from
downloading and removing data. However, after CBP identified this
vulnerability, CBP information security officials began conducting
security audits at some facial recognition testing locations to
determine and assess security vulnerabilities. CBP officials also told
us that they have made changes to pilot-testing security protocols,
such as prohibiting the use of thumb (flash or USB) drives or any other
personal drives. However, in September 2020, we reported that CBP did
not have a plan to determine when all contractors and vendors would be
audited for compliance with privacy and security requirements.
---------------------------------------------------------------------------
\14\ According to CBP, a subcontractor employee involved with the
pilot test at the Anzalduas land port of entry removed facial image
data from the pilot site and then downloaded them to the company's
network for the purpose of performing additional analysis of CBP's
data. Data from the subcontractor's network was then stolen and posted
on the dark web. CBP reviewed the dark web data and found no evidence
that it included images from Anzalduas. CBP also confirmed that the
subcontractor had only removed images; it did not have any associated
data, such as names, dates of birth, or Social Security numbers.
Officials said that they view this incident as an ``insider threat''
situation because the data were removed from CBP's systems in a way
that was not authorized by policy or by contract. Officials also noted
that the agency has a long-standing relationship with the prime
contractor, and the subcontractor was vetted and screened by CBP. CBP
officials told us that CBP immediately removed the subcontractor's
access to CBP's systems after learning of the breach and asked the
prime contractor to end the contract with the subcontractor. CBP has
subsequently entered into an Administrative Contract Agreement with the
subcontractor to improve their security practices but has no plans to
resume business with the subcontractor.
---------------------------------------------------------------------------
The Fair Information Practice Principles adopted by DHS state that
agencies should audit the actual use of personal information to
demonstrate compliance with all applicable privacy protection
requirements. CBP officials acknowledged the importance of such audits
but said they have generally not been a priority because CBP's
contractors and partners do not have access to internal CBP databases
and, therefore, cannot access systems that store personally
identifiable information. CBP officials noted that, per CBP's
requirements, partners agree they are not permitted to store or use
photos obtained from the program in any way. When we spoke to
representatives from the airline industry, they said that partner
airlines and airports do not want to retain photos of travelers due to
the risks and liability involved. However, as of May 2020, CBP had not
yet audited the majority of its airline business partners to ensure
they are adhering to CBP's privacy requirements.
In addition, while CBP had audited one of its airline partners and
some locations where it was pilot-testing FRT, we reported that the
privacy risks associated with personally identifiable information would
continue to grow as the Biometric Entry-Exit Program expands and CBP
collaborates with additional airlines, airports, cruise lines,
contractors, and others. Thus, we recommended that CBP direct the
Biometric Entry-Exit program to develop and implement a plan to conduct
privacy audits of its commercial partners', contractors', and vendors'
use of personally identifiable information. CBP concurred with our
recommendation and, as of July 2022, officials said that CBP has
conducted five assessments of its commercial partners in the air
environment to ensure that they are adhering to CBP's requirements to
protect travelers' privacy. Officials also said that three additional
assessments are under way and that CBP has plans to assess about four
partners in the air environment each year through 2025. These are
positive steps to help ensure travelers' privacy is protected. To fully
address the intent of our recommendation, CBP should complete its
planned and in-progress assessments in the air environment. In
addition, CBP should audit partners in the land and sea environments as
well as vendors and contractors who have access to personally
identifiable information.
cbp found its air exit facial recognition capability met accuracy
requirements, but cbp has not fully monitored performance
During Operational Testing, Air Exit Met Accuracy Requirements but Did
Not Meet Photo Capture Performance Requirement
As we reported in September 2020, air exit was the first Biometric
Entry-Exit Program capability to progress through the DHS acquisition
process and undergo formal operational testing and evaluation. As a DHS
major acquisition program, consistent with DHS acquisition policy, the
Biometric Entry-Exit Program's air exit facial recognition capability
was to be assessed against program requirements in an operationally
realistic environment before it could be fully deployed--referred to as
operational testing.\15\ From May to June 2019, an independent test
agent within CBP performed an operational test and evaluation of air
exit facial recognition capabilities.
---------------------------------------------------------------------------
\15\ A DHS major acquisition program is one with life cycle cost
estimates of $300 million or greater. DHS policies for managing its
major acquisition programs are primarily set forth in its Acquisition
Management Directive 102.01 and Acquisition Management Instruction
102.01-001. For more information on DHS major acquisitions, see GAO,
Homeland Security Acquisitions: Outcomes Have Improved by Actions
Needed to Enhance Oversight of Schedule Goals, GAO-20-170SP
(Washington, DC: Dec. 19, 2019).
---------------------------------------------------------------------------
CBP's operational testing determined that air exit met its defined
accuracy requirements but did not meet one of its performance
requirements. In its Operational Requirements Document for the
Biometric Entry-Exit Program, CBP identified the capabilities needed to
confirm the identities of travelers departing the United States by air,
and included accuracy and performance requirements. In August 2019, the
test agent found that air exit met or exceeded its two accuracy
requirements. Specifically, the test found that air exit was able to
correctly match 98 percent of travelers' photos with photo galleries
built from passenger manifests, a key capability for the program. The
test also found that air exit incorrectly matched a traveler to a
gallery photo less than 0.1 percent of the time.
While air exit met its accuracy requirements during operational
testing, it did not meet the program's photo capture performance
requirement--that is, the percentage of in-scope travelers whose photos
should be captured during the boarding process (also called the
biometric compliance rate). Specifically, the test agent found that air
exit successfully captured the photos of approximately 80 percent of
in-scope travelers on participating flights, short of the 97 percent
minimum requirement. According to the operational testing report, air
exit did not meet the photo capture rate requirement due to disruptions
to the facial recognition process during boarding. The report found
that such disruptions were caused by factors such as camera outages,
incorrectly configured systems at boarding gates, and airline agents'
decisions to exclude certain categories of people, such as families or
individuals using wheelchairs, to speed up the boarding process. In
these cases, airline agents would revert to manual boarding procedures
(i.e., visually comparing a traveler to his or her travel
identification documents), and travelers' photos were not captured or
transmitted to TVS. The test report noted that testing officials
witnessed instances of cameras malfunctioning during boarding at all
three of the airports they visited. During our observations of five
flights at three airports in 2019, we identified similar photo capture
issues with air exit.
To help air exit meet its performance requirement for capturing
traveler photos, CBP's test agent recommended that the agency develop
airline camera system standards to ensure they are capable of capturing
photos of travelers of all heights, as well as investigate why partner
airlines have issues with cameras during the boarding process. In
response, CBP officials said they did not intend to take further action
to improve the photo capture rate. Officials suggested that this was
one metric of many used to assess the status of operational use of this
capability. In addition, officials suggested that several factors would
gradually improve the photo capture rate over time. These factors
include a greater number of airline personnel trained on air exit
facial recognition procedures and more efficient traveler interaction
with cameras as familiarity with the facial recognition process
increases (looking straight at the camera instead of down, for
example). Because airline and airport partners participate in air exit
voluntarily, they can choose to manually verify travelers' identities
(not use FRT) for any reason. CBP officials said that air exit relies
on these voluntary partnerships with airlines and airports, and they
want to maintain positive relationships to recruit additional partners.
Air exit depends on the successful capture and submittal of live
photos during boarding to fulfill its purpose of biometrically
verifying traveler departures. At the time of our 2020 report, CBP did
not intend to require airlines to capture photos of all in-scope
travelers and did not have a plan to ensure that air exit could meet
the 97 percent photo capture requirement defined in its operational
requirements document. CBP officials stated that the photo capture rate
would naturally improve as air exit expands throughout airports.
However, we reported that improved familiarity with facial recognition
procedures would not ensure that all applicable travelers are
biometrically verified if partner airlines revert to manual identity
verification, or if the photos they capture are low quality and cannot
be matched.
In September 2020, we recommended that CBP develop and implement a
plan to ensure that the biometric air exit capability meets its
established photo capture requirement. CBP agreed with the
recommendation. In June 2022, CBP officials noted that the photo
capture rate requirement was included in the 2017 Operational
Requirements Document when there was the possibility of CBP owning,
operating, and maintaining cameras at airport departure gates. As the
photo capture process was implemented, CBP determined that it does not
have the staff to be present at every departure gate to oversee the
process. Further, CBP does not require airlines to take a photo of
every traveler. According to CBP officials, the photo capture
requirement was removed from the latest draft of the Operational
Requirements Document and CBP is waiting for the revised requirements
to be fully approved by DHS, which it expected in August 2022. We will
continue to follow up on the status of these revised requirements and
the extent to which they may address our recommendation once approved
by the department.
Effort to Assess the Accuracy of CBP's Facial Matching Across
Demographic Variables
In addition to CBP's accuracy assessment conducted during the
operational test of air exit capabilities, in December 2018, the
National Institute of Standards and Technology (NIST)--a Government
laboratory that has studied commercially available FRT--entered into an
agreement with CBP to further assess the accuracy of TVS.\16\ According
to the terms of the agreement, NIST was to assess whether there are
differences in the accuracy of TVS based on traveler demographics such
as age, gender, or ethnicity. According to CBP officials, CBP's
internal analysis of data from air exit showed a negligible effect in
matching accuracy based on demographic variables. However, officials
noted that this analysis was limited because while CBP has access to
data on age, gender, and nationality for travelers entering and exiting
the country, it does not have data on race or ethnicity.
---------------------------------------------------------------------------
\16\ While NIST has not set standards for how accurate a facial
recognition system should be, NIST has conducted research into the
accuracy of facial recognition algorithms since 2000. A NIST evaluation
in December 2019 focused on testing the effects of demographics on
matching accuracy of over 100 commercially-available facial recognition
algorithms. NIST found that demographic effects in matching accuracy
varied significantly across the algorithms it tested and that many
facial recognition systems performed differently among demographic
groups. While NIST did not evaluate TVS, it included a version of the
algorithm CBP uses with TVS in its evaluation and found it was among
the most accurate algorithms on many measures. National Institute of
Standards and Technology, Face Recognition Vendor Test (FRVT) Part 3:
Demographic Effects, NISTIR 8280 (Dec. 2019).
---------------------------------------------------------------------------
According to NIST officials, NIST intended to assess the accuracy
of TVS by testing an algorithm similar to that used in TVS and
analyzing the impacts of gender, ethnicity, and age on matching
accuracy.\17\ In September 2020, we reported that CBP planned to use
the same matching algorithm for all travel environments, and NIST's
findings on the demographic effects on matching accuracy planned to
take into account all travel environments. Per the agreement, NIST was
to provide technical information to CBP related to the algorithm,
optimal thresholds, and gallery creation strategies.\18\ NIST completed
this report in July 2021.\19\
---------------------------------------------------------------------------
\17\ According to CBP officials, NIST was using CBP-owned photos
from DHS databases, as well as photos from other sources, such as the
Department of State and U.S. Citizenship and Immigration Services, to
conduct its analysis.
\18\ According to NIST, it intended to provide recommendations in
the form of technical information that CBP can use to make informed
decisions about its use of facial recognition algorithms.
\19\ National Institute of Standards and Technology, Face
Recognition Vendor Test (FRVT) Part 7: Identification for Paperless
Travel and Immigration, NISTIR 8381 (July 2021).
---------------------------------------------------------------------------
CBP's Process for Monitoring Air Exit Did Not Alert Officials When
Performance Fell Below Minimum Requirements
In September 2020, we reported that CBP officials conduct
monitoring of the accuracy and performance of air exit through random
sampling, but the monitoring process did not alert them when
performance fell below minimum requirements (such as the 97 percent
photo capture rate described above). CBP officials said they randomly
sampled two flights per airport per week and reviewed the data from
each flight, including the number of matches and the match rate.
Officials said that these reviews can help identify problems, such as
unusually low match or photo capture rates, and they would investigate
any identified problems by contacting the airline or airport where they
occurred. In addition to random sampling, airline or airport officials
can report problems with air exit facial recognition to CBP officials.
CBP officials also noted that they generate automated reports of
matching rates and usage on a weekly basis, and provide weekly
performance reports to stakeholders, such as airline partners.
Officials said they use this reporting to gauge system performance.
However, we reported that CBP's monitoring process did not
immediately alert officials to problems that affect the performance of
air exit. For example, randomly sampling flights for review on a weekly
basis may not identify a daily pattern of consistently low-quality
photos due to poor lighting in a particular terminal or airport. This
means a problem at a particular terminal or airport could potentially
continue unabated for days or even weeks, for example, without CBP's
knowledge. CBP officials said there were several reasons why they chose
random sampling to monitor the accuracy and performance of air exit.
For example, officials said they had a small team of five analysts
dedicated to monitoring air exit's performance, and they did not have
the capacity or resources to manually review every flight for
anomalies. Additionally, officials said air exit has returned
consistently high match rates for photos that are successfully
captured, which gave them confidence that more robust or comprehensive
monitoring was not necessary.
However, CBP officials agreed it would be helpful if they had
automatic alerts or notification when the performance for a flight or
airport fell below air exit performance thresholds and acknowledged
that their system has the capability to provide these automatic alerts.
We recommended that CBP develop a process by which Biometric Entry-Exit
program officials are alerted when the performance of air exit facial
recognition falls below established thresholds. DHS agreed with our
recommendation. In April 2021, CBP reported that it had developed
various monitoring systems for the air exit facial recognition program.
For example, CBP produces reports that provide program stakeholders
with operational performance data by flight number, passenger counts,
and biometric match rates. According to CBP, the program team monitors
these reports for performance issues and addresses any anomalies with
stakeholders as they arise. The program team also conducts random
sampling to determine the technical match rates and to identify any
system or equipment issues. Finally, the program team receives
notifications if the system experiences an outage and has a gallery
assembly system monitor that provides notifications when a flight
gallery is not created. These actions addressed the intent of our
recommendation.
Chairwoman Barragan, Ranking Member Higgins, and Members of the
subcommittee, this completes my prepared statement. I would be happy to
respond to any questions you or the Members of the subcommittee may
have.
Chairwoman Barragan. Thank you for your testimony. I will
now recognize Mr. Jeramie Scott to summarize his statement for
5 minutes.
STATEMENT OF JERAMIE D. SCOTT, SENIOR COUNSEL, ELECTRONIC
PRIVACY INFORMATION CENTER (EPIC)
Mr. Scott. Thank you, Chairman Barragan, Ranking Member
Higgins, and Members of the subcommittee. Thank you for holding
this hearing and for the opportunity to testify today on CBP
use of facial recognition technology.
My name is Jeramie Scott, senior counsel of the Electronic
Privacy Information Center, or simply EPIC. EPIC is an
independent nonprofit research organization in Washington, DC,
established in 1994 to protect privacy, freedom of expression,
and the democratic values in the information age.
Facial recognition is dangerous surveillance technology
because the risks increase as the Government expands its
implementations in any form, including for identity
verification. The technology poses serious threats to our
privacy, our civil liberties, our Constitutionally-protected
rights, and our democracy. Facial recognition has accuracy and
bias issues that are most likely to impact marginalized groups,
but even a perfectly accurate and unbiased facial recognition
system poses fundamental risks to a democratic society when
widely deployed. CBP has implemented one of the most widely
deployed facial recognition systems in the country with its
Biometric Entry-Exit Program.
The program uses facial recognition to verify the identity
of travelers entering and exiting the United States. Facial
recognition is applied to all travelers, including U.S.
citizens, despite Congress never granting CBP authority to
conduct facial recognition verification on U.S. citizens.
Nonetheless, CBP has forged ahead by obtaining passport
photos from the State Department to use for facial recognition
at international airports and other ports of entry. Although
U.S. citizens can, in theory, opt out of facial recognition,
this hasn't been easy to do in practice. The Government
Accountability Office, as we just heard, and a DHS Data Privacy
and Integrity Advisory Committee both found that CBP failed to
provide adequate notice about the use of facial recognition at
airports or information about the opt-out procedure.
Even if a U.S. citizen is able to opt out of facial
recognition, there is no way for that person to opt out having
their photo obtained by CBP from the State Department used as
part of the facial recognition photo galleries created for the
Biometric Entry-Exit Program.
This is particularly important given the data breach of the
CBP subcontractor where 184,000 images of travelers from the
Biometric Entry-Exit Program were exposed, images the
subcontractor was not supposed to have. But CBP's security and
privacy protocols failed to prevent the subcontractor from
obtaining these images.
CBP's track record for not properly administering the
Biometric Entry-Exit Program does not provide comfort as the
agency seeks to continue to expand the program. History tells
us that if the program continues its expansion unchecked, it
will not just expand in the number of the ports the program it
is implemented at, but in the number of situations CBP's facial
recognition system is used for. CBP has described the future
airport process as one where every step from dropping off
baggage, moving through TSA checkpoints, and boarding planes is
mediated by facial recognition scans.
The on-going expansion of CBP's facial recognition system
creates a powerful and dangerous tool of surveillance for the
Federal Government. CBP has access to millions of passport and
visa photos held by the State Department in addition to the
millions of photos the Department of Homeland Security holds in
its biometric database. The facial recognition system CBP has
built is a cloud-based system that can easily be connected to
additional sources of photos.
The unfettered use of facial recognition to verify identity
puts us on a path toward a ubiquitous universal ID controlled
by the Government. Unless regulations are put in place to end
or at least limit the Biometric Entry-Exit's use of facial
recognition technology the program will continue to expand well
beyond its intended purpose.
The safest investment would be for CBP to end its use of
facial recognition technology. This would eliminate the risk of
CBP's facial recognition technology infrastructure being used
for more pervasive surveillance as a ubiquitous identification
system.
At minimum, Congress should put in place the following
requirements for CBP's use of facial recognition technology. A
requirement to use a one-to-one facial recognition system that
does not require a database or connection to the cloud. A
prohibition on the use of facial recognition services provided
by third parties, like Clearview AI. A prohibition on any law
enforcement agency using CBP's facial recognition system for
generalized investigative leads. A requirement that CBP only
use its facial recognition system for identity verification as
part of the Biometric Entry-Exit Program. And a requirement for
annual audits for CBP's facial recognition system conducted by
an independent third party.
If the Biometric Entry-Exit Program is to remain in
operation, these safeguards are critical to protect privacy,
civil liberties, civil rights, and the security of sensitive
biometric data.
Thank you for the opportunity to testify today. I would be
happen to answer any questions.
[The prepared statement of Mr. Scott follows:]
Prepared Statement of Jeramie D. Scott
July 27, 2022
Chairwoman Barragan, Ranking Member Higgins, and Members of the
subcommittee, thank you for holding this hearing and for the
opportunity to testify today on CBP's use of facial recognition
technology. My name is Jeramie Scott, senior counsel at the Electronic
Privacy Information Center, or simply EPIC. EPIC is an independent
nonprofit research organization in Washington, DC, established in 1994
to protect privacy, freedom of expression, and democratic values in the
information age.
