Facial recognition software is making it hard to remain anonymous anymore. Getting tagged in Facebook photos is now commonplace, and algorithms can sift through publicly available pictures and accurately identify individuals. Indeed, many police departments are tapping the potential of social media to track and catch suspected criminals.
Not surprisingly, the FBI is investing heavily in a massive biometric database, which it calls the Next Generation Identification System (NGIS).
The FBI system includes photos, fingerprints and a wealth of physical data collected by government agencies. This digital treasure trove of vital statistics includes information gathered when individuals interact with governmental bureaucracies during lawful proceedings such as passport registration, judicial appearances, visa applications and the like.
The FBI insists that its state-of-the-art database is necessary to catch criminals, track gang activity and protect national security. Critics are concerned that the FBI’s technology could morph into a Big Brother type of surveillance system. Fueling suspicion is the fact that the agency is very secretive about its program and wants to keep it exempt from the requirements of the Privacy Act, the 1974 law that regulates what the federal government can and cannot do with information about citizens. In particular, federal officials do not want to disclose who is in the database or why they are in there.
Presently, there are between 50 million and 70 million people in the FBI’s registry. The information the agency has includes iris scans, voice recordings and gait measures, as well as records of scars, tattoos and other distinguishing characteristics.
In the past, law enforcement routinely collected identifying information — fingerprints, DNA and mugshots — following an arrest or as part of a voluntary disclosure. Now, however, agencies such as the FBI can acquire facial scans, voice snippets and even retinal scans without individuals being aware that information about them is being collected and stored.
The existence of the database, which raises many constitutional and privacy issues, deeply concerns civil libertarians. Jennifer Lynch, an attorney at the Electronic Frontier Foundation, notes that “anyone walking around could be potentially entered.”
Data from private security cameras and cell phones can surreptitiously record anyone at anytime and anywhere. There’s always the prospect that this type of technology could be used to create a sci-fi omni-surveillance state, a society where everyone is under the watchful eye of the authorities at all times.
Many cybersecurity experts worry about another possible threat — the integrity of the database itself. Retinal scans, voice recognition and palm prints have emerged as a secure way of authenticating employees, consumers and digital end users. If hackers breach the FBI’s system, it could expose millions of individuals to a whole new level of identity theft.
Another concern is the potential for an unholy alliance between the government and corporate forms of control. For example, many companies — especially those whose employees work with children, the elderly or hospital patients — require workers to undergo an extensive criminal background check, which can include fingerprinting by law enforcement.
Once an applicant has been cleared for a job, the FBI is supposed to expunge the fingerprints it collects during the vetting process or return them to the employer. However, given the FBI’s goal of amassing the most extensive database possible, it has a clear incentive to maintain any information it gathers.
Not surprisingly, as part of a “Rap-Back” program, the FBI offers to store background check information it collects on behalf of participating companies, organizations or government agencies. As part of this arrangement, the FBI has agreed to notify employers if their workers have any future run-ins with the law. As the Bureau describes it, “The Rap-Back Service will provide authorized users the capability to receive notification of criminal and, in limited cases, civil activity of enrolled individuals that occurs after the initial processing and retention of criminal or civil fingerprint transactions.”
The power and potential of the FBI’s massive biometric database already has been demonstrated. In April 2016, the agency used it to help apprehend Lynn Cozart, a convicted child molester who had been a fugitive for nearly 20 years, when a picture in the database matched a more recent state license photo. Cozart had stolen another man’s identity, but he couldn’t elude the FBI’s facial recognition technology.
Watching the watchers
Undoubtedly, we are entering a new era where technology, civil liberties and law enforcement are bumping up against one another. The same databases used to catch criminals can also be used in ways that impinge on the freedoms and privacy of ordinary citizens. Nabbing a child predator is a good thing, but there will be “false positives” and cases of mistaken identity, too. Consider the many individuals now being exonerated by DNA evidence after decades in prison.
There has always been tension between liberty and security. But perhaps the most concerning aspect of the FBI’s program is the agency’s insistence that it should remain exempt from the Privacy Act. The FBI argues that sharing information about its tools or methods would tip off criminals or hurt national security. However, history suggests that the watchers need watching, too.
— Scott O’Reilly