One of the big developments related to biometrics in the United States in the last month is a call by senators “calling on TSA to immediately halt its deployment of facial recognition technology.”
My understanding of what is going on is facial matching between a presented document with a photo on it (passport or drivers license/stateID) and the person present. This is a similar kind of matching that happens when I cross the US boarder with my green card – they have my green card picture on file and then they point a camera at me and see if I match the picture on my card. 1:1 matching.
There are a lot of questions the Senators ask you can see the full letter here.
1. Please provide data on the accuracy and volume of TSA’s facial recognition technology program from 2020 to 2022 broken down by race, ethnicity, and gender that includes:
- the rate of false positives and negatives produced;
- the total number of travelers who had their face scanned by TSA;
- the total number of travelers who opted out;
- the total number of cases where TSA stored its facial scans, instead of immediately deleting.
2. How are travelers notified of their right to opt-out of facial recognition? What are the effects on a traveler who chooses to opt-out of facial recognition?
3. Under TSA’s current system, do travelers who choose to opt-out face any additional consequences or additional screenings, pat-downs, interrogations, or even detention, beyond what they would have encountered at a non-facial recognition airport?
4. What training measures does TSA currently mandate for staff to regarding travelers who choose to opt-out of facial recognition technology?
5. Has TSA ever shared biometric data with other government agencies? If so, which agencies and for what purposes?
6. What measures is TSA taking to protect biometric data from cyberattacks or any other form of unauthorized distribution or release? How does TSA ensure the security of Americans’ data that third-parties have access to? Is TSA aware of any breaches of travelers’ biometric data collected at US airports? If so, please detail all such breaches.
This has prompted some responses from the biometrics industry with a post by the International Biometrics and Identity Association (IBIA) and the Security Industry Alliance (SIA). Both push saying that there are significant mis-understandings about the technology and how it works.
There is also video interview with Robert Tappan the Executive Director of IBIA on the Identity Week site. The interview is about 10 min and covers these topics:
- Why do you think the terms “surveillance” and “identity verification” have been conflated? What are the perceptions of facial biometrics? True or not?
- Is there evidence at all to suggest face verification technology is being used in the wrong way to invade privacy?
- Talking to some vendors, some say there are some inherent biases in the level of technology that are being mitigated. Do you disagree that bias in biometrics now exists?
- What are the differences between surveillance and verification that you suggested in your comments?
- How do these claims/ beliefs affect trust?
- Describe the level of progress in America with biometric deployments and are some unfounded beliefs that biometrics are ‘threatening our democracy’ derailing progress?
It is these deep disconnect between how the technology works in the real world, what it does and the public and legislator’s concern about it that the Thoughtful Biometrics Workshop was created for. My hope is we can dig and explore the nuances. I hope you will join us on March 16th.