EPIC has long history of work on facial recognition and the privacy
and civil liberties issues the technology raises, particularly with
respect to Custom and Border Protection's (CBP's) use of facial
recognition.\1\ The attention is warranted and necessary because facial
recognition is a dangerous surveillance technology whose risks increase
as the Government expands its implementations in any form, including
for identity verification. The technology poses serious threats to our
privacy, our civil liberties, our Constitutionally-protected rights,
and our democracy. Facial recognition has accuracy and bias issues that
are most likely to impact marginalized groups. But, even a perfectly
accurate and unbiased facial recognition system poses fundamental risks
to a democratic society when widely deployed.
---------------------------------------------------------------------------
\1\ See e.g., Comments of EPIC to U.S. Customs and Border
Protection Dept., Collection of Advance Information From Certain
Undocumented Individuals on the Land Border, Docket ID: USCBP-2021-0038
(Nov. 29, 2021), https://epic.org/wp-content/uploads/2021/11/EPIC-
Comments-DHS-Advance-Collection-Photos-Border-Nov-2021.pdf, Comments of
EPIC to the Transportation Security Admin., Intent to Request Revision
of Agency Information Collection Activity Under OMB Review: TSA
PreCheck, Docket ID: TSA-2013-0001 (June 22, 2020), https://epic.org/
apa/comments/EPIC-TSA-PreCheck-FRT-Comment-June2020.pdf; Comments of
EPIC to the Dept. of Homeland Security, Agency Information Collection
Activities: Biometric Identity, Docket No. 1651-0138 (Jul. 24, 2018),
https://epic.org/apa/comments/EPIC-CBP-Vehicular-Biometric-Entry-Exit-
Program.pdf; EPIC v. CBP (Biometric Entry/Exit Program), https://
epic.org/foia/dhs/cbp/biometric-entry-exit/default.html (EPIC obtained
a report which evaluated iris imaging and facial recognition scans for
border control); EPIC Statement to U.S. House Comm. on Homeland
Security, ``Border Security, Commerce and Travel: Commissioner
McAleenan's Vision for the Future of CBP'' (Apr. 24, 2018), https://
epic.org/testimony/congress/EPIC-HHSC-CBP-Apr2018.pdf; Comments of EPIC
to the Dept. of Homeland Security, Privacy Act of 1974: Implementation
of Exemptions; Department of Homeland Security/U.S. Citizenship and
Immigration Services--018 Immigration Biometric and Background Check
(IBBC) System of Records, Docket Nos. DHS-2018-0002 and DHS-2018-0003
(Aug. 30, 2018), https://epic.org/apa/comments/EPIC-DHS-Immigration-
Biometric-Database.pdf; Comments of EPIC to the Dept. of Homeland
Security, Collection of Biometric Data From Aliens Upon Entry to and
Departure From the United States (Dec. 21, 2020), https://epic.org/
documents/collection-of-biometric-data-from-aliens-upon-entry-to-and-
departure-from-the-united-states/.
---------------------------------------------------------------------------
In my testimony I will discuss the issues with facial recognition
in general, CBP's use of facial recognition as part of its Biometric
Entry-Exit program, the many issues with this program, and the threat
CBP's use of facial recognition poses to individuals and our society.
i. facial recognition technology is inaccurate and biased
Facial recognition systems have been deployed by both Government
agencies and private companies with little to no oversight, despite
many questions regarding their effectiveness.\2\ A 2019 National
Institute of Standards and Technology (``NIST'') study of facial
recognition tools--which are typically ``AI-based''\3\--found that the
systems were up to 100 times more likely to return a false positive for
a non-white person than for a white person.\4\ Specifically, NIST found
that ``for one-to-many matching, the team saw higher rates of false
positives for African American females,'' a finding that is
``particularly important because the consequences could include false
accusations.''\5\ A separate study by Stanford University and MIT,
which looked at three widely-deployed commercial facial recognition
tools, found an error rate of 34.7 percent for dark-skinned women
compared to an error rate of 0.8 percent for light-skinned men.\6\ A
review of Rekognition--an Amazon-owned facial recognition system
marketed to law enforcement--revealed indications of racial bias and
found that the system misidentified 28 members of U.S. Congress as
convicted criminals.\7\ Yet CBP is relying on this flawed technology to
protect our borders.
---------------------------------------------------------------------------
\2\ David Freeman Engstrom, Daniel E. Ho, Catherine M. Sharkey, &
Mariano-Florentino Cuellar, Government by Algorithm: Artificial
Intelligence in Federal Administrative Agencies 6 (Feb. 2020), https://
www-cdn.law.stanford.edu/wp-content/uploads/2020/02/ACUS-AI-Report.pdf.
\3\ Nat'l Inst. Standards & Tech., Face Recognition Vendor Test
(FRVT) Part 3: Demographic Effects 14 (Dec. 2019), https://
nvlpubs.nist.gov/nistpubs/ir/2019/NIST.IR.8280.pdf.
\4\ Nat'l Inst. Standards & Tech., NIST Study Evaluates Effects of
Race, Age, Sex on Face Recognition Software (Dec. 19, 2019), https://
www.nist.gov/news-events/news/2019/12/nist-study-evaluates-effects-
race-age-sex-face-recognition-software.
\5\ Id.
\6\ Joy Buolamwini & Timnit Gebru, Gender Shades: Intersectional
Accuracy Disparities in Commercial Gender Classification, Proceedings
of Machine Learning Research 81:1-15 (2018), https://www.media.mit.edu/
publications/gender-shades-intersectional-accuracy-disparities-in-
commercial-gender-classification/.
\7\ Russell Brandom, Amazon's facial recognition matched 28 Members
of Congress to criminal mugshots, The Verge (July 26, 2018), https://
www.theverge.com/2018/7/26/17615634/amazon-rekognition-aclu-mug-shot-
congress-facial-recognition.
---------------------------------------------------------------------------
ii. cbp's biometric entry-exit program
CBP has implemented one of the largest deployments of facial
recognition technology in the country through its Biometric Entry-Exit
program. According to CBP, 238 airports use facial recognition for
entry and 32 airports have facial recognition deployed for exit.\8\
Another 13 seaports use facial recognition and almost all the
processing facilities for pedestrians and buses along the Northern and
Southern Border deploy facial recognition.\9\ And since 2017, CBP has
used facial recognition on over 100 million travelers.\10\ Further, the
agency has ``the ultimate goal of implementing a comprehensive
biometric entry-exit system Nation-wide''.\11\
---------------------------------------------------------------------------
\8\ CBP, Introducing Biometric Facial Comparison, https://
biometrics.cbp.gov.
\9\ Id.
\10\ CBP, Introducing Biometric Facial Comparison, https://
biometrics.cbp.gov.
\11\ Notice of proposed rulemaking on ``Collection of Biometric
Data From Aliens Upon Entry to and Departure From the United States,''
85 Fed. Reg. 74162, 74163 (Nov. 19, 2020), https://www.govinfo.gov/
content/pkg/FR-2020-11-19/pdf/2020-24707.pdf.
---------------------------------------------------------------------------
The backbone of CBP's Biometric Entry-Exit program is the agency's
Traveler Verification Service (TVS). TVS is a cloud-based information
technology that handles the actual facial recognition comparison.\12\
TVS uses biometric templates created from existing photographs obtained
from several sources including U.S. passport and U.S. visa photos from
the State Department, images captured during entry inspection, and
other encounters with the Department of Homeland Security where a
photograph is taken.
---------------------------------------------------------------------------
\12\ DHS, Privacy Impact Assessment for the Traveler Verification
Service 4-6 (Nov. 14, 2018), https://www.dhs.gov/sites/default/files/
publications/PIA%20for%20Traveler%20Verification- %20Service.pdf
(hereinafter (``PIA''.)
---------------------------------------------------------------------------
CBP leverages these photographs to build specific galleries of
photographs for entry and exit points.\13\ For example, for commercial
flights, where CBP knows ahead of time who will be on a given flight,
the agency builds a gallery of photos based on expected passengers. At
the borders where people may be crossing on foot or in their own
vehicles, ``CBP will build galleries using photographs of ``frequent''
crossers for that specific port of entry, taken at that specific port
of entry, that become part of a localized photographic gallery.''\14\
These photo galleries are used by TVS to create the face prints or
biometric templates used for facial recognition identification.\15\
Where CBP has implemented the Biometric Entry-Exit program, the agency
applies facial recognition identification to all travelers, including
U.S. citizens.\16\ The implementation of the Biometric Entry-Exit
program has been a slow and long process--one fraught with issues in
the program's administration, lack of clear rationale, and questionable
authority. Despite the issues, CBP submitted a Notice of Proposed
Rulemaking in November 2020 to make permanent the agency's
implementation of a biometric entry-exit system that utilizes facial
recognition identification. The CBP's efforts to expand the use of
facial recognition through the Biometric Entry-Exit program lacks the
necessary authority to collect biometrics on U.S. citizens,
unnecessarily expands the program beyond its apparent purpose, and
creates an unregulated facial recognition infrastructure likely to be
exploited by the Government in the future.
---------------------------------------------------------------------------
\13\ Id. at 5.
\14\ Id. at 5.
\15\ Id. at 6.
\16\ U.S. citizens are able to opt-out of facial recognition
identification but as described below the opt-out is not meaningful and
has not always been honored by CBP agents.
---------------------------------------------------------------------------
iii. congress never gave cbp the legal authorization to collect
biometric data from u.s. citizens
CBP lacks the legal authorization to collect biometric data from
U.S. citizens. As part of its implementation of ``an integrated
automated entry and exit data system . . . of aliens entering and
departing the United States,'' CBP has proposed collecting not only
biometric information from noncitizens crossing the U.S. border, but
also biometric information from U.S. citizens.\17\ In support of its
decision to collect this information, CBP reports that it had
identified several ``imposters'' who had attempted to enter the United
States using U.S. travel documents that did not belong to them.\18\ In
addition, CBP justifies the collection of biometric information from
U.S. citizens by stating that photos of U.S. citizens used for face
verification would only be stored for 12 hours after confirmation of a
person's identity.\19\
---------------------------------------------------------------------------
\17\ Collection of Biometric Data from Aliens upon Entry to and
Departure from the United States, 85 Fed. Reg. 74,162 (Nov. 19, 2020);
see also Collection of Biometric Data from Aliens upon Entry to and
Departure from the United States; Re-Opening of Comment Period, 86 Fed.
Reg. 8,878 (Feb. 10, 2021).
\18\ 85 Fed. Reg. at 74, 167.
\19\ Id. at 164.
---------------------------------------------------------------------------
CBP's justifications for collecting biometric information from U.S.
citizens are insufficient, however, as Congress has only authorized CBP
to deploy a biometric entry/exit program for noncitizens. Evidence that
Congress limited its authorizations to noncitizens is found in numerous
prior statutes establishing an entry/exit system--some of which are
cited by CBP itself in its notice of proposed rulemaking, and none of
which mention U.S. citizens. As authority for its proposed rule to
collect the biometric data, CBP relies on the 2016 Consolidated
Appropriations Act.\20\ In that statute, Congress instructed the DHS
Secretary to submit to Congress a plan to ``implement[] . . . the
biometric entry and exit data system described in section 7208 of the
Intelligence Reform and Terrorism Prevention Act of 2004'' and
allocated funding toward that implementation.\21\
---------------------------------------------------------------------------
\20\ Id. at 74, 164-65.
\21\ Pub. L. 114-113, 129 Stat. 2242, 2493, 3006 (2015).
---------------------------------------------------------------------------
Context and statutory language make it clear that Congress never
intended to authorize CBP to collect biometric information from
citizens. For one, the Intelligence Reform and Terrorism Prevention Act
referenced in the 2016 Appropriations Act applies only to noncitizens.
The statute authorized collecting biometric exit data for ``all
categories of individuals who are required to provide biometric entry
data, regardless of the port of entry where such categories of
individuals entered the United States.''\22\ After this authorization,
the subsequent section of the Act grants the DHS Secretary with the
authority ``to integrate all databases and data systems that process or
contain information on aliens . . . ''\23\
---------------------------------------------------------------------------
\22\ Intelligence Reform and Terrorism Prevention Act of 2004, Pub.
L. No. 108-458, � 7208(d) (2004).
\23\ Id. at � 7208(e) (emphasis added).
---------------------------------------------------------------------------
Moreover, all existing statutes that identify categories of people
``required to provide biometric entry data'' apply only to
noncitizens.\24\ These statutes include the ``Illegal Immigration
Reform and Immigrant Responsibility Act of 1996,'' in which Congress
authorized collection of biometrics at the border from noncitizens
crossing the U.S. border.\25\ It also includes a statute passed in
2007, which required DHS to ``establish an exit system'' that includes
biometric collection for ``every alien participating in the visa waiver
program.''\26\ In fact, none of the entry-exit system statutes that CBP
cites to justify its proposed rule mention U.S. citizens.\27\
---------------------------------------------------------------------------
\24\ See Harrison Rudolph et al., Not Ready for Takeoff: Face Scans
at Airport Departure Gates, Geo. Ctr. on Privacy & Tech 7 (2017).
\25\ H.R. Rep. No. 104-828 (1996) � 104 (amending 8 U.S.C.
1101(a)(6)); see also 8 U.S.C. 1101(a)(6).
\26\ Implementing Recommendations of the 9/11 Commission Act of
2007, Pub. L. 110-53, � 711(i)(1)-(2), 121 Stat. 266, 345 (2007).
\27\ In its November 2020 notice of proposed rulemaking, Collection
of Biometric Data from Aliens upon Entry to and Departure from the
United States, 85 Fed. Reg. 74,162, 74,165 (Nov. 19, 2020), CBP cites
to the following statutory authorities ``requir[ing] DHS to take action
to create an integrated entry-exit system.'' Each of these statutes--
except for the last statute, which is the general statute establishing
the CBP agency--do not mention U.S. citizens in relation to their
discussion of the entry/exit system:
Section 110 of the Illegal Immigration Reform and
Immigrant Responsibility Act of 1996, Public Law 104-828, 110 Stat.
3009-546 (authorizing collection of biometric identification from
noncitizens crossing the U.S. border);
Section 205 of the Visa Waiver Permanent Program Act of
2000, Public Law 106-396, 114 Stat. 1637, 1641 (calling for the
implementation of ``a fully automated entry and exit control system
that will collect a record of arrival and departure for every alien''
under the visa waiver program (emphasis added);
Section 414 of the Uniting and Strengthening America by
Providing Appropriate Tools Required to Intercept and Obstruct
Terrorism Act of 2001 (USA PATRIOT Act), Public Law 107-56, 115 Stat.
272, 353 (instructing the Executive branch to ``expedite''
implementation of the entry/exit data system specified in the Illegal
Immigration Reform and Immigrant Responsibility Act of 1996);
Section 302 of the Enhanced Border Security and Visa Entry
Reform Act of 2002 (Border Security Act), Public Law 107-173, 116 Stat.
543, 552 (requiring Federal officials to ``establish a database
containing the arrival and departure data from machine-readable visas,
passports, and other travel and entry documents possessed by aliens''
(emphasis added));
Section 711 of the Implementing Recommendations of the 9/
11 Commission Act of 2007, Public Law 110-53, 121 Stat. 266, 338
(concerning ``modernization of the visa waiver program'');
Section 802 of the Trade Facilitation and Trade
Enforcement Act of 2015, Public Law 114-125, 130 Stat. 122, 199 (6
U.S.C. 211(c)(10)) (establishing CBP).
---------------------------------------------------------------------------
iv. cbp has failed from the beginning of program to provide a
reasonable justification for the expansion of the biometric exit
program
From the start, CBP's justifications for implementing the Biometric
Exit system have changed and expanded. Recording biometric data from
non-citizens leaving the United States was briefly mentioned as a
recommendation of the 9/11 Commission.\28\ The 9/11 Commission only
discussed the possibility of biometric border screening in passing and
did not explain how such a system could meaningfully improve National
security.
---------------------------------------------------------------------------
\28\ National Commission on Terrorist Attacks upon the U.S., The 9/
11 Commission Report 387-390 (July 22, 2004), available at https://
www.9-11commission.gov/report/911Report.pdf (hereinafter ``9/11
Commission Report'').
---------------------------------------------------------------------------
In the years after the 9/11 Commission Report, DHS moved slowly to
implement a biometric exit system, in part because DHS components could
identify no rationale for the program. In 2012, an internal DHS Science
and Technology Directorate evaluation found that ``significant
questions remained'' on ``(3) the additional value biometric air exit
would provide compared with the current biographic air exit process,
and (4) the overall value and cost of a biometric air exit
capability.''\29\ After responsibility for Biometric Exit was assigned
to CBP in 2013, the agency settled on a rationale of using the program
to prevent visa overstays, but at the time there was no evidence that
collecting biometrics on departure from the United States would address
this problem.\30\ CBP has since been able to quantify the effectiveness
of using only biographic identifiers for non-citizens exiting the
United States, stating that collecting biographic information is
``accurate for approximately 98-99 percent of foreign travelers who
entered under a visa (or the visa waiver program).''\31\
---------------------------------------------------------------------------
\29\ As summarized in U.S. Government Accountability Office, GAO-
16-358T, Actions Needed by DHS to Address Long-Standing Challenges in
Planning for a Biometric Exit System: Before the Subcommittee on
Immigration and the Nat'l Interest, Committee on the Judiciary, U.S.
Senate, 115th Cong. 8 (Jan. 20, 2016) (Statement of Rebecca Gambler,
Director Homeland Sec. and Justice), https://www.gao.gov/assets/680/
674704.pdf.
\30\ See Written testimony of U.S. Customs and Border Protection
and U.S. Immigration and Customs Enforcement for a House Committee on
Homeland Security, Subcommittee on Border and Maritime Security hearing
titled ``Fulfilling A Key 9/11 Commission Recommendation: Implementing
Biometric Exit'' (Sept. 23, 2013), https://www.dhs.gov/news/2013/09/26/
written-testimony-cbp-and-ice-house-homeland-security-subcommittee-
border-and.
\31\ Homeland Security Advisory Council (HSAC), Subcommittee on
Biometrics, Final Report of the Biometrics Subcommittee at 30 (Nov. 12,
2020), https://www.dhs.gov/sites/default/files/publications/
final_hsac_biometrics_subcommittee_report_11-12-2020.pdf.
---------------------------------------------------------------------------
Although CBP has forged ahead in implementing Biometric Exit,
agency analysts are skeptical of the value of the program to this day.
In 2017, a senior DHS official could not tell the DHS Data Privacy and
Integrity Advisory Committee how Biometric Exit would improve the
immigration system and claimed vague ``immigration and counterterrorism
benefits.''\32\ But CBP has repeatedly disclaimed any possible
counterterrorism benefits of Biometric Exit.\33\ A 2020 report from the
Homeland Security Advisory Committee described biographic data
collection as sufficient for visa overstay enforcement and objected
that, ``even if a marginal case could be made for biometric exit, it
has never been evaluated on a cost-benefit basis.''\34\ However, CBP's
response to this long-standing and cogent analysis makes little sense.
In the face of purported difficulties with separating out U.S. citizens
from Biometric Exit, the agency threw up its hands and claimed that
imposing facial recognition on both citizens and non-citizens was the
only solution.\35\
---------------------------------------------------------------------------
\32\ U.S. Department of Homeland Security, DPIAC Meeting Minutes 5
(Sept. 19, 2017), https://www.dhs.gov/sites/default/files/publications/
DPIAC%20Meeting%20Minutes-Sept%2019%202017.pdf (``Q(LG): does this
solve your problem with overstaying/terrorism? A(MH): not our role to
question duly passed laws from Congress. We think it gives us
immigration and counterterrorism benefits. We trust in Congress and 9/
11 Commission.'').
\33\ Homeland Security Advisory Council (HSAC), Subcommittee on
Biometrics, Final Report of the Biometrics Subcommittee at 30 (Nov. 12,
2020), https://www.dhs.gov/sites/default/files/publications/
final_hsac_biometrics_subcommittee_report_11-12-2020.pdf (``Unlike
biometric entry, biometric exit has little to do with preventing
terrorist attacks.'' and ``Neither CBP nor DHS has ever assessed that a
biometric exit capability is needed for National security or counter-
terrorism purposes.'').
\34\ Id.
\35\ Id. ``In an effort to comply with Congressional mandates,
CBP's choice to pursue facial recognition specifically, as opposed to
any of the various other biometric modalities, was largely a
consequence of an unavoidable reality.''
---------------------------------------------------------------------------
v. cbp has failed to properly administer its biometric entry-exit
program
CBP's implementation of the Biometry Entry/Exit program has
consistently fallen below baseline standards for privacy articulated in
DHS's Fair Information Privacy Principles (FIPPs).\36\ The FIPPs set
benchmarks for data collection and use that DHS must meet to comply
with the Privacy Act of 1974.\37\ The FIPPs comprise eight mandates:
Transparency, Individual Participation, Purpose Specification, Data
Minimization, Use Limitation, Data Quality and Integrity, Security, and
Accountability/Auditing.\38\ By DHS policy, the FIPPs ``must be
considered whenever a DHS program or activity raises privacy concerns
or involves the collection of personally identifiable information from
individuals, regardless of their status.''\39\ If CBP cannot meet their
own metrics for ensuring privacy when using facial recognition then the
agency should not collect that data.
---------------------------------------------------------------------------
\36\ Hugo Teufel III, The Fair Information Practice Principles:
Framework for Privacy Policy at the Dept. of Homeland Security
Memorandum Number 2008-01, Dep't. of Homeland Sec. (Dec. 29, 2008),
https://www.dhs.gov/sites/default/files/publications/privacy-policy-
guidance-memorandum-2008-01.pdf.
\37\ Privacy Act of 1974, 5 U.S.C. � 552a, as amended.
\38\ DHS FIPPs Memorandum, supra note 36, at 4.
\39\ DHS FIPPs Memorandum, supra note 36.
---------------------------------------------------------------------------
a. CBP failed to meet the FIPPs of Transparency and Individual
Participation by not providing adequate notice of facial
recognition programs
The Government Accountability Office (GAO) previously investigated
CBP's Biometric Entry/Exit program.\40\ In a September 2020 report, the
GAO found four major shortcomings in CBP's Biometric Entry/Exit
program. Together, these failures demonstrate that CBP is either unable
or unwilling to take basic steps to protect individuals' privacy, often
falling short of DHS's own FIPPs.
---------------------------------------------------------------------------
\40\ U.S. Gov't Accountability Off., GAO-20-568 Facial Recognition:
CBP and TSA are Taking Steps to Implement Programs, but CBP Should
Address Privacy and System Performance Issues (Sept. 2020) (hereinafter
GAO Facial Recognition Report), https://www.gao.gov/products/GAO-20-
568.
---------------------------------------------------------------------------
First, the GAO found that CBP routinely failed to provide adequate
notice and opt out procedures. At the time of the GAO's investigation,
CBP's on-line resources on facial recognition programs had incomplete
information and did not list all of the locations where CBP had
deployed facial recognition.\41\ Similarly, CBP did not provide enough
information for call center employees to answer questions about facial
recognition.\42\ The call center was often off-line, and when GAO could
get through, operators did not know which air and land ports were using
facial recognition.\43\
---------------------------------------------------------------------------
\41\ Id. at 39.
\42\ Id. At 39-40.
\43\ Id.
---------------------------------------------------------------------------
Second, signs at airports were consistently outdated and
contradictory. The GAO found that signs within a single airport
contained contradictory information on data retention policies.\44\ CBP
claimed their failure to update signage was justified by the
prohibitive cost of printing signs.\45\ CBP has not prioritized
updating posted notices to reflect current procedures and data
retention protocols. CBP appears unconcerned with providing accurate
and meaningful notice to travelers.
---------------------------------------------------------------------------
\44\ Id. at 40.
\45\ Id.
---------------------------------------------------------------------------
Third, the GAO faulted CBP for providing inadequate information on
how travelers could opt out of facial recognition identity
verification.\46\ CBP's signs mentioned an opt-out but did not describe
what ``alternative procedures'' travelers would have to go through in
lieu of facial recognition.\47\ Throughout its implementation of
Biometric Entry/Exit CBP has provided vague and inconsistent
descriptions of alternative screening procedures. In 2018, EPIC
obtained documents through a FOIA lawsuit revealing that CBP had
developed a detailed opt-out and alternative screening procedure.\48\
But the agency did not describe that procedure to the public.\49\ This
critique echoes the Data Privacy and Integrity Advisory Committee's
report from 2019 which recommended basic improvements to CBP's written
notices to improve readability, ensure adequate time for consideration,
and explain opt-out procedures.\50\ CBP has for years been on notice
that the agency needs to provide and publicize a clear opt-out
procedure, but the agency has failed to do so.
---------------------------------------------------------------------------
\46\ Id. at 41.
\47\ Id.
\48\ U.S. Customs and Border Prot., Traveler Verification Service:
Standard Operating Procedure at 9 (June, 2017), https://epic.org/foia/
dhs/cbp/biometric-entry-exit-alt-screening-procedures/Traveler-
Verification-Service-SOP-June2017.pdf; U.S. Customs and Border Prot.,
Biometric Air Exit: Standard Operating Procedure (Mar. 2019), https://
epic.org/foia/dhs/cbp/biometric-entry-exit-alt-screening-procedures/
Biometric-Air-Exit-SOP-Mar2019.pdf.
\49\ See EPIC v. CBP (Biometric Entry-Exit Alternative Screening
Procedures), https://epic.org/documents/epic-v-cbp-biometric-entry-
exit-alternative-screening-procedures/.
\50\ DHS Data Privacy and Integrity Advisory Committee, Report
2019-01 of the DHS Data Privacy and Integrity Advisory Committee
(DPIAC): Privacy Recommendations in Connection with the Use of Facial
Recognition Technology at 4-5 (Feb. 26, 2019) (hereinafter DPIAC Facial
Recognition Recommendations), https://www.dhs.gov/sites/default/files/
publications/- Report%202019-
01_Use%20of%20Facial%20Recognition%20Technology_02%2026%202019.pdf.
---------------------------------------------------------------------------
Fourth, CBP and its corporate partners routinely failed to post
signs or obscured notices on facial recognition. The GAO observed that
``facial recognition signs were not consistently posted or were posted
in such a way that they were not easily seen by travelers.''\51\ Where
CBP delegates responsibility for posting signs to commercial airlines,
the GAO found that the agency did not enforce or monitor this
requirement.\52\ As a result, required signs are often missing. The GAO
also observed signs that were difficult to read because they were
posted far away from travelers and written in small print.\53\ Facial
recognition notices are also often blocked by other signs so that they
could not be read.\54\ CBP claims that their Biometric Entry/Exit staff
is small, and cannot ensure signs are posted so they rely on local
airport agents.\55\ Yet CBP's airport agents told the GAO that they did
not check signs, and were not required to do so.\56\ CBP has
historically been unable to ensure that travelers receive adequate, or
often any, notice that they can opt out of one of the most invasive
technologies in use today.
---------------------------------------------------------------------------
\51\ GAO Facial Recognition Report at 42.
\52\ Id.
\53\ Id. at 44.
\54\ Id.
\55\ Id. at 43.
\56\ Id.
---------------------------------------------------------------------------
By not providing travelers meaningful notice and the time to
consider their options, the GAO found that CBP has not met its
requirements under the FIPPs of Transparency and Individual
Participation.\57\ While providing notice may not be the strongest step
CBP can take to protect individuals' personally identifiable
information, it is the easiest. If CBP cannot or will not take the
basic steps necessary to provide travelers with adequate notice of
facial recognition, then the agency's ability to provide more
substantive protection is dubious at best.
---------------------------------------------------------------------------
\57\ Id. at 46.
---------------------------------------------------------------------------
CBP's failure to provide notice of its facial recognition policies
has caused real privacy harms. The GAO received reports of incidents of
individuals ``being told by CBP officers and airline agents that opting
out would lead to additional security scrutiny, increased wait times,
and could be grounds to deny boarding.''\58\ Although CBP claims to
provide opt-out procedures which do not inconvenience or prejudice
travelers, the agency is clearly failing to adequately inform its
employees and the general public of these procedures. At every turn,
CBP has failed to adequately implement its opt-out procedures.
---------------------------------------------------------------------------
\58\ GAO Facial Recognition Report at 42; see also Shaw Drake, A
Border Officer Told Me I Couldn't Opt Out of the Face Recognition Scan.
They Were Wrong., ACLU (Dec. 5, 2019), https://www.aclu.org/news/
immigrants-rights/a-border-officer-told-me-i-couldnt-opt-out-of-the-
face-recognition-scan-they-were-wrong/.
---------------------------------------------------------------------------
b. CBP has not performed necessary audits to ensure facial recognition
images are secure
In its review, the GAO found that CBP ``has not audited most of its
partners and has not developed a plan for future audits.''\59\ CBP's
agreements prohibit corporate partners from retaining images for their
own purposes and require partners to expediently delete images, but CBP
does not adequately ensure those contract terms are followed.\60\ CBP
has allowed its partners to use facial recognition technology for
identification since 2017.\61\ It took 3 years for the agency to
perform its first audit of an airline.\62\ As far as I am aware, the
agency still has not audited a cruise line. In that time, over 7
million passengers have submitted to facial recognition by more than 20
airlines and cruise lines.\63\ More than 95 percent of CBP's corporate
partners have never received an audit. The agency has no idea if its
partners are taking individuals' images for their own purposes or
complying with data retention requirements.
---------------------------------------------------------------------------
\59\ Id. at 46.
\60\ Id.
\61\ Id.
\62\ Id.
\63\ Id.
---------------------------------------------------------------------------
The GAO's findings echo DPIAC's findings, in which the committee
stressed that ``it is important to ensure transparency in the process,
strong contractual guidelines, auditing, and rigor in the process of
ensuring the FIPPs are adhered to.''\64\ The DPIAC called for thorough
audits as a necessary step to protect particularly sensitive facial
recognition images.\65\ Yet despite the DPIAC's urgings, CBP has
performed only one audit of its commercial partners and seemingly has
no plan in place for further audits of either its commercial partners
or its contractors. This amounts to willful blindness on the part of
the agency. CBP's failure to perform necessary audits for years
displays a callous disregard for individuals' privacy, even after the
agency suffered a serious data breach of its facial recognition
systems.
---------------------------------------------------------------------------
\64\ DPIAC Facial Recognition Report at 10.
\65\ Id. at 10-12.
---------------------------------------------------------------------------
c. CBP has been unable to safeguard facial recognition images
Recent data breaches and hacks within CBP and across the Federal
Government demonstrate that CBP is incapable of safeguarding sensitive
personal information such as facial recognition images. In 2016 the
U.S. Government Accountability Office warned that ``[c]yber-based
intrusions and attacks on Federal systems have become not only more
numerous and diverse but also more damaging and disruptive.''\66\ The
GAO called on DHS to enhance cybersecurity protection in key areas
including intrusion detection and prevention. At the time DHS had not
even put in place an adequate process for sharing information on
intrusions and potential malicious activity.\67\ Since that time DHS
and its subcomponents have not shown that they are capable of
adequately safeguarding personally identifiable information,
particularly biometric data.
---------------------------------------------------------------------------
\66\ U.S. Gov't Accountability Office, DHS Needs to Enhance
Capabilities, Improve Planning, and Support Greater Adoption of Its
National Cybersecurity Protection System (Jan. 2016), https://
www.gao.gov/assets/680/674829.pdf.
\67\ Id. at 27.
---------------------------------------------------------------------------
In 2019 a data breach at CBP subcontractor Perceptics, LLC exposed
approximately 184,000 images of travelers from a CBP Biometric Entry/
Exit pilot.\68\ Perceptics staff were able to violate several DHS
security and privacy protocols to download the images used for facial
recognition without CBP's IT security controls preventing the
unauthorized action or sounding an alarm.\69\ When Perceptics, LLC was
subsequently hacked, outside agents had access to those 184,000 images
and an additional 105,000 license plate images.\70\ At least 19 facial
recognition images were released on the dark web.\71\ DHS's Office of
the Inspector General found that, ``Perceptics was able to make
unauthorized use of CBP's biometric data, in part because CBP did not
implement all available IT security controls, including an acknowledged
best practice.''\72\ OIG concluded that CBP ``[d]id not adequately
fulfill its responsibilities for IT security''.\73\
---------------------------------------------------------------------------
\68\ Joseph Cuffari, Review of CBP's Major Cybersecurity Incident
During a 2019 Biometric Pilot, Dep't of Homeland Sec. Off. of Inspector
Gen. (Sept. 21, 2020), https://www.oig.dhs.gov/sites/default/files/
assets/2020-09/OIG-20-71-Sep20.pdf.
\69\ Id. at 6.
\70\ Id. at 8.
\71\ Id. at 13.
\72\ Id. at 12.
\73\ Id.
---------------------------------------------------------------------------
Data breaches are common across the Federal Government--often
exposing the PII of millions to exploitation and abuse. But data that
is never collected in the first place is not at risk of breach. CBP
should not unnecessarily collect sensitive personally identifiable
information on millions of travelers when the agency cannot even
protect the data it currently holds.
vi. the expansion of cbp's biometric entry-exit program creates a
powerful and dangerous tool of surveillance for the federal government
Through the Biometric Entry-Exit program, CBP can access millions
of photos of U.S. citizens through the State Department. Additionally,
DHS retains millions of photos in its IDENT database that are
accessible to CBP. As part of the Biometric Entry-Exit system, CBP has
created a cloud-based facial recognition system that allows the agency
to easily connect the system to its own cameras or the cameras of its
partners to perform facial identification. One of the main reasons CBP
chose to use facial recognition is that the images were easy to obtain
and facial recognition technology is easy to apply to existing systems.
The result is an expansion of an infrastructure that could easily be
used for mass surveillance and/or a universal digital ID controlled by
the Government.
a. CBP's Biometric Entry-Exit program creates a ubiquitous, universal
ID controlled by the Government
The continued use of facial recognition identification through
CBP's Biometric Entry-Exit program puts the United States on a path
toward a ubiquitous and universal form of identification that will
destroy anonymity and give the Government complete control over
identification. No longer will an individual have any control over
their identification and have choice when to identify themselves or
not. A facial recognition identification system leveraging hundreds of
millions of photos held by the Government will give CBP and other
Government agencies the power to identify individuals whether or not
that individual consents and regardless if the Government has
legitimate grounds for wanting to identify the individual. And there
will be little recourse.
Our face's geometry that is used to create the face prints for
facial recognition is unique to each person and for the most part can't
be changed. And unlike other forms of biometric recognition or identity
verification, facial recognition can easily be applied covertly, from a
distance, and without our consent or knowledge. Because our faces are
generally exposed and photographs are required for Government
identifications like passports, it is virtually impossible to insulate
ourselves from facial recognition technology. Once the Government has a
person's faceprint, it creates a unique risk of unprecedented and
persistent surveillance--one that allows the Government to identify and
track people without their knowledge.
b. Unless regulations are put in place to limit the Biometric Entry-
Exit system, it will continue to expand beyond its original,
claimed purpose
The current lack of regulation of biometrics and the associated
technologies, particularly facial recognition technology, means there
are little to no barriers to the continued expansion beyond the
original purpose of the facial recognition identification system used
for the Biometric Entry-Exit program. The Biometric Entry-Exit program
itself demonstrates how the lack of regulation of biometrics has
allowed the Government to use biometrics as it sees fit. Without
consent or notice and a general lack of transparency at the beginning,
CBP was able to obtain access to the millions of passport photos held
by the State Department. CBP regular takes these photos to create
biometric templates to use as part of their facial recognition
identification system. There is no way to opt out of having your photo
used this way and no one agreed to this.
Furthermore, the Biometric Entry-Exit program has continued to
expand beyond its claimed original purpose to address visa overstays.
CBP has made clear that it intends to expand the use of TVS, the
backbone of its facial recognition identification system, for things
like checking in for a flight. In a document obtained by EPIC through
the Freedom of Information act, CBP described an airport process where
every step from dropping off baggage, moving through TSA checkpoints,
and boarding planes is mediated by facial recognition scans.\74\
Additionally, FOIA documents obtained by EPIC show that other
subcomponents of DHS, including Immigration and Customs Enforcement,
the United States Secret Service, and the United States Coast Guard,
will be able to leverage CBPs facial recognition identification system
for their own mission operations.\75\ There is no regulation is place
that would stop CBP from continuing to expand access to its facial
recognition identification system and leverage it for additional
purposes.
---------------------------------------------------------------------------
\74\ Dep't. of Homeland Security, Biometric Pathway: Transforming
Air Travel (Dec. 1, 2016), available at https://epic.org/wp-content/
uploads/foia/dhs/cbp/biometric-entry-exit/Biometric-Pathway.pdf.
\75\ Dep't of Homeland Security, Capability Analysis Study Plan for
Biometric Entry-Exit (Jan. 23, 2017), available at https://epic.org/wp-
content/uploads/foia/dhs/cbp/biometric-entry-exit/Capability-Analysis-
Study-Plan.pdf.
---------------------------------------------------------------------------
vii. cbp's other uses of facial recognition technology
It is worth noting that the Traveler Verification Service used as
part of the Biometric Entry-Exit program is not the only CBP-owned
facial recognition system. According to a GAO report, CBP's Automated
Targeting System (ATS) is another system that incorporates facial
recognition technology.\76\ ATS has over 15 million photos in its
database, including passport photos and State identification
photos.\77\ The ATS facial recognition system is used on individuals
who: (1) Want to enter or exit the United States; (2) apply to CBP
programs to travel to United States; or (3) are ``subjects of interest
who require additional research and analysis.''\78\ It is not clear who
falls under this third category.
---------------------------------------------------------------------------
\76\ Government Accountability Office, Facial Recognition
Technology: Federal Law Enforcement Agencies Should Better Assess
Privacy and Other Risks, 50 (June 2021), https://www.gao.gov/assets/
gao-21-518.pdf.
\77\ Id. at 50.
\78\ Id. at 50.
---------------------------------------------------------------------------
Additionally, CBP has used facial recognition systems ``owned by
Federal, State, local, and non-Governmental entities.''\79\ We know
that at least one of the non-Governmental entities is Clearview AI.
According to reporting, CBP had close to 280 Clearview accounts
registered that ran nearly 7,500 searches.\80\ Clearview AI is one of
the most controversial and dangerous implementations of facial
recognition technology. Clearview secretly scraped billions of images
from social media and other websites to create a massive biometric
database.\81\
---------------------------------------------------------------------------
\79\ Id. at 48.
\80\ Ryan Mac, Caroline Haskins, and Logan McDonald, Clearview's
Facial Recognition App Has Been Used By The Justice Department, ICE,
Macy's, Walmart, And The NBA, Buzzfeed News (Feb. 27, 2020), https://
www.buzzfeednews.com/article/ryanmac/clearview-ai-fbi-ice-global-law-
enforcement.
\81\ Kashmir Hill, The Secretive Company that Might End Privacy as
We Know It, N.Y. Times (Jan. 18, 2020), https://www.nytimes.com/2020/
01/18/technology/clearview-privacy-facial-recognition.html.
---------------------------------------------------------------------------
viii. recommendations
The safest and best thing for CBP to do would be for the agency to
voluntarily cease using facial recognition technology. This would
eliminate the risk of CBP's facial recognition infrastructure being
used for more pervasive surveillance or as a ubiquitous identification
system.
But Congress should also act. Though I recognize it has not been
referred to this committee, EPIC recommends that Congress enact H.R.
3907, the Facial Recognition and Biometric Technology Moratorium Act of
2021.\82\ This bill would generally prohibit the use of facial
recognition technology by CBP and other Federal agencies except for
instances where Congress has explicitly authorized the use of the
technology and provided robust protections. The Act would ensure there
are protections against racial and gender bias and for privacy and
First Amendment-protected rights. The Act would implement strong
auditing and accountability requirements. In short, the Act would
guarantee the type of protections that are currently lacking in CBP's
use of facial recognition technology and force Congress to carefully
consider if CBP should implement facial recognition technology, and if
so, how.
---------------------------------------------------------------------------
\82\ H.R. 3907, 117th Cong. (2021) (the Facial Recognition and
Biometric Technology Moratorium Act of 2021 prohibits Federal agencies
from using biometric surveillance systems without explicit
authorization from Congress.)
---------------------------------------------------------------------------
At minimum, Congress should put in place the following requirements
for CPB's use of facial recognition technology:
The use of a one-to-one facial recognition identification
system that does not require a database or connection to the
cloud;\83\
---------------------------------------------------------------------------
\83\ CBP has successfully tested the use of one-to-one facial
recognition systems. A one-to-one system does not require a massive
biometric database and virtually eliminates data breach risks and
chance of that the system will be used beyond the original purpose.
---------------------------------------------------------------------------
A prohibition on the use of facial recognition services
(e.g. Clearview) provided by third parties;
Prohibit CBP or other components of DHS or other law
enforcement entities from using CBP's facial recognition system
for generalized investigative leads;
Require CBP to only use its facial recognition system for
identity verification as part of the Biometric Entry-Exit
program and prohibit any other uses; and
Require annual audits of CBP facial recognition system from
an independent third party.
If the Biometric Entry Exit program is to remain in operation,
these safeguards are critical to protect civil liberties, civil rights,
and the security of sensitive biometric data.
ix. conclusion
Facial recognition technology is a growing threat to our privacy,
our civil liberties, and to our democratic values. EPIC urges Congress
to address this technology in a meaningful way.
Thank you for the opportunity to testify today.
Chairwoman Barragan. Thank you for your testimony. I now
would recognize Dr. Nicol Turner Lee to summarize her statement
for 5 minutes.
STATEMENT OF NICOL TURNER LEE, PH D, DIRECTOR, THE CENTER FOR
TECHNOLOGY INNOVATION (CTI), THE BROOKINGS INSTITUTION
Ms. Turner Lee. Thank you, Chairwoman Barragan, Ranking
Member Higgins, and distinguished Members of the House
subcommittee. Thank you for this invitation to testify on the
misuse of facial recognition by U.S. Customs and Border Patrol
where I intend to center my concerns around diversity, equity,
and transparency over how this technology is applied in various
contexts. The Brookings Institution, with a history of a
hundred years, is committed to evidence-based, nonpartisan
research in a variety of focus areas.
The adoption and use of facial recognition by CBP has not
come without challenges, largely because wide-spread micro
surveillance in general has disproportionately hurt
marginalized communities. Technology, the facial recognition
technology, creates a privacy and bias concerns.
On a more general case, in 2021, a Black Michigan man sued
the Detroit police for wrongfully arresting him as a
shoplifting suspect after he was misidentified by facial
recognition software. He was detained for hours and found
innocent after not being the Black gentlemen in the grainy
image whose face was clearly obstructed by personal effects.
Robert Williams is not alone is this less than optimal and
accurate application of facial recognition. The New York Times
has identified three instances which technology has led to the
wrongful arrest of other Black men, which has been a likely
occurrence to the misidentification, the technical inaccuracies
when it comes to Black and Brown faces. Extensive research has
also continuously pointed out that there is not the type of
technical scrutiny needed to actually engage in more diversity,
equity, and inclusion in these technologies.
With that, despite the tradeoffs that the agency has with
regards to the efficiencies and effectiveness of processing
travelers, it is important that it is not presumptuous in the
regards to whether or not there is equity, diversity, and
inclusion in the technical application as well as the
sociological implications of the technology's use.
With that, I will read my testimony with recommendations to
put before this committee as we consider appropriate use.
First, the agency must ensure transparency among travelers
and other consumers subjected to face detection and
recognition. As of now, while U.S. citizens can ensure that
non-facial recognition identification information is properly
stored and curated by the Department of Homeland Security,
foreign nationals: not so much. We need to ensure that there is
the same treatment of personally identifiable information with
legal access and ability to amend those identification records,
particularly our biometric data. We also need to ensure that
CBP actually posts consistent messaging, informing all
travelers of their rights when they are subjected to this
technology.
Second, it is important to constantly optimize the
technology with diversity, equity, and inclusion. The case of
the gentleman in Detroit and countless other cases suggest that
when this technology is applied in cases where it actually
makes important eligibility determinations it has to be right.
Government has been partnering with private-sector companies,
such as Clearview and Vigilant, that implement facial
recognition technology, but may not have these products reflect
the lived experiences of the citizens that engage the product,
meaning we need more diversity in Government as well as in the
private sector to ensure that the empathy and technical agility
to move across contexts that require a design, development, and
deployment are representatives of other populations.
We also need to be aware that discrimination strategies--or
antidiscrimination strategies for bias-mitigation be present
when they are sold and procured by agencies like Customs and
Border Patrol.
Third, we need to ensure and encourage wide-spread training
for CBP professionals. The implementation and operation of
facial recognition technology is done by human agents. However,
a post-GAO report found that those agents did not have adequate
training on what to do when the facial recognition does not
work on a certain traveler or proper instruction on what to
happen when a match is not found. Agents stationed at airports
to assist travelers with the use of facial recognition should
be adequately and constantly trained in understanding its
limitations and biases and have an alternate strategy for
processing.
Four, and my final recommendation, is that CBP should
impose additional guardrails in instances where civil and human
rights risk being violated. On my recent return from Berlin,
Germany, I used facial recognition to bypass a long security
line check. And though I was able to make my connecting flight,
the trade-off is that I had no idea where my data was being
collected, stored, and the potential for me to be denied entry
as a result of the implicit and explicit biases that may have
been apparent in the actual agent.
Members of Congress, for the agency to avoid front-page
headlines it must encourage a constant interrogation of facial
recognition, independent auditing, and think about those use
cases where civil rights and human rights can be violated.
Convenience should not be a trade-off for those important and
critical aspects of our citizenry as travelers.
Thank you and I look forward to your questions for the
remainder of this hearing.
[The prepared statement of Ms. Turner Lee follows:]
Prepared Statement of Nicol Turner Lee
July 27, 2022
Chairwoman Barragan, Ranking Member Higgins, and distinguished
Members on the House Subcommittee on Border Security, Facilitation, &
Operations, thank you for the invitation to testify as part of today's
hearing on the use of facial recognition technology by the U.S. Customs
and Border Protection (CBP), where I intend to center my concerns
around diversity, equity, and transparency over how this technology is
applied in various contexts. I am Dr. Nicol Turner Lee, senior fellow
of governance studies, and director of the Center for Technology
Innovation at the Brookings Institution. With a history of over 100
years, Brookings is committed to evidenced-based, nonpartisan research
in a range of focus areas. My research encompasses data collection and
analysis around regulatory and legislative policies that govern
telecommunications and high-tech industries, along with the impacts of
broadband access, the digital divide, artificial intelligence, and
machine-learning algorithms on vulnerable consumers. My forthcoming
book, Digitally invisible: How the internet is creating the new
underclass (Brookings, 2022), addresses these topics and more. Today, I
come before you with my own opinions.
cbp and emerging technological adoption and use
As an agency, CBP is primarily responsible for border management
and control. Responsibilities also lie around matters of custom and
immigration, and the required verification of identities of travelers
coming in and out of the United States. In 2013, CBP received funding
to improve biometric identification and with that, moved to adopt
facial recognition technology (FRT) to streamline existing matching
processes, with the aim of modernizing and increasing efficiency for
travelers and the Federal Government ``without sacrificing safety and
security by reducing the reliance on manual identity verification
processes.''\1\
---------------------------------------------------------------------------
\1\ U.S. Department of Homeland Security. ``Transportation Security
Administration and U.S. Customs and Border Protection: Deployment of
Biometric Technologies Report to Congress.'' August 30, 2019. https://
www.tsa.gov/sites/default/files/biometricsreport.pdf.
---------------------------------------------------------------------------
Since its inception, CBP has been transparent in their adoption and
use of facial recognition technologies as part of their National
security efforts. Generally, the agency uses face detection and facial
recognition technologies to confirm the identities of domestic and
foreign travelers at Ports of Entry (POEs) for land, air, and sea
borders. Over 187 million travelers have undergone such biometric
screenings since its inception.\2\ For air POEs, usually airports, CBP
uses two processes, Simplified Arrival, for travelers entering the
United States, and air exit, the program for travelers departing from
the country.\3\ As of December 2019, the CBP has spent $1.241 billion
in the rollout of facial recognition technology, which is also referred
to as ``Biometric Facial Comparison Technology.''\4\
---------------------------------------------------------------------------
\2\ U.S. Customs and Border Protection. ``CBP, Carnival Cruise Line
introduces facial biometrics at Port of Baltimore.'' July 18, 2022.
https://www.cbp.gov/newsroom/local-media-release/cbp-carnival-cruise-
line-introduces-facial-biometrics-port-baltimore.
\3\ Department of Homeland Security Office of Inspector General.
CBP Complied with Facial Recognition Policies to Identify International
Travelers at Airports, OIG-22-48. (Washington, DC, 2022). https://
www.oig.dhs.gov/sites/default/files/assets/2022-07/OIG-22-48-
July22.pdf.
\4\ U.S. Customs and Border Protection. ``Biometrics.'' Accessed
July 21, 2022. https://biometrics.cbp.gov/.
---------------------------------------------------------------------------
However, the wide-spread adoption and use of FRT by CBP has not
come without challenges. For my testimony, I focus on the intended and
unintended consequences of FRT, and its implications for human rights
and civil liberties that the agency should further consider as it
expands these programs. In the spirit of common language before
Congress and my fellow witnesses today, I define facial recognition
technologies in accordance with the National Institute for Science and
Technology, whose focus is on the comparison of ``an individual's
facial features to available images for verification or identification
purposes.\5\ I will offer three points in my statement regarding: (1)
The general efficacy and accuracy of facial recognition technologies
among diverse populations; (2) the sociological implications and trade-
offs imposed on consumers when applied in commercial and public safety
contexts; and (3) recommendations on what Congress and other policy
makers can do to make these systems more fair, equitable, and
responsible in the public safety/National security contexts. Taken
together, these aspects of my testimony can help facilitate improved
dialogs on how to make FRT more diverse, equitable, and fair,
especially among subjects that are already over-surveilled due to their
racial and ethnic differences, and other cultural stereotypes.
---------------------------------------------------------------------------
\5\ NIST. ``Facial Recognition Technology (FRT)''. February 6,
2020. https://www.nist.gov/speech-testimony/facial-recognition-
technology-frt-0#:?:text=Face%20analysis%20technology%20-
aims%20to,for%20verification%20or%20identification%20purposes.
---------------------------------------------------------------------------
the accuracy of facial recognition technologies
Wide-spread and micro-surveillance has disproportionately hurt
marginalized communities in the past, and facial recognition technology
creates a range of privacy and bias concerns.\6\ In 2021, a Black
Michigan man sued the Detroit police for wrongfully arresting him as a
shoplifting suspect, after he was misidentified by the facial
recognition software used.\7\ After being detained for hours, he was
found innocent after not being the Black gentleman in the grainy image,
whose face was clearly obstructed by some personal effects. Robert
Williams, a 43-year-old father of two, sued the Detroit Police after
this wrongful arrest in 2021, 1 year after the city approved a contract
to extend its use of facial recognition software despite the
misidentification of Black people. Williams is not alone in the less-
than-optimal and accurate application of FRT. The New York Times
identified three instances in which facial recognition technology have
led to the wrongful arrests of other Black men--although the real
number is likely much higher because some States do not require law
enforcement to disclose when facial recognition technology is used to
identify a suspect.\8\ Such accounts of the misidentification of Black
people by FRT have become more normalized. In its early stages of
development, Rekognition, Amazon's facial recognition tool, falsely
matched 28 Members of Congress to mug shots. While people of color made
up only 20 percent of Congress at the same, they made up 40 percent of
representatives that Rekognition falsely matched.\9\ In response to
these recurring failures, the ACLU quickly echoed concerns over its
use, arguing that facial recognition technology has misidentified
people of color in a range of application contexts, while placing civil
liberties at risk by undermining citizen privacy.\10\
---------------------------------------------------------------------------
\6\ Turner Lee, Nicol and Caitlin Chin. ``Police Surveillance and
Facial Recognition: Why Data Privacy Is Imperative for Communities of
Color.'' Brookings, April 7, 2022. https://www.brookings.edu/research/
police-surveillance-and-facial-recognition-why-data-privacy-is-an-
imperative-for-communities-of-color/.
\7\ Harwell, Drew. ``Wrongfully arrested man sues Detroit police
over false facial recognition match.'' The Washington Post, April 13,
2021. https://www.washingtonpost.com/technology/2021/04/13/facial-
recognition-false-arrest-lawsuit/.
\8\ Hill, Kashmir (2020). Another arrest, and jail time, due to a
bad facial recognition match. The New York Times, December 29. https://
www.nytimes.com/2020/12/29/technology/facial-recognition-misidentify-
jail.html; Valentino-DeVries, J. (2020, January 12). How the Police Use
Facial Recognition, and Where It Falls Short. The New York Times.
https://www.nytimes.com/2020/01/12/technology/facial-recognition-
police.html.
\9\ Mak, Aaron. ``Amazon's Facial Recognition Tool Screwed Up,
Matched 28 Members of Congress to Mug Shots.'' Slate Magazine, July 26,
2018. https://slate.com/technology/2018/07/amazon-face-matching-
technology-misidentified-28-members-of-congress-as-criminals.html.
\10\ Ruane, Kate. ``Biden Must Halt Face Recognition Technology to
Advance Racial Equity/News & Commentary.'' American Civil Liberties
Union, February 17, 2021. https://www.aclu.org/news/privacy-technology/
biden-must-halt-face-recognition-technology-to-advance-racial-equity.
---------------------------------------------------------------------------
Extensive technical research and documentation have continuously
pointed out the inefficiencies and inaccuracies of FRT when used to
detect the biometric attributes of some diverse populations. For
example, when used on women and historically marginalized communities,
the results can be alarming. In February 2018, MIT, and then-Microsoft
researchers Joy Buolamwini and Timnit Gebru published analyses of three
commercial algorithms developed by Microsoft, Face++, and IBM. Their
study found that images of women with darker skin had misclassification
rates of 20.8 percent to 34.7 percent, compared to error rates of 0.0
percent-0.8 percent for men with lighter skin.\11\ The researchers also
noted biases perpetuated by training datasets, which disproportionately
contained more lighter skinned individuals. 53.6 percent of the Adience
dataset, 79.6 percent of the IJB-A dataset and 86.2 percent of the PBB
datasets respectively consisted of lighter-skinned individuals.\12\
---------------------------------------------------------------------------
\11\ Hill, Kashmir. ``Another Arrest, and Jail Time, Due to a Bad
Facial Recognition Match.'' The New York Times, December 29, 2020.
https://www.nytimes.com/2020/12/29/technology/facial-recognition-
misidentify-jail.html.
\12\ Buolamwini, Joy and Timnit Gebru. ``Gender Shades:
Intersectional Accuracy Disparities in Commercial Gender
Classification.'' Proceedings of the 1st Conference on fairness,
accountability and transparency: PMLR 81:77-91, 2018. https://
proceedings.mlr.press/v81/buolamwini18a.html.
---------------------------------------------------------------------------
The National Institute of Standards and Technology (NIST), the
agency responsible for testing FRT before market use, have also shown
in recent assessments that with perfect lighting conditions, a fully
cooperative subject, and no variation in the kind of camera used, some
of the most advanced one-to-many FRT algorithms can exceed 99.5 percent
accuracy when used for positive face matches. That is, when presented
with multiple images of simulated passengers, at least 18 differently-
studied algorithms could identify 99.5 percent of passengers accurately
with a single presentation to the camera; results when the database
only contained a single image of simulated passengers were less robust
but still impressive, with 6 algorithms managing to meet or exceed the
99.5 percent accuracy threshold.\13\
---------------------------------------------------------------------------
\13\ ``NIST Evaluates Face Recognition Software's Accuracy for
Flight Boarding.'' NIST, July 13, 2021. https://www.nist.gov/news-
events/news/2021/07/nist-evaluates-face-recognition-softwares-accuracy-
flight-boarding.
---------------------------------------------------------------------------
While less favorable conditions for FRT use yield less reliable
results, the general concern should be that FRT is not fully optimized
for diversity, and equity in terms of highly representative and fair
samples of subjects, particularly those from diverse backgrounds.
Further, FRT can be both underwhelming and inconsistent, causing havoc
to both subjects and the users of the said technology, like Robert
Williams and the police officers that expressed a high level of
certainty in his arrest.
It has been argued that CBP's use of facial recognition software
has undergone greater technical scrutiny to reduce the possibility of
identification and matching for travelers. Yet, it is presumptuous to
assume that the technology does not harness some of the same adverse
effects, including those that disproportionately deny or detain
travelers whose photos may be more difficult to discern, or whose
demographic backgrounds may elicit both implicit or explicit biases
when it comes to National security and border control.
While more than not, CBP FRT has been highly and strictly
scrutinized on the technical levels, it does not suggest that the
sociological implications of such data mining systems have been fully
interrogated, leaving certain individuals more subject to greater
surveillance and screening. The next section outlines use cases in
policing, benefits eligibility, and education where FRT use has
resulted in a series of intended and unintended consequences for
consumers, which should advise CBP on its agency's own attempts for
more diversity, equity, and accountability among its FRT systems.
Policing and law enforcement
In 2016, the Georgetown Law Center on Privacy and Technology found
that law enforcement agencies across the United States have access to
facial image databases encompassing over 117 million Americans, or over
one-half of all American adults. They also concluded that one-quarter
of all local and State police departments had the ability to run facial
recognition searches despite facial recognition software demonstrating
clear algorithmic bias.\14\ As mentioned before, errors within facial
recognition technology have led to multiple wrongful arrests of Blacks
and even Hispanic populations as law enforcement becomes more dependent
on these technologies in criminal instances and cases. In New York
City, the number of arrests rose as more police officers used FRT--more
than 2,800 arrests were made between 2011 and 2017, according to a 2019
Georgetown report.\15\ From a societal perspective, higher arrest rates
are normalized in Black and Hispanic communities due to more structural
stigmas associated with these populations, resulting in the over-
representation of their faces in law enforcement databases.\16\ The
National Association for the Advancement of Colored People (NAACP)
reports that Black individuals are five times more likely than white
individuals to be stopped by police officers in the United States, and
that Black and Latino individuals comprise 56 percent of the U.S.
incarcerated population but only 32 percent of the overall U.S.
population.\17\ This means that not only are police officers more
likely to employ surveillance or facial recognition programs to compare
images of Black and Latino individuals, but that mugshot images or
arrest records of Black and Latino individuals are more likely to be
stored in these databases in the first place. These two problems
exacerbate existing patterns of racial inequity in policing.\18\
---------------------------------------------------------------------------
\14\ Garvie, C., Bedoya, A., & Frankle, J. (2016). Perpetual line
up. Georgetown Law Center on Privacy and Technology, October 18.
https://www.perpetuallineup.org/background.
\15\ Johnson, Khari, March 7, 2022. The Hidden Role of Facial
Recognition Tech in Many Arrests. Wired Magazine, https://
www.wired.com/story/hidden-role-facial-recognition-tech-arrests. See
also, Garve, Clare, May 16, 2019. Garbage In and Garbage Out.
Georgetown Law, Center on Privacy and Technology, https://
www.flawedfacedata.com/#footnoterf49_ztly3aq.
\16\ Jennifer Lynch, ``Face Off: Law Enforcement Use of Face
Recognition Technology,'' Electronic Frontier Foundation, February 12,
2018, https://www.eff.org/wp/law-enforcement-use-face-recognition.
\17\ ``Criminal Justice Fact Sheet,'' NAACP, May 24, 2021, https://
naacp.org/resources/criminal-justice-fact-sheet.
\18\ Laura Moy, ``A Taxonomy of Police Technology's Racial Inequity
Problems,'' U. Ill. L. Rev. 139 (2021), http://dx.doi.org/10.2139/
ssrn.3340898.
---------------------------------------------------------------------------
Public Benefit Identity Verification
Increasingly, States have also incorporated the use of facial
recognition into identifying individuals' identities for the purposes
of unemployment verification and accessing other social benefits.
During the onset of the COVID-19 pandemic, many States moved to
automate fraud detection as they were flooded with unemployment claims.
In March 2020, 27 States entered contracts with ID.me, a private sector
firm, to provide identity authentication through its facial
verification software.\19\ The use of this software proved
controversial after the Internal Revenue Service discontinued its use
for tax returns and processing.\20\ The State of Florida used FRT for
unemployment verification--only to discover that older women and people
of color were disproportionately more likely to encounter issues when
using ID.me.\21\ When facial verification failed, people would have to
have a video call with a staff from ID.me. That involved waiting on the
phone for more than 6 hours in the past, though the wait time had been
reduced to 2 hours more recently.\22\ Despite these flaws and other
privacy issues, Florida and other States continue to use ID.me for
benefits verification.\23\
---------------------------------------------------------------------------
\19\ Metz, R. (2021). Want your unemployment benefits? You may have
to submit to facial recognition first. CNN, July 23. https://
www.msn.com/en-us/news/us/half-of-us-states-are-now-using-facial-
recognition-software-from-this-little-known-company-to-vet-
unemployment-claims/ar-AAMtC1Y?ocid=msedgntp.
\20\ Picchi, A., & Ivanova, I. (2022). ID.me says users can delete
selfies following IRS backlash. CBS, February 9. https://
www.cbsnews.com/news/irs-id-me-delete-facial-recognition-tax-returns-
backlash/.
\21\ Kylie McGivern, ``Facial Recognition Blocks Legitimate
Applicants from Unemployment Benefits,'' ABC Action News, June 11,
2021, https://www.abcactionnews.com/news/local-news/i-team-
investigates/facial-recognition-meant-to-stop-unemployment-fraud-is-
blocking-legitimate-applicants.
\22\ Kylie McGivern, ``Facial Recognition Blocks Legitimate
Applicants from Unemployment Benefits,'' ABC Action News, June 11,
2021, https://www.abcactionnews.com/news/local-news/i-team-
investigates/facial-recognition-meant-to-stop-unemployment-fraud-is-
blocking-legitimate-applicants.
\23\ Hurtibise, Ron, May 9, 2022. Florida continues to require
identity verification with ID.me, Governing, https://www.governing.com/
security/florida-continues-to-require-identity-verification-with-id-me.
---------------------------------------------------------------------------
Education
With the pandemic came the rise of on-line teaching and test
proctoring. Such education software used FRT to help teachers monitor
students and their behavior. However, racial biases in the software
impacted this realm, making it more difficult for students of color to
access these services. An investigation by Verge investigated
Proctorio, failed to recognize Black faces more than half the time and
failed to recognize faces of any ethnicity 25 percent of the time.
Students of color using the software were unable to make the software
detect their faces, and sometimes had to resort to measures such as
shining flashlights on their faces to make themselves detectable.\24\
---------------------------------------------------------------------------
\24\ Mitchell Clark, ``Students of Color Are Getting Flagged to
Their Teachers Because Testing Software Can't See Them,'' The Verge,
April 8, 2021, https://www.theverge.com/2021/4/8/22374386/proctorio-
racial-bias-issues-opencv-facial-detection-schools-tests-remote-
learning.
---------------------------------------------------------------------------
we need a more diverse and equitable frt ecosystem
Proponents of facial recognition use, and commercial actors argue
the accuracy of facial recognition had grown over the years and had
improved in their detection of women and Black and Brown people.
Certainly, the best programs have identification rates in the high
90's. ID.me, which I previously mentioned in the determination of
public benefit eligibility, touts a 95 percent success rate. However,
that still means that 5 percent is failing. And of that 5 percent, a
disproportionate number of them are women and people of color who have
unequal access to these services. More must be done to improve the use
of facial recognition technology to be optimal for all groups and
applied contexts.
These and other examples of the ineffectiveness of facial
recognition on darker skin tones point to the technical inefficiencies,
which should also assert its lack of confidence when it comes to
correctly identifying people traveling in and outside of U.S. borders.
Such examples suggest that facial recognition technologies when applied
in less-simulated, real-world contexts rarely have such a perfect
confluence of conditions, leading to demonstrably lower accuracy
rates.\25\ In fact, standardization of photo conditions is an on-going
topic of research, but real-world concerns remain.\26\
---------------------------------------------------------------------------
\25\ West, Darrell M. ``10 Actions That Will Protect People from
Facial Recognition Software.'' Brookings, October 31, 2019. https://
www.brookings.edu/research/10-actions-that-will-protect-people-from-
facial-recognition-software/; Government Accountability Office. Facial
Recognition, CBP and TSA are Taking Steps to Implement Programs, but
CBP Should Address Privacy and System Performance Issues, GAO-20-568.
(Washington, DC, 2020), https://www.gao.gov/assets/gao-20-568.pdf.
\26\ Grother, Patrick. ``Face Standardization, Improving Face
Recognition Via Specification of Images, Measurements on Images,
Cameras.'' IFPC 2020, October 28, 2020. https://pages.nist.gov/ifpc/
2020/presentations/2b_grother_quality.pdf.
---------------------------------------------------------------------------
Further, it is widely established in a wide body of independent
scholarship from researchers, including a recent study from NIST
itself, that facial recognition technologies also have differential
false negative and false positive rates across a variety of different
demographics, including across race and gender.\27\ As the recent 2019
NIST report shows, this happens both in one-to-one and one-to-many FRT
matching; researchers reported that ``demographic differentials present
in one-to-one verification algorithms are usually, but not always,
present in one-to-many search algorithms.''\28\
---------------------------------------------------------------------------
\27\ Buolamwini, Joy and Timnit Gebru. ``Gender Shades:
Intersectional Accuracy Disparities in Commercial Gender
Classification.'' Proceedings of the 1st Conference on fairness,
accountability and transparency: PMLR 81:77-91, 2018. https://
proceedings.mlr.press/v81/buolamwini18a.html. Hachim El Khiyari and
Harry Wechsler, ``Face Verification Subject to Varying (Age, Ethnicity,
and Gender) Demographics Using Deep Learning,'' Journal of Biometrics &
Biostatistics 7, no. 4 (2016): 1-5, https://doi.org/10.4172/2155-
6180.1000323. Patrick J. Grother, George W. Quinn, and P.J. Phillips,
``Report on the Evaluation of 2D Still-Image Face Recognition
Algorithms,'' NIST, June 17, 2010, https://www.nist.gov/publications/
report-evaluation-2d-still-image-face-recognition-algorithms.
\28\ Patrick J. Grother, Mei L. Ngan, and Kayee K. Hanaoka, ``Face
Recognition Vendor Test Part 3: Demographic Effects,'' NIST, December
19, 2019, https://www.nist.gov/publications/face-recognition-vendor-
test-part-3-demographic-effects.
---------------------------------------------------------------------------
the impact of having the wrong result(s)
Negative effects of FRT have strong effects on historically
marginalized communities.\29\ For example, the NIST research team found
higher rates of false positives for Black women, particularly in one-
to-many matching. This is ``particularly important,'' the NIST report
noted, because the consequences of such higher rates of false positives
``could include false accusations.''\30\ The research also determined
that false positives, particularly in one-to-one matching, were between
2 and 5 times highest in women than men (varying by age, race, and
algorithm used), and were higher in the elderly and children. NIST
additionally reiterated a 2011 finding that the location of a developer
was often a proxy for the race demographics of the data used in
training.
---------------------------------------------------------------------------
\29\ Kashmir Hill, ``Another Arrest, and Jail Time, Due to a Bad
Facial Recognition Match,'' The New York Times, December 29, 2020, sec.
Technology, https://www.nytimes.com/2020/12/29/technology/facial-
recognition-misidentify-jail.html.
\30\ ``NIST Study Evaluates Effects of Race, Age, Sex on Face
Recognition Software,'' NIST, December 19, 2019, https://www.nist.gov/
news-events/news/2019/12/nist-study-evaluates-effects-race-age-sex-
face-recognition-software.
---------------------------------------------------------------------------
False negatives (not finding a match to a true photo) had similar
demographic differentials concerns in both one-to-one and one-to-many
matching. These were also highest among Asian and American Indian
individuals, and lowest in Black faces. Additionally, picture quality
also plays a strong role--lower-quality images had significantly higher
false negative rates than high-quality photos in good lighting, both as
a reference image and to match against. The researchers note that these
false negatives can often be remedied by taking a second picture, but
this of course requires a fully cooperative subject--something not
always possible with individuals intentionally attempting to deceive
officials, including at the border.\31\
---------------------------------------------------------------------------
\31\ ``NIST Study Evaluates Effects of Race, Age, Sex on Face
Recognition Software,'' NIST, December 19, 2019, https://www.nist.gov/
news-events/news/2019/12/nist-study-evaluates-effects-race-age-sex-
face-recognition-software.
---------------------------------------------------------------------------
Anecdotal evidence of facial recognition errors highlights further
evidence in discrimination. In 2015, Google apologized for mislabeling
a picture of African American as gorillas.\32\ In 2021, Facebook's AI
categorized a video about Black men as ``primates''.\33\
---------------------------------------------------------------------------
\32\ Conor Dougherty, ``Google Photos Mistakenly Labels Black
People `Gorillas,' '' Bits Blog, 1435791672, https://
archive.nytimes.com/bits.blogs.nytimes.com/2015/07/01/google-photos-
mistakenly-labels-black-people-gorillas/.
\33\ Ryan Mac, ``Facebook Apologizes After A.I. Puts `Primates'
Label on Video of Black Men,'' The New York Times, September 3, 2021,
sec. Technology, https://www.nytimes.com/2021/09/03/technology/
facebook-ai-race-primates.html.
---------------------------------------------------------------------------
But despite these proven inaccuracies, FRT is not only increasingly
used, but with heavy reliance by law enforcement, including CBP
officials, which has created a strong pipeline in terms of
procurement--my last point worth mentioning before going into the
recommendations. Clearview AI, who credentialed the CBP as one of many
law enforcement agencies they work with, though CBP has separately
claimed that Clearview AI's technology is not used for the biometric
entry-exit program.\34\ Clearview AI is one of the most prominent
commercial providers of FRT to law enforcement agencies. Since 2017,
the company has scraped billions of publicly-available images from
websites including YouTube and Facebook, while enabling customers to
upload photos of individuals and automatically matching them with other
images and sources in the database.\35\ As of 2021, the private start-
up had partnered with over 3,100 Federal and local law enforcement
agencies to identify people outside the scope of Government databases.
To put this tracking in perspective, the FBI only has about 640 million
photos in its databases, compared to Clearview AI's approximately 10
billion.\36\ Numerous other private corporations do work like
Clearview, including Vigilant Solutions and ODIN Intelligence, who have
provided law enforcement access to extensive databases for facial
recognition.\37\
---------------------------------------------------------------------------
\34\ Ryan Mac, Caroline Haskins, Logan McDonald, ``Clearview's
Facial Recognition App Has Been Used By The Justice Department, ICE,
Macy's, Walmart, And The NBA,'' BuzzFeed News, accessed July 22, 2022,
https://www.buzzfeednews.com/article/ryanmac/clearview-ai-fbi-ice-
global-law-enforcement.
\35\ Kashmir Hill, ``The Secretive Company That Might End Privacy
as We Know It,'' The New York Times, January 18, 2020, https://
www.nytimes.com/2020/01/18/technology/clearview-privacy-facial-
recognition.html; https://www.brookings.edu/research/police-
surveillance-and-facial-recognition-why-data-privacy-is-an-imperative-
for-communities-of-color/#top17.
\36\ Eli Watkins, ``Watchdog Says FBI Has Access to More than 641
Million `Face Photos','' CNN, June 4, 2019, https://www.cnn.com/2019/
06/04/politics/gao-fbi-face-photos/index.html; Will Knight, ``Clearview
AI Has New Tools to Identify You in Photos,'' Wired, October 4, 2021,
https://www.wired.com/story/clearview-ai-new-tools-identify-you-
photos/.
\37\ Max Rivlin-Nadler, ``How ICE Uses Social Media to Surveil and
Arrest Immigrants,'' The Intercept, December 22, 2019, https://
theintercept.com/2019/12/22/ice-social-media-surveillance/; Conor
Friedersdorf, ``An Unprecedented Threat to Privacy,'' The Atlantic,
January 27, 2016, https://www.theatlantic.com/politics/archive/2016/01/
vigilant-solutions-surveillance/427047/; ``Facial Recognition
Technology: Current and Planned Uses by Federal Agencies,'' U.S.
Government Accountability Office, August 24, 2021, https://www.gao.gov/
products/gao-21-526; ``Vigilant FaceSearch--Facial Recognition
System,'' Motorola Solutions, accessed February 24, 2022, https://
www.motorolasolutions.com/en_us/products/command-center-software/
analysis-and-investigation/vigilant-facesearch-facial-recognition-
system.html; Joseph Cox, ``Tech Firm Offers Cops Facial Recognition to
ID Homeless People,'' Vice, February 8, 2022, https://www.vice.com/en/
article/wxdp7x/tech-firm-facial-recognition-homeless-people-odin.
---------------------------------------------------------------------------
how frt inaccuracies impact cbp and travelers
According to a GAO report, the CBP only vets scans from two flights
per airport each week, which could undermine their ability to monitor
trends in inaccuracy.\38\ Recognizing that inaccuracies in facial
recognition often disproportionately hurt people of color, this means
that they would face longer wait times for manual checks, or be subject
to more extensive identity verification measures and searches. An
examination of CBP's traveler verification service highlights some of
the potential risks of bias.
---------------------------------------------------------------------------
\38\ Government Accountability Office. Facial Recognition, CBP and
TSA are Taking Steps to Implement Programs, but CBP Should Address
Privacy and System Performance Issues, GAO-20-568. (Washington, DC,
2020). https://www.gao.gov/assets/gao-20-568.pdf.
---------------------------------------------------------------------------
Traveler Verification Service
Under the guise of the Traveler Verification Service (TVS), FRT is
used from flight manifest data from commercial and private aircraft to
build a photo gallery based on DHS databases built from traveler
passports, visas, and other information that the U.S. Department of
Homeland Security (DHS) has access to. The TVS technology takes a
``live'' photo of a passenger at an airport gate or security and
compares this photo to all the photos in the DHS gallery. In 2 seconds,
the system gives the agent a result: Match or no match.\39\ There are
different ways to search through photos with facial recognition
technology, and this method of comparing the one live photo to the
database is called a 1:N or one-to-many matching process.\40\ Once
there is a match, the agent decides if the traveler may legally enter
or exit the country. If there is no match, then the agent will compare
the passenger's live photo to a digital photo of the traveler's
identification documents, which is called a 1:1 matching process. If
there is still no match, the passenger will be subject to secondary
inspection and considered a security risk.
---------------------------------------------------------------------------
\39\ Congressional Research Service. Federal Law Enforcement Use of
Facial Recognition Technology, R46586, (Washington, DC, 2020). https://
crsreports.Congress.gov/product/pdf/R/R46586.
\40\ Department of Homeland Security Office of Inspector General.
CBP Complied with Facial Recognition Policies to Identify International
Travelers at Airports, OIG-22-48. (Washington, DC, 2022), 4. https://
www.oig.dhs.gov/sites/default/files/assets/2022-07/OIG-22-48-
July22.pdf.
---------------------------------------------------------------------------
U.S. citizens and some foreign nationals may opt out of this
program, but it is mandatory for all foreign nationals aged 14-79.
However, as GAO report documented, the opt-out process is not always
clearly identified at gates using TVS.\41\ CBP has made it clear that
their goal is to document and track all passengers, including U.S.
citizens, from check-in, to baggage, to security,\42\ to boarding the
flight with ambitious performance goals to measure 97 percent of all
exiting travelers on flights.\43\ As the program's Privacy Impact
Assessment states, ``the only way for an individual to ensure he or she
is not subject to collection of biometric information . . . is to
refrain from traveling.''\44\
---------------------------------------------------------------------------
\41\ Government Accountability Office. Facial Recognition, CBP and
TSA are Taking Steps to Implement Programs, but CBP Should Address
Privacy and System Performance Issues, GAO-20-568 (Washington, DC,
2020). https://www.gao.gov/assets/gao-20-568.pdf.
\42\ Transportation Security Administration. TSA Biometrics
Strategy for Aviation Security & the Passenger Experience (Washington,
DC, 2018). https://www.tsa.gov/sites/default/files/
tsa_biometrics_roadmap.pdf.
\43\ Birnbaum, Emily. ``DHS wants to use facial recognition on 97
percent of departing air passengers by 2023.'' The Hill, April 18,
2019. https://thehill.com/policy/technology/439481-dhs-wants-to-use-
facial-recognition-on-97-percent-of-departing-air/.
\44\ U.S. Department of Homeland Security. Privacy Impact
Assessment Update for the Traveler Verification Service (TVS): Partner
Process, DHS/CBP/PIA-030(c) (Washington, DC, 2017). https://
www.dhs.gov/sites/default/files/publications/privacy-pia-cbp030-tvs-
june2017.pdf.
---------------------------------------------------------------------------
TVS stores the biometric data on passengers that it collects in a
computer system with the Office of Biometric Identity Management
(OBIM), which collects biometrics through its Arrival Departure
Information System (ADIS) on foreign nationals traveling in the United
States in order to identify overstayers with TVS, as well as its
Advance Passenger Information System (APIS), which contains arrival and
departure manifest information to identify high-risk passengers, and
Homeland Advanced Recognition System (HART), which is DHS's main
biometric database that stores biometrics on non-U.S. citizens.\45\
These systems aggregate data from multiple immigration databases,
including from CBP, ICE, and USCIS.\46\ The wide reach of data and
sharing creates a significant interoperability challenge: ADIS combines
data from five different CBP databases, an ICE system, a USCIS records
system, a NPPD system, and information from data-sharing agreements
with Canada and Mexico.
---------------------------------------------------------------------------
\45\ EPIC--Electronic Privacy Information Center. ``EPIC v. CBP
(Biometric Entry/Exit Program).'' Accessed July 22, 2022. https://
epic.org/documents/epic-v-cbp-biometric-entry-exit-program/.
\46\ National Immigration Forum. ``Biometrics at the Border,''
March 22, 2022. https://immigrationforum.org/article/biometrics-at-the-
border/.
---------------------------------------------------------------------------
Once TVS compares the biometric data, it encrypts the photos into
templates, which cannot be transformed back into photos. Currently,
commercial partners cannot store the photos after they are transmitted
to the TVS and can only see if the photo matches or not. However,
initially, there were no limits on how commercial partners could use
data, and it is unclear how DHS is monitoring their compliance without
ever auditing most of their partners.\47\ The data (including the live
photos from TVS) is eventually stored in the DHS's Biometric Identity
Management System (IDENT) and is kept for up to 12 hours for U.S.
citizens, while foreign nationals' information is stored for up to 75
years.
---------------------------------------------------------------------------
\47\ EPIC--Electronic Privacy Information Center. ``EPIC v. CBP
(Biometric Entry/Exit Program).'' Accessed July 22, 2022. https://
epic.org/documents/epic-v-cbp-biometric-entry-exit-program/.
---------------------------------------------------------------------------
There are many other databases that CBP maintains and collaborates
on that are not incorporated directly into the TVS process currently.
DHS and CBP cooperate with other Federal agencies and also have some
access to local and commercial data systems to check for photo
comparisons, including Michigan Law Enforcement Information Network
(MLEIN), New York State Intelligence Center Photo Imaging Mugshot
System (PIMS), Ohio Law Enforcement Gateway (OHLEG), Pinellas County
Face Analysis Comparison and Examination System (FACES), and commercial
FRT systems: Clearview AI, through an agent stationed at the New York
State Intelligence Center, and limited access to Vigilant
Solutions.\48\
---------------------------------------------------------------------------
\48\ Government Accountability Office. Facial Recognition
Technology, Current and Planned Uses by Federal Agencies, GAO-21-526
(Washington, DC, 2021). https://www.gao.gov/assets/gao-21-526.pdf.
---------------------------------------------------------------------------
While CBP has the capacity to audit its commercial partners, the
lack of transparency of these audits and clear consent warnings for
passengers does point to a larger problem of the TVS system, which is
the lack of user control over the process and privacy transparency.
There are also already political concerns in the United States.
Bipartisan Senators Edward J. Markey (D-Mass) and Mike Lee (R-Utah)
recommended that, ``DHS should pause their efforts until American
travelers fully understand exactly who has access to their facial
recognition data, how long their data will be held, how their
information will be safeguarded, and how they can opt out of the
program altogether.'' A large group of Members of Congress expressed
their concerns at the security risks posed for Americans in this
program,\49\ as there is no direct legal basis for the air exit program
targeting U.S. citizens, as the law establishing it only called for the
surveillance of foreign nationals,\50\ until former President Trump's
Executive Order to verify the identity of all travelers at airports,
including Americans.\51\
---------------------------------------------------------------------------
\49\ Wild, Susan, Cleaver et al. ``CBP Facial Recognition Letter,''
June 13, 2019. https://wild.house.gov/sites/wild.house.gov/files/
CBP%20Facial%20Recognition%20Ltr.%20final.- %20.pdf.
\50\ Haskett, Mary. ``Opting-out of Face Recognition at Airports.''
Medium, November 5, 2019. https://austinstartups.com/opting-out-of-
face-recognition-at-airports-bc01c3fa2361.
\51\ U.S. Department of Homeland Security and U.S. Department of
Justice. ``Executive Order 13780: Protecting the Nation From Foreign
Terrorist Entry Into the United States Initial Section 11 Report.''
January 2018. https://www.dhs.gov/sites/default/files/publications/
Executive%20Order%2013780%20Section%2011%20Report%20%20Final.pdf.
---------------------------------------------------------------------------
But the trade-offs to its non-use may result in longer wait times
for passengers and an increased demand for agents that conduct manual
checks. Thus, while there are inherent and potential privacy and civil
rights concerns with this CBP program, the trade-offs of convenience
resonate among agency staff and travelers who mitigate and give up
their privacy and rights as part of the process. It is for these and
other reasons that CBP and other agencies leveraging FRT must be on
alert because a technology used for convenience should not have
unforeseen consequences on travelers and citizens, more broadly. My
testimony is not calling for a required ban on FRT, at least not
currently or perhaps in the future. Rather, Congress and other
stakeholders must thoroughly interrogate these models to ensure that
they are not creating a new wave of systemic biases and discrimination.
what congress and other policy makers can do to improve frt use by cbp
The fact of the matter is that if the Federal Government gets bias
identification and mitigation wrong, it will erode the trust in the
efficacy of autonomous systems, especially among everyday citizens
whose lives are becoming more dependent on them. The use of FRT in the
Federal Government--and especially at our Nation's borders--are no
different. To reduce the disproportionate effect on historically
marginalized groups, strike and maintain a balance between privacy and
accuracy, and ensure the Customs and Border Protection agents securing
America's borders understand limitations of facial recognition
technology, I have a few proposals to offer the committee. First, the
CBP should ensure transparency among travelers and other subjects of
the technologies, especially the collection and storage of biometric
data to maximize transparency on how their data will be used, while
providing them the option to opt out. Second, technologists should
improve inclusivity with existing use of facial recognition technology,
to ensure that this technology works equitably across the lines of
gender, age, race, and more. Third, on-going training should be
provided to airport and CBP agents assisting travelers in using these
tools. Finally, specific civil and human rights guardrails should be
applied in cases known for bias. These recommendations to the CBP are
further explicated below.
1. Ensure transparency among travelers and other consumers of FRT
Travelers must be made aware of the image storage, sharing, and
curation process. As it stands, in the 2 years between May 2019 and
September 2021, U.S. Customs and Border Protection used facial
biometric technology deployed across 238 U.S. international airports to
process 51.1 million travelers entering the United States; in total,
more than 171 million travelers have been processed using facial
recognition technology at air, land, and sea ports of entry.\52\ The
expansion of this Simplified Arrival program--which uses facial
recognition technology to automate manual document checks required for
entry into the United States--to all international airports across the
United States was completed in June 2022, fulfilling a Congressional
mandate to biometrically record entry and exit into the United States
for non-citizens. As mentioned previously, photos of most foreign
nationals entering the United States is stored in the Department of
Homeland Security Office of Biometric Identity Management's Automated
Biometric Identity System (IDENT) for 75 years, a length of time
consistent with other existing CBP records with these photographs in
IDENT, including full name, date of birth, country of residence, full
passport information, U.S. destination address.\53\ In contrast, images
of U.S. citizens are not retained, and are instead deleted within 12
hours.\54\ As of July 2022, most non-U.S. citizens must provide
biometrics (with statutorily limited exceptions), although U.S.
citizens cannotify a CBP officer to request manual identity
verification if they do not wish to have their photograph taken.\55\
---------------------------------------------------------------------------
\52\ ``CBP Complied with Facial Recognition Policies to Identify
International Travelers at Airports'' (Office of the Inspector General,
Department of Homeland Security, July 5, 2022), https://
www.oig.dhs.gov/sites/default/files/assets/2022-07/OIG-22-48-
July22.pdf.
\53\ ``Privacy Act of 1974; Department of Homeland Security/U.S.
Customs and Border Protection-007 Border Crossing Information (BCI)
System of Records'' (Federal Register, December 13, 2016), https://
www.federalregister.gov/documents/2016/12/13/2016-29898/privacy-act-of-
1974-department-of-homeland-security-us-customs-and-border-protection-
007-border.
\54\ ``CBP Completes Simplified Arrival Expansion at All U.S.
Airports'' (U.S. Customs and Border Protection, June 2, 2022), https://
www.cbp.gov/newsroom/national-media-release/cbp-completes-simplified-
arrival-expansion-all-us-airports.
\55\ ``CBP Publication Number 1533-0921'' (U.S. Customs and Border
Protection, September 2021), https://biometrics.cbp.gov/sites/default/
files/docs/Air-Entry-Signage-24x36-English.pdf.
---------------------------------------------------------------------------
Pursuant to the 2016 final rule for the implementation of
exemptions to the Border Crossing Information System of Records (which
IDENT falls into), DHS has exempted parts of IDENT from disclosure
under the Privacy Act. While individuals can access or amend records
``with respect to information maintained in the system that is
collected from a person at the time of crossing'' the border, the DHS
provides a litany of other privacy act exemptions that could and are
used to share access to information contained within IDENT to other
government and law enforcement agencies for a wide variety of
reasons.\56\
---------------------------------------------------------------------------
\56\ ``Privacy Act of 1974: Implementation of Exemptions;
Department of Homeland Security/U.S. Customs and Border Protection--007
Border Crossing Information System of Records'' (Federal Register,
March 21, 2016), https://www.federalregister.gov/documents/2016/03/21/
2016-06233/privacy-act-of-1974-implementation-of-exemptions-department-
of-homeland-security-us-customs-and.
---------------------------------------------------------------------------
In recent Federal privacy talks among U.S. legislators, there is an
acknowledgement that data collection and use cannot be unlimited among
the private and public sectors. Safeguards must be put in place,
including through guaranteeing access to personally identifiable data,
to prevent any privacy abuses by the Government or private entities, as
a matter of fundamental rights. To that end, Federal, State, and local
governments have enshrined privacy values into law--in certain
contexts--through layers of Constitutional principles, limited
statutes, and court cases. U.S. citizens and foreign nationals alike
should have the ability to have their data handled in a manner
consistent with these universally fundamental rights, but as it stands
today, the Privacy Act of 1974 applies only to U.S. citizens. This lack
of protection means that personally identifying information from most
foreign nationals in the United States collected by IDENT (and other
Government database systems) could theoretically be released by the
Executive branch at any time and with minimal limitation.\57\ While
Presidential administrations have gone back and forth as to whether
personally identifiable information from non-citizens should be treated
in a manner consistent with what is mandated in the Privacy Act as a
matter of politics, it is long past time for Congress to extend certain
privacy rights for citizens to non-citizens and put the matter to rest,
including the rights to access and amend their records of entry into
the United States under the Privacy Act.\58\
---------------------------------------------------------------------------
\57\ Esha Bhandari and Neema Singh Guliani, ``The Trump
Administration Is Threatening to Publicly Release the Private Data of
Immigrants and Foreign Visitors,'' American Civil Liberties Union,
February 28, 2017, https://www.aclu.org/blog/privacy-technology/trump-
administration-threatening-publicly-release-private-data-immigrants.
\58\ Lynn Dupree, ``DHS PRIVACY POLICY REGARDING COLLECTION, USE,
RETENTION, AND DISSEMINATION OF PERSONALLY IDENTIFIABLE INFORMATION,''
DHS Directive (Department of Homeland Security, May 4, 2022), https://
www.dhs.gov/sites/default/files/2022-05/
DHS%20Mixed%20Systems%20Policy%20PII%20Instruction_1.pdf.
---------------------------------------------------------------------------
As of now, while U.S. citizens can ensure that their non-facial-
recognition IDENT information is properly stored and curated by DHS,
foreign nationals have no way of ensuring that the same treatment is
happening with their own personally identifiable information. With the
legal ability to access and amend personal IDENT records--including
accessing facial recognition data--Customs and Border Protection could
post consistent messaging to all travelers informing them of their
rights to access and amend if desired. Doing so could balance data
accuracy concerns with National security biometric data collection
needs from foreign nationals.
2. Optimize the technology for diversity, equity, and inclusion
The countless cases shared throughout my testimony suggest that
more work needs to be done in these areas, starting with homogenous and
less diverse developers deploying relevant facial recognition
technology. Government agencies partner with commercial companies such
as Clearview AI or Vigilant Solutions to implement facial recognition
technology.\59\ However, it is reported that public-private
collaboration of facial recognition technology implementation makes it
more difficult to detect biases in the process. The Biometrics and
Forensics Ethics Group (BFEG), an advisory non-departmental public body
for the UK's Home Office, published a report that outlines ethical
issues arising from the public collaborating with the private sector
for implementing live facial recognition technology.\60\ They found
that if a public authority does not scrutinize the private entity's
training dataset and algorithm, it is likely that discrimination and
bias of the technology is exacerbated. Thus, they emphasize the
importance of an independent oversight entity that can monitor the
system.
---------------------------------------------------------------------------
\59\ ``Facial Recognition Technology: Current and Planned Uses by
Federal Agencies,'' U.S. Government Accountability Office, August 24,
2021, https://www.gao.gov/products/gao-21-526; ``Vigilant FaceSearch--
Facial Recognition System,'' Motorola Solutions, accessed February 24,
2022, https://www.motorolasolutions.com/en_us/products/command-center-
software/analysis-and-investigation/vigilant-facesearch-facial-
recognition-system.html.
\60\ ``Ethical Issues Arising from Public-Private Collaboration in
the Use of Live Facial Recognition Technology'', Biometrics and
Forensic Ethics Group (BFEG), January 2021, https://
assets.publishing.service.gov.uk/government/uploads/system/uploads/
attachment_data/file/- 953359/LFR_briefing_note_18.1.21.final.pdf.
---------------------------------------------------------------------------
There are multiple resources developed by academic researchers that
could help Government agencies detect biases in FRT algorithms and
potential harms. The ``algorithmic impact assessment'' by New York
University's AI Now Institute help Government agencies or commercial
companies to evaluate the accuracy, potential community harms or
benefits, and risk of bias or discrimination before deploying any
automated technology. Once the technology is in use, regular auditing
that consider intersecting identities is an effective way to hold
relevant companies accountable.\61\
---------------------------------------------------------------------------
\61\ Najibi, Alex. ``Racial Discrimination in Face Recognition
Technology.'' Science in the News, October 26, 2020. https://
sitn.hms.harvard.edu/flash/2020/racial-discrimination-in-face-
recognition-technology; Raji, Inioluwa Deborah, Timnit Gebru, Margaret
Mitchell, Joy Buolamwini, Joonseok Lee, and Emily Denton. ``Saving
face: Investigating the ethical concerns of facial recognition
auditing.'' In Proceedings of the AAAI/ACM Conference on AI, Ethics,
and Society, pp. 145-151. 2020. https://dl.acm.org/doi/pdf/10.1145/
3375627.3375820; Reisman, Dillon, Jason Schultz, Kate Crawford, and
Meredith Whittaker. Algorithmic Impact Assessments: A Practical
Framework for Public Agency Accountability. (AI Now Institute, 2018).
---------------------------------------------------------------------------
Once biases in FRT are detected, multiple de-biasing measures could
be implemented by scientists who oversee the datasets and algorithms.
For instance, Jan Lunter suggested several methods to improve the
accuracy of FRT.\62\ In terms of the dataset, he proposed that data
labeling based on rich and varied datasets and external dataset
auditing could help make algorithms unbiased. There are multiple
datasets available for algorithmic training created for the purpose of
reducing racial and gender biases. Training the algorithm itself to
detect biases through machine learning could be another solution
mitigating bias.
---------------------------------------------------------------------------
\62\ Lunter, Jan. ``Beating the bias in facial recognition
technology.'' Biometric Technology Today 2020, no. 9 (2020): 5-7,
https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7575263/.
---------------------------------------------------------------------------
What is essential is that the technology should not be left as a
`black box' in the hands of private entities. David Leslie of the Alan
Turing Institute suggested several principles for building and using
facial recognition technologies provide helpful guidelines.\63\ First,
he emphasized that a continuous chain of human responsibility must be
established and codified that is traceable and auditable as a measure
to ensure transparency and accountability across the entire design,
development, and deployment workflow. Second, discrimination-aware
strategies for bias-mitigation, both technical challenges arising from
the dataset and sociotechnical challenges that arise from the
development and deployment practices, should be incorporated
holistically into the development and operation of FRT.
---------------------------------------------------------------------------
\63\ Zhang Yaobin and Weihong Deng, ``Class-balanced training for
deep face recognition'', In Proceedings of the ieee/cvf conference on
computer vision and pattern recognition workshops, pp. 824-825. 2020.
---------------------------------------------------------------------------
3. Ensure and encourage wide-spread training for CBP professionals
The implementation and operation of facial recognition technology
is done by human agents. However, a past GAO report found that CBP
officers do not have adequate training on what to do when facial
recognition does not work on a certain traveler, or proper instruction
or what to happen when a match is found.\64\ Agents stationed at
airports to assist travelers with using facial recognition technology
should be adequately trained in understanding limitations and biases of
the technology, to improve their understanding of racial biases in
technology.\65\ This also improves the customer service provided,
ensuring that agents will not pose unreasonable demands to women and
travelers of color who have difficulty utilizing these services.
Instead, they could find helpful, constructive ways to see if there are
other ways to activate the technology, and if not, utilize manual
methods to verify the identity of travelers. This ensures that the
travel experiences of women and people of color will be smooth, despite
inefficiencies in existing technology.
---------------------------------------------------------------------------
\64\ ``Facial Recognition: CBP and TSA Are Taking Steps to
Implement Programs, but CBP Should Address Privacy and System
Performance Issues'' (U.S. Government Accountability Office, September
2, 2022), https://www.gao.gov/products/gao-20-568.
\65\ Jessie Daniels, Mutale Nkonde, and Darakhshan Mir, ``ADVANCING
RACIAL LITERACY IN TECH'' (Data & Society, May 2019), https://
datasociety.net/wp-content/uploads/2019/05/
Racial_Literacy_Tech_Final_0522.pdf.
---------------------------------------------------------------------------
4. Impose guardrails in instances where civil and human rights risk
being violated
While the recommendations discussed in this testimony are necessary
preliminary steps, such as improving data set quality and training of
TSA and CBP agents for administering this technology, many scholars,
including those from international governing bodies and privacy
advocates, conclude that facial recognition technology, in its current
state, will never be a completely unbiased technology, and will always
present privacy and civil rights risks. Access Now, joined by over 200
civil society organizations, signed a letter calling for an outright
global ban on biometric recognition technologies, including FRT that
enable wide-spread and discriminatory targeted surveillance.\66\ But
the problem is that even when FRT exhibits bias, it is simultaneously
creating those other trade-offs previously discussed. On my return from
Berlin, Germany a couple of weeks ago, I was able to bypass a long line
at security check and go through a quick facial recognition scan
instead in the midst of a growing and frustrating long line of
travelers. As a society with deep historical wounds and trauma when it
comes to systemic inequalities, lines should be drawn to get ahead of
adverse effects of the technology, especially among agencies like CBP
who may be in a greater spotlight among its peers. That is why, we must
honor existing civil and human rights statutes and laws, while improve
the technology through regular, independent audits, traveler
transparency and feedback. CBP and other law enforcement organizations
should work to improve current methods to ensure that they are
equitable and just. When reviewing the CBP's air exit biometric
program, the director of the Office of Test and Evaluation at the
Department of Homeland Security found that while the program as it was
lacked quantifiable benefits, it had the potential in the future when
improved.\67\
---------------------------------------------------------------------------
\66\ ``Open Letter Calling for a Global Ban on Biometric
Recognition Technologies That Enable Mass and Discriminatory
Surveillance'' (Access Now, June 7, 2021), https://www.accessnow.org/
cms/assets/uploads/2021/06/BanBS-Statement-English.pdf.
\67\ ``Facial Recognition: CBP and TSA Are Taking Steps to
Implement Programs, but CBP Should Address Privacy and System
Performance Issues'' (U.S. Government Accountability Office, September
2, 2022), https://www.gao.gov/products/gao-20-568. Nimra Khan and
Marina Efthymiou, ``The Use of Biometric Technology at Airports: The
Case of Customs and Border Protection (CBP),'' International Journal of
Information Management Data Insights 1, no. 2 (November 1, 2021):
100049, https://doi.org/10.1016/j.jjimei.2021.100049.
---------------------------------------------------------------------------
Chairwoman Barragan, Ranking Member Higgins, and distinguished
Members on the House Subcommittee on Border Security, Facilitation, &
Operations, my testimony amplifies why and how CBP is not an exception
to the various grumblings of FRT adoption and use. More must be done to
improve equity and access to this technology, so that people of all
ages, race, and gender could reap its benefits--they are also part of
our democracy. Thank you again for the opportunity to testify, and I
look forward to your questions.
Thanks to Brookings researchers Samantha Lai, James Seddon, Brooke
Tanner, and Soyun Ahn for their assistance in preparing this statement.
Chairwoman Barragan. Thank you for your testimony. I now
would like to recognize Mr. Daniel Tanciar to summarize his
statement for 5 minutes.
STATEMENT OF DANIEL P. TANCIAR, CHIEF INNOVATION OFFICER,
PANGIAM
Mr. Tanciar. Thank you. Thank you, Chairwoman Barragan,
Ranking Member Higgins, and distinguished Members of the
subcommittee. I appreciate the opportunity to appear today to
discuss CBP's use of facial recognition technology.
My name is Daniel Tanciar and I am currently the chief
innovation officer at Pangiam. Prior to that, I was a CBP
officer for 16 years, 12 of which I was at Headquarters. In
2016, until my departure in March 2020, I was the deputy
executive director for the office responsible for biometric
entry and exit transformation. I am here today in my personal
capacity to share with the subcommittee my views and experience
how CBP's use of facial recognition technology strengthens
security, improves the international arrivals experience, and
increases operational efficiency in a manner that is consistent
with privacy, civil liberties, and data protection principles.
Civil liberty and privacy protections were built into the
program at the forefront. The program included opt-out
provisions. It uses data already provided for international
travel, limited data retention periods for U.S. citizens, and
the requirement of posting of notices and signage. Photos are
only taken with the traveler's knowledge with cameras that are
in full view in places where persons must show their ID or
travel documents today. This is not surveillance.
Additionally, CBP put forth business requirements to govern
how airports, airlines, vendors, and other partners may
interact with CBP's TVS and it outlines their responsibilities
to safeguard data, participate in audits, and post notice to
travelers about biometric processing.
CBP's technology does not determine identity. CBP officers
make the final determination of identity. This technology is
just one tool in a variety of others that CBP officers use in
their mission. If a traveler chooses to opt out of the process,
then traditional means of processing occur. It is swiping the
passport and/or scanning the boarding card.
CBP has also worked with outside biometric experts, like
the DHS Science and Technology Directorate, the Maryland Test
Facility and the National Institutes of Standards and
Technology to help them test, validate, and ensure optimal
system performance. CBP chose a high-performing algorithm for
TVS as measured by NIST's Face Recognition Vendor Test and
evaluations. High-performing algorithms like the one used by
CBP are incredibly accurate.
In the on-going work of NIST and the MdTF and others are
key drivers of the significant rapid improvement in commercial
algorithms today. Further, compared to human beings, algorithms
can be more accurate. There are studies that show and suggest
that Border Control officers, police, and banking employees who
check IDs can experience error rates when matching unknown
individuals as high as 30 to 40 percent in the challenging
conditions in which they perform the task.
CBP's use of this technology strengthens security by
reducing the imposter threat, those who use genuine documents
that don't belong to them. Since 2018 through fiscal year 2021,
CBP has identified over 950 of those imposters and they have
been able to biometrically confirm over 100,000 overstays to
their period of admission here in the United States.
The facilitation benefits are also important as this
program for biometric exit was implemented in partnership with
airlines and airports, with the goal of deploying technology
that didn't just add another layer, but actually fit into the
current operations and improved the travel process. One
airline's biometric exit pilot demonstrated that facial
recognition could save up 9 minutes of boarding per flight and
another airline was able to board an A380 double-decker
aircraft in about 20 minutes.
The entry system called Simplified Arrival begins with just
a simple photograph. Rather than digging out your passport,
handing it to the officer, the officer swiping the passport,
and recollecting the same four fingerprints from returning
visitors of the United States, the benefits to the CBP officer
are less administrative work and more time to focus on the
interview. Travelers benefit from reduced wait times and a
simpler touch-free arrivals process.
In conclusion, over 100 million travelers have been
successfully processed by CBP's use of this technology. While
there are always improvements that can be made, CBP has
implemented a well-performing program that meets the
Congressional biometric mandate while maintaining privacy,
civil liberties, and the data security foundation that it
started from the beginning. It is through the continued
oversight of Congress, the Government Accountability Office,
the Inspector General, and continued CBP engagement with
advocates that will continue to drive improvement and
transparency about how the program is working and performing.
I look forward to answering questions. Thank you.
[The prepared statement of Mr. Tanciar follows:]
Prepared Statement of Daniel P. Tanciar
July 27, 2022, 2 o'clock PM
Chairwoman Barragan, Ranking Member Higgins, and distinguished
Members of the subcommittee, thank you for the opportunity to appear
today to discuss U.S. Customs and Border Protection's (CBP) use of
facial recognition technology.
My name is Daniel Tanciar and since March 2020 I have been serving
as the chief innovation officer at Pangiam, a company that applies
computer vision and face recognition technology to define the future of
trusted movement of people and goods.
Prior to joining Pangiam, I was a U.S. CBP officer in the Office of
Field Operations (OFO) for 16 years. I spent 12 of those years assigned
to CBP, OFO headquarters in Washington, DC. During my tenure at CBP, I
worked on programs such as NEXUS, Global Entry, the Model Ports
Initiative, the Immigration Advisory Program, and the CBP Mobile
Program. From 2016 until my departure from CBP in March 2020, I was the
deputy executive director for planning, program analysis, and
evaluation, the office, at that time, responsible for Biometric Entry/
Exit Transformation. In that role, I was part of the leadership team
that implemented the use of facial recognition for biometric exit and
entry.
I am here today, in my personal capacity, to share with the
subcommittee my views and experience on how CBP's use of facial
recognition technology at ports of entry strengthens security, improves
the international arrivals experience, and increases operational
efficiency in a manner that is consistent with privacy, civil
liberties, and data protection principles.
background
In 2013, the biometric exit mission was transferred from DHS
headquarters to CBP through the Consolidated and Further Continuing
Appropriations Act of 2013 (Public Law 113-6). In 2017, CBP developed a
process to use facial recognition as the means to implement biometric
exit which has been mandated by Congress in multiple statutes over
several decades.
The face recognition process for both entry and exit utilize
existing advance passenger information (mandatory since the early
2000's) and photographs from passports, visas, other Federal documents,
or previous border entries (which travelers have already submitted to
the Government for the purposes of international travel) to build
flight-specific galleries of photo templates for those travelers on
that flight. Upon boarding the aircraft or arriving in the United
States, a live photograph is taken of the traveler, securely
transmitted to CBP's TVS, where it is matched against the gallery of
templates. If the live photo is matched to the photo template of a U.S.
citizen or another exempt category of traveler for biometric exit or
entry the photo is deleted by CBP within 12 hours. If a photo is
matched to the template of an individual in scope for biometric entry
or exit the photo is retained and recorded as a biometric entry or exit
record.
civil liberties and privacy
When the biometric exit-entry process was designed, civil liberties
and privacy protections were built into the program at the forefront
and not as an afterthought. The program included opt-out provisions,
photos were only taken in places where travel documents are required to
be shown (e.g. security checkpoint, boarding gate, CBP primary
inspection), and photos are taken with the traveler's knowledge with a
camera in plain sight. CBP engaged with privacy advocates on several
occasions, published multiple privacy impact assessments, engaged with
the DHS's Data Privacy and Integrity Advisory Committee (DPIAC) and the
U.S. Privacy and Civil Liberties Oversight Board (PCLOB).
Additionally, CBP developed business requirements to govern how
airports, airlines, vendors, and other partners may interact with CBP
TVS and outlines their responsibilities to safeguard data, participate
in audits, and post notice to travelers about biometric processing.
CBP's facial recognition technology does not determine identity.
CBP officers make the final determination of identity. The technology
is just one tool that CBP officers can use to make admissibility or
enforcement decisions. The results of a face recognition match or no
match in and of itself is not used as a sole means to make these
decisions. Likewise, for biometric exit, If there is no match or when a
traveler opts out, then airlines simply revert to scanning boarding
passes and reviewing travel documents to permit boarding.
facial recognition performance
Early on, CBP recognized the need to work with outside biometric
experts and organizations to help them test, validate, and ensure
optimal system performance. In 2014, the DHS Science and Technology
Directorate (S&T) and CBP opened the Maryland Test Facility (MdTF) to
test and evaluate operational processes using biometric and non-
biometric technologies. Since 2018, the MdTF has held biometric rallies
that test and report on various biometric acquisition and matching
technologies. The MdTF team has worked closely with CBP to identify
best practices to measure and report on TVS performance. The MdTF team
has also conducted and published research such as measuring demographic
performance and race and gender impacts of identity (Maryland Test
Facility, 2022).
CBP chose a high-performing facial recognition algorithm for the
TVS as measured by the National Institute of Standards and Technology
Face Recognition Vendor Test (FRVT) 1:1 and 1:N evaluations. These on-
going face recognition evaluations are vital to monitoring continued
algorithm performance and for monitoring for demographic differentials
in facial recognition algorithms. The work that NIST and the MdTF are
doing to test, measure, and report on algorithm performance is one of
the key drivers of commercial facial recognition algorithm performance
improvements over the last few years.
security benefits
CBP's use of facial recognition technology strengthens security by
reducing the imposter threat at the border and provides a higher level
of accuracy of matching travelers to their ID documents.
Imposters to genuine documents are a documented border security
risk that CBP officers must be vigilant against every day.
``The use of documents by imposters, or look-alikes, is one of the
simplest methods of passport fraud. An imposter will simply attempt to
pass inspection at passport control by presenting a genuine, unaltered
document issued to someone similar in facial appearance, and pretend to
be that person to deceive the control officer . . . imposters are
problematic for passport control because this type of fraud is
difficult to detect and requires a high level of skill and
professionalism in the examining officer.'' (Stevens, 2021).
While CBP officers must match unfamiliar travelers to the passports
each day, studies suggest that Border Control officers, police, and
banking employees who are relied upon to match IDs to live persons have
the same error rates as novice reviewers (White, Towler, and Kemp,
2021). The novice error rates in pairwise face-matching tasks can be as
high as 30 percent or 40 percent in challenging tests where images are
captured in unconstrained environments (White, Towler, and Kemp, 2021).
These error rates occur even when they are comparing IDs to people
standing directly in front of them (White, Towler, and Kemp, 2021).
When comparing the human error rate (30 percent-40 percent) for face
matching to the error rate for face-matching algorithms (<3 percent),
face recognition technology is more accurate and not subject to fatigue
and other factors which may further increase the human error rate.
Since 2018 through fiscal year 2021 CBP's use of facial recognition
technology has identified 46 imposters to genuine documents at U.S.
airports and 916 imposters arriving at land ports of entry, and CBP has
been able to biometrically confirm over 100,000 overstays (U.S. Customs
and Border Protection, 2022).
facilitation benefits
CBP's use of facial recognition began with the biometric exit
program in the air environment that was implemented in partnership with
airlines and airports with the goal of deploying technology in a way
that fit into their current operations and improved the travel process.
One airline's biometric exit pilot demonstrated that facial recognition
could save up to 9 minutes per flight and another airline was able to
board an A380 aircraft in about 20 minutes (Genter, 2019).
As face recognition began expanding from exit to entry in a program
called Simplified Arrival, the administrative processes of handling the
passport, matching the passport photo to the person standing in front
of the officer, scanning the machine-readable zone of the passport, and
re-collecting fingerprints from returning visitors to the United States
could be replaced by the officer simply taking a photo of the traveler.
The benefits to the CBP officer are the elimination of administrative
processes, reduced handling of documents, and more time to focus on the
traveler interview. Travelers benefit from Simplified Arrival with
reduced wait times and a simpler touch free arrivals experience.
conclusion
From fiscal year 2018 through fiscal year 2021 CBP has processed
over 100 million individuals using face recognition technology. The use
of facial recognition has led to the identification of over 950
imposters, improved aircraft boarding times, and enabled touch-free
entry processing during the pandemic. While there are always
improvements that can be made, CBP has made progress toward
strengthening the program's privacy, civil liberties, and data security
foundation. It is through the continued oversight of Congress,
Government Accountability Office (GAO), the Inspector General, and CBP
engagement with advocates that will continue to drive transparency
about how the program is working and performing.
references
Genter, K. (2019, April 23). Your Guide to Biometric Boarding in
the U.S. Retrieved from The Points Guy: https://thepointsguy.com/guide/
biometric-boarding-us/.
Maryland Test Facility. (2022, July). Publications. Retrieved from
MdTF: https://mdtf.org/Research/Publications.
Stevens, C. (2021). Person Identification at Airports During
Passport Control. In: Forensic Face Matching, Edited by Markus
Bindemann, 8.
U.S. Customs and Border Protection. (2022). CBP Trade and Travel
Report Fiscal Year 2021. Washington DC: U.S. Customs and Border
Protection. Retrieved July 23, 2022, from https://www.cbp.gov/sites/
default/files/assets/documents/2022-Apr/
FINAL%20FY2021_%20Trade%20and%20Travel%20Report%20%28508%20-
Compliant%29%20%28April%202022%29_0.pdf.
White, D., Towler, A., & and Kemp, R.I. (2021). Understanding
Professional Expertise in Unfamiliar Face Matching. In: Forensic Face
Matching, Edited by: Markus Bindemann, 62-68.
Chairwoman Barragan. Thank you for your testimony. Thank
you too all our witnesses for their testimony. I will remind
the subcommittee that you will have each 5 minutes to question
the panel. I will recognize myself for 5 minutes and then we
will alternate.
I will start by saying I have been myself through airports
and have gone and used the program where they take the photo of
you and it does speed up the process. There is no doubt about
that. But I think I would have hesitation if I was one of those
people that was misidentified or was held or arrested, and can
understand the concerns that are being raised, and which is why
we want to make sure we address those issues.
Ms. Gambler, I am going to start my questions with you. In
2020, GAO recommended that CBP develop and implement a plan to
audit CBP's program partners for privacy compliance. At our
subcommittee briefing earlier this month CBP informed us that
the agency is conducting privacy audits of its commercial
partners' use of biometric equipment in 7 locations. This seems
like a very small sample to me. What is your reaction to CBP
conducting privacy audits in only 7 locations?
Ms. Gambler. Thank you for the question, Chairwoman. We
think it is positive that CBP has taken steps to implement
these audits, but they do have a ways to go. They--to fully
implement our recommendation need to audit partners not just in
the air environment, but also in the land and sea environment.
They need to ensure that they are conducting those audits on
their contractors and vendors as well. So, they are taking some
positive steps, but they still need to take more action to
really implement our recommendation.
Chairwoman Barragan. Do you think that 7 is an appropriate
number or think it is too small?
Ms. Gambler. We haven't had a chance to really understand
sort-of what is going into these audits and how long they may
be taking, but it is important that CBP continue down this path
and make sure that they are auditing all of their partners,
vendors, and contractors.
Chairwoman Barragan. What issues, controls, or practices
should CBP assess when auditing airports, airlines, and other
partners in their use of biometric equipment?
Ms. Gambler. They should be looking at both their privacy
requirements as well as their security requirements and their
implementation of those requirements.
Chairwoman Barragan. Then last, what actions must CBP take
for GAO to close this privacy audit recommendation?
Ms. Gambler. They need to continue to implement the audits
that they have planned and under way in the air environment,
but they need to go further and also audit the partners that
they are utilizing in the land and sea environments as well as
contractors and vendors who are using personally identifiable
information.
Chairwoman Barragan. Thank you. Dr. Turner Lee, NIST
reports indicate that race and gender bias is statistically
undetectable in the most accurate algorithms. This does not
account for environmental factors. Could you talk about how
this plays out in everyday life and the implications for those
who are not able to be verified through facial recognition
technology?
Ms. Turner Lee. Yes, Chairwoman. I just want to confirm
that you can hear me because the volume went lower.
Chairwoman Barragan. I can hear you.
Ms. Turner Lee. We have seen in academic research journals
that if the appropriate lighting is not actually confirmed or
used on darker-skinned faces or if there are effects, like your
glasses or a Black woman like myself who may change their hair,
that there are likelihoods that the technical inaccuracies will
allow for greater misidentification of an individual. So I
think it is important that we acknowledge those technical
inaccuracies generally when it comes to facial recognition
technology use.
While we are seeing, and I think it was suggested and I
will adhere, that there are greater levels of, you know,
greater positives as opposed to false matches in some cases.
Let me continue to remind folks a study of a facial recognition
software a couple years ago misidentified a majority of Members
from the Congressional Black Caucus as mug shots simply because
the technology has not yet been optimized for diversity in
complexion, in effects, in lighting, et cetera. That is the
criteria I think that we still need to apply and interrogate if
we are going to use these systems in a steady manner.
Chairwoman Barragan. Thank you. Mr. Scott, how would you
describe Customs and Border Protection's oversight efforts to
maintain data privacy of travelers? What recommendations would
you give to CBP in order to help protect--to help travelers
feel that their data is protected?
Mr. Scott. Well, I think the data breach I mentioned
earlier is evidence that the privacy and security protocols are
lacking. You know, CBP does use one-on-one facial recognition
which doesn't require a database. They have tested that. That
is where, you know, you would take your Government-issued
document like a passport and the image on there would be
scanned, and then compared to a real-time photo of yourself. No
database needed. No connection to the cloud. After that scanned
in--after the confirmation identification--after your identity
is confirmed, then that information is erased. The biometric
data is not kept. It is a much safer way to implement the use
of facial recognition.
Chairwoman Barragan. Thank you. Thank you, Mr. Scott. My
time has expired. So now I will now recognize the Ranking
Member of the subcommittee, the gentleman from Louisiana, Mr.
Higgins, for questions.
Mr. Higgins. Thank you, Madam Chair. Mr. Tanciar, one of
the witnesses mentioned, he spoke of a data breach where
184,000 images of travelers were stolen essentially from CBP.
Are you familiar with that case?
Mr. Tanciar. Yes, sir.
Mr. Higgins. OK. Let us dig into that a little bit now
because obviously it was a criminal action and outside the
parameters of any kind of contractual agreement. We, all
Americans, are familiar with data theft and that sort of
behavior is something that we have all learned to be quite
cognizant of and we take some extreme measures to protect our
data.
So, let us talk about the database itself. Maybe you can
help clarify that for the committee. Explain to America how
images are collected, whether or not the collection is
voluntary. The database which is used for comparisons as
travelers come through the system and are part of the facial
recognition technology assessment of who they are, exactly
where does the database come from?
Mr. Tanciar. Certainly, Mr. Higgins. For the system as a
whole and the area where the data breach occurred was a very
one-off pilot of equipment in Anzalduas, Texas, where somebody
actually had to insert a USB drive, who had access, submitted
work tickets, all contrary to their training and contractual
obligations. So that incident----
Mr. Higgins. It was a criminal act, right?
Mr. Tanciar. In my view, it is a criminal act.
Mr. Higgins. Right. I am sure it was investigated. But the
database itself for all facial recognition technology----
Mr. Tanciar. Yes, sir.
Mr. Higgins [continuing]. Explain to America how we collect
those images, those photographs, and whether or not that is
voluntary.
Mr. Tanciar. So, everybody who travels internationally,
whether it be a U.S. citizen, a person visiting the United
States, you have to either have a passport in which you submit
a photograph to the U.S. State Department for or you apply for
a visa, which you also submit that to the State Department.
That information is available to U.S. CBP.
When flights are coming or leaving the United States, there
is manifest data that is transmitted by the airline that
permits CBP to match that manifest data to the travel document
information on there.
Mr. Higgins. OK. So, using the same--I just wanted to
clarify for the citizenry that we serve, we are talking about a
technology for facial recognition that compares the image of
the traveler with the already available and willingly provided
a photographic image of that person that they are stating that
this is me.
Mr. Tanciar. That is correct.
Mr. Higgins. It is, OK. So, what happens if a traveler is
falsely identified? They are in the line, they are falsely
identified, or if there is a failure to identify, what exactly
happens to that person?
Mr. Tanciar. So, if you are departing the United States and
a No Match is returned, the regular process ensues. So, the
gate agent will verify your passport or travel document.
Mr. Higgins. They will ask them to step out of the line and
show their passport?
Mr. Tanciar. Yes. Normally, that doesn't happen where they
step out of line. It happens pretty quickly. If there is a
Failed/No Match at least my observation is that they look at
the passport, they scan the boarding card, and on to the plane
they go.
Mr. Higgins. That is it?
Mr. Tanciar. That is it for biometric exit.
Mr. Higgins. Well, can you think of any reason why there
would be objections to full deployment of this technology as it
currently exists, recognizing the fact that it has come a long
way in the last decade and certainly it is advancing as we
speak? I mean, there is an image that has been presented to the
citizens that we serve that this is some sort of a nefarious
technology and there is Big Brother watching you. But really it
is using photograph images that travelers willingly have
provided. They are available on their passport, a visa,
driver's license. We already have that information. It just
speeds up the traveler's passage through a security checkpoint.
If for some reason their image is not recognized or they are
flagged with a false identity, they are pulled out of the line,
and they go through the normal check with a human being. Is
that correct?
Mr. Tanciar. Yes, sir, that is correct.
Mr. Higgins. Madam Chair, I am encouraged that we are
having this hearing. I think we are moving toward some common
ground here, which is far too uncommon in this body. So, thank
you for holding the hearing and I thank our witnesses.
Chairwoman Barragan. Oh, well, thank you, Ranking Member.
The Chair will now recognize other Members for questions they
may wish to ask the witnesses. As previously outlined, I will
recognize Members in order of seniority, alternating between
Majority and Minority. Members are reminded to unmute
themselves when recognized for questions.
The Chair now recognizes for 5 minutes the gentlewoman from
New York, Ms. Clarke.
Ms. Clarke. I thank you, Madam Chair, and I thank our
Ranking Member and I thank the very distinguished panelists
this afternoon for sharing your expertise with us.
Congress directed the consumer--excuse me, the--I am sorry,
the Consumer Border Protection Agency to collect biometrics
from non-U.S. citizens as part of the Entry-Exit Program.
However, Congress did not specify which biometric the agency
should use. I am sorry, directed the Customs and Border
Protection Agency, I had a mistake there. Congress did not
specify which biometric the agency should use. In terms of
privacy and risk of surveillance facial recognition is one of
the most problematic biometrics to implement.
Mr. Scott, if facial recognition algorithms are only highly
accurate under ideal conditions, should CBP continue investing
in facial recognition technology from biometric entry and exit?
Mr. Scott. Obviously, you know, how accurate the algorithms
work need to be tested on an on-going basis. If they are not
accurate, it is one reason not to use it, but it is not the
only reason because ones will get better. Right? But they can--
you know, our larger concern is the implementation of a facial
recognition system in the first place, you know, the Government
using photos that U.S. citizens gave to get a passport. That is
why I gave my photo over to get a passport, to have control
over my identification. With facial recognition the Government
is taking control over identification. It becomes a universal
ID that is part of the pier where the Government now controls
the ability to identify you when they want, with your consent,
without your consent, with your knowledge, or without your
knowledge. That is kind-of a larger concern, particularly when
there are no kind-of overarching regulations in place to
prevent the expansion of this program.
Ms. Clarke. Are there other biometric systems that can be
adopted instead of facial recognition that ensure travelers'
privacy is protected and are more accurate and secure? Mr.
Scott.
Mr. Scott. Well, the CBP has tested other ones:
Fingerprint, iris. You know, a fingerprint is a pretty accurate
technology. It has been around for a long time.
My understanding from the documents I have read, through
the Freedom of Information Act documents EPIC has received, the
stuff posted by CBP, my meetings with CBP that they went with
facial recognition in large part because it was easy. The fact
that it was easy is actually one of the concerns here for the
potential expansion of the program because it is easy to
expand. It is easy to take a facial recognition system and then
use it for other purposes beyond the initial purpose for the
implementation of the program in the first place. It can be
connected to other sources of data, other photos in a very easy
manner. Without, you know, again, proper regulations in place,
it is just bound to expand. That is why EPIC has recommended
not using facial recognition. If facial recognition is going to
be used, to use a one-on-one system instead of a one-to-many.
Ms. Clarke. OK. Many U.S. citizens confronted with CBP's
FRT biometric entry-exit system at Customs may not be aware
that they have the right to opt out, especially if there isn't
sufficient or visible signage at key points throughout the
exit-entry process to alert them of this right. Additionally,
some travelers may be concerned or even afraid of what will
happen if they opt out.
So, my next question is for Ms. Gambler. Along with
complying with GAO's recommendation for pre-signage, what else
can Congress and CBP do to ensure traveling U.S. citizens are
not only clearly aware of their right to opt out of FRT, but
also fully understand what the process is after and there will
not be a any repercussions if they are to opt out?
Ms. Gambler. Yes. Thank you for the question,
Congresswoman. Your question really speaks to one of the key
findings from our report, which is that CBP needs to make sure
that the notices, whether that is signs or through other
mechanisms that CBP uses to inform the public about the
Biometric Entry-Exit Program and use of facial recognition
technology, that all of those mechanisms for notifying the
public provide clear, complete, accurate information about the
ability of eligible travelers to opt out of the facial
recognition technology. That should include information about
alternative screening that individuals, that travelers could go
through. Also, to be clear that there aren't any consequences
from opting out of the use of facial recognition technology.
So, those things, making sure that that information is
complete across all of CBP's different notice mechanisms and
that it is available particularly where facial recognition
technology is being used, those things are important.
Ms. Clarke. Thank you. I yield back. I have overrun my
time. Good to see you, Ms. Turner. To everyone else, have a
pleasant day. I yield back, Madam Chair.
Chairwoman Barragan. Great. Thank you to the Representative
from New York. I now recognize the gentlewoman from Texas, Ms.
Flores. You are recognized for 5 minutes.
Ms. Flores. Thank you, Madam Chair and Ranking Member
Higgins, for holding this hearing today. Thank you to all the
witnesses for being here today as well.
I firmly believe that the facial recognition technology has
the potential to play a vital role in our country's National
security going forward, specifically combating cartels,
terrorists, drug smugglers, and child sex traffickers. That
being said, as Congress we need to ensure that the appropriate
guardrails are in place concerning the use of this technology
and that the data collected with it, to make sure we are
balancing legitimate public safety concerns with the
individual's privacy and liberty.
The question is for Ms. Gambler. Could you please elaborate
on how law enforcement officers and agencies are able to
utilize biometrics and facial recognition technology to
specifically counter cartels, terrorists, drug smugglers, and
child sex traffickers?
Ms. Gambler. Yes. Thank you for the question,
Congresswoman. That has not been specifically part of the work
that GAO has done, looking at the CBP's use of facial
recognition technology for the Biometric Entry-Exit Program.
But what I can say is as it relates to CBP's use of facial
recognition technology within the Biometric Entry-Exit Program
CBP has identified benefits to its use. It helps automate the
traveler identification verification process. It can help
expedite that process. It also helps CBP to detect potential
use of fraudulent travel documents, for example. So, within
that environment of the Biometric Entry-Exit Program, CBP does
identify benefits from the use of facial recognition
technology.
Ms. Flores. Another question, could you specifically give
me statistics on the number of times that the biometrics and
facial recognition technology has successfully stopped
instances of human trafficking?
Ms. Gambler. I don't know if that specific data is
available, Congresswoman, but we would be happy to follow up on
what data CBP may have on its efforts and provide you a
response back after the hearing.
Ms. Flores. I would love that. Thank you so much. Thank
you, Madam. I yield my time.
Chairwoman Barragan. Well, thank you. I am going to go
ahead and go for a second round for anybody who wants to ask
any questions.
Mr. Tanciar, I am curious if you have any information or
data, do you know how often the system, whether it is at the
land port of entry or seaports or airports, how often a person
is identified as like a possible person of a cartel? Like do we
know if it is like 5 percent or 10 percent or less than 1
percent? Is there any data we--somewhere we can look for that
data?
Mr. Tanciar. Unfortunately, I don't have that data.
Chairwoman Barragan. Yes.
Mr. Tanciar. I am not aware of where that data exists. The
system has been used to match people to their identity
documents. While there certainly have been identifications of
nefarious and bad actors, there is a culmination of data that
goes into that identification, not just face recognition.
Chairwoman Barragan. Right. I am just curious, like if I
am, you know, a bad actor, am I going to go through the
biometrics or, you know, find another way to avoid it? So I was
just curious on how often it might come up, and that may be
something I will just kind-of follow up and see where we may be
able to get that data.
My next question, Dr. Turner Lee, since many of the facial
recognition technologies are procured by Federal agencies, how
do we make the private sector more accountable to developing
more inclusive and representative technologies?
Ms. Turner Lee. Chairwoman, that is a great question and
thank you for the opportunity to answer. I think what is most
important here despite the fact that we are seeing a high
technical success rate with the software in question, that we
have to ensure that the private sector, who ultimately is where
we are procuring not only the faces, but some of the
technologies that run the backhaul of these systems, that they
have a couple of principles in mind.
In addition to privacy and security, they should also have
diversity and equity on their team. They should be regularly
committed doing types of third-party audits, civil rights
audits, audits for disparate treatment or impact of their
product. Working alongside the agency, there should be a common
goal of ensuring that there is no technical breakdown and
sociological implication of its use.
The only thing that I would really share in this comment to
you, Chairwoman, is that we are again presumptuous to think
that just because the technology is able to process travelers
at its full capacity, we have not seen to this date any
technology that has not had its share of complications. When we
pull back from interrogating those technologies is when we
actually receive the worst of its outcomes on innocent people.
So I do think the private sector, in partnership with CBP,
has a responsibility to share and demonstrate the type of
transparency, accountability, as well as security, diversity,
and equity in their own business practices and models.
Chairwoman Barragan. Thank you. Mr. Scott, how can we raise
awareness among travelers about the potential trade-offs of
their rights and the conveniences associated with expediting
identification and verification process for travelers?
Mr. Scott. Well, one, as mentioned before, the signage
needs to be more visible. A lot of times people don't see the
signs about the use of facial recognition or the potential to
opt out if you are a U.S. citizen. But they also need to know
actually before, before going to the port, before going to the
airport or any other port of entry.
It is hard to really process and think about the
consequences of submitting to facial recognition when you are
actually at the airport traveling. It is a high-stress
situation. You usually just want to kind-of get from point A to
point B and get through security lines, et cetera, so people
need to understand prior to that. So, there needs to be an
information campaign to inform people prior to them traveling,
so they understand more about the use of facial recognition.
But also, you know, with the lack of regulations right now,
you know, it is arguably impossible for people to actually
understand the complete possible consequences of submitting to
facial recognition because it is impossible to think about.
What type of mission creep will happen in terms of what will
this information be used for down the road? How will facial
recognition be implemented in the future? Will it become a
universal identification controlled by the government, further
creating that asymmetry of power between the individual and the
Government?
Chairwoman Barragan. Thank you. Dr. Turner Lee, do you have
anything you want to add to that?
Ms. Turner Lee. Yes, I completely agree. I mean, not only
do we have to have signage available before people go to the
airport, we have to be culturally sensitive. This goes back,
again, to having some level of lived experiences of the
populations that are being surveilled by this technology.
Signage needs to be in Spanish, in multiple languages; be
accessible to people with disabilities. I think we are, again,
assuming that most people understand how the technology is
being used in light of the trade-off of convenience. I think
that is a very core assumption for us as Federal stewards to
ensure that we are not in some way, either now or in the
future, intruding upon people's civil and human rights.
Chairwoman Barragan. Well, thank you. I do think it is an
interesting conversation because, in my mind, the Government
already has my California driver's license photo, it has my
passport photo. Yet, as a traveler, I am looking for
convenience and speed and how quickly can I go. So I think that
there has to be that conversation of the trade-offs.
I just do wonder, too, how much longer you would go through
security if you decided to opt out versus, you know, just doing
the biometrics?
So a lot more discuss, but, Representative Higgins, the
floor is yours for your second round.
Mr. Higgins. Thank you, Madam Chair. Mr. Tanciar, I am
going to ask you about exactly what happens when you encounter
an imposter. Referencing what the other gentleman described as
not having control, his ID, and, you know, you have your
passport he stated, and I have control of my ID, but in the
facial recognition technology the Government has control of
your ID. Again, it paints quite a nefarious picture.
But may I say, I was a police officer for a long time
before I came to Congress. It was an everyday affair that you
had interaction with someone that did not have their driver's
license with them to identify themselves. It was not an
uncommon encounter that that person had something to hide,
usually they had a warrant. They would lie about their
identity. They would give you a name and date of birth, usually
of a friend or a family member that they knew was clean and did
not have warrant, and they could be quite convincing. Quite
convincing.
But if you had some time on the street you could pick up
the vibes that they were lying and you would call it in to
dispatch. Send me a picture. They would send it to your phone
of the--you would run a driver's license by name and ID, which
you can do, and dispatch would send an image of that driver's
license to my phone. So, now I had the picture of the guy he
said he was. I would show it to him and say that is not you,
man. Why don't you tell me who you really are and what your
warrant is for? And we would move forward.
So, to think, to State, to insinuate that law enforcement
doesn't have your image in the computer is just not reality.
So, what happens when you encounter--say you encounter 1,500
imposters. The facial recognition technology is pretty good at
picking up someone that is attempting to use someone else's
identity. What happens exactly if you encounter an imposter?
Mr. Tanciar. Well, it is a multi-layered effort. The first
instances of the photo being taken and a no-match being
returned, we will then go to a one-to-one against the document.
Then if one-to-one against the document doesn't return
anything----
Mr. Higgins. Again, it is a document that the traveler has
in his possession?
Mr. Tanciar. Has in their hand. That is correct, has in
their hand, which could--might not be theirs.
Mr. Higgins. Right.
Mr. Tanciar. It is a document that they have obtained
because they felt they looked enough like a person on the
document and they were trying to pass that off for entry. You
know, CBP officers would work long, hard hours and have a very
important task. Sometimes people are good at that, looking like
what is on the document. But the facial recognition technology
helps identify that up front, but that doesn't make the
decision.
Then there is a whole process of interviewing. Where did
you get the document? How did you obtain the document? What
street did you grow up on? There is lots of factors.
Mr. Higgins. That is an interesting point because the
streamlined checkpoint that facial recognition technology
provides, does it allow the agents to spend more time in the
interview process if they have someone that needs to be
questioned?
Mr. Tanciar. Yes, it does. Those administrative processes
of handling the documents and looking at a one-by-one square to
the person standing in front of you is automated. That gives
me, the officer, more time to ask the questions that are
important about the purpose and intent of the travel.
Mr. Higgins. OK. Madam Chair, I very much appreciate you
holding this hearing today. I thank your witnesses for
appearing.
I thank Ms. Gambler. I have another question I would like
to submit to you, ma'am, it is a little more extensive, in
writing after the hearing. My office will deliver that, if that
is OK. I very much appreciate your attendance.
Ms. Gambler. We look forward to the question and happy to
provide a response.
Mr. Higgins. Yes, ma'am. Thank you, Madam Chair. I yield.
Chairwoman Barragan. Thank you. I want to thank the
witnesses for their valuable testimony and the Members for
their questions. The Members of the subcommittee may have
additional questions for the witnesses and we ask that you
respond expeditiously in writing. Without objection, the
committee record shall be kept open for 10 days.
Hearing no further business, this subcommittee stands
adjourned.
[Whereupon, at 3:02 p.m., the subcommittee was adjourned.]
[all]