The FBI's Facial Recognition Program
Earlier this week, the FBI announced the completion of its "next generation" facial recognition program. The system, now "fully operational" will house more than 52 million faces, which (assuming no duplication) is roughly 1 in 6 Americans. The system is said to be only moderately effective -- it will typically
Published by The Lawfare Institute
in Cooperation With
Earlier this week, the FBI announced the completion of its "next generation" facial recognition program. The system, now "fully operational" will house more than 52 million faces, which (assuming no duplication) is roughly 1 in 6 Americans. The system is said to be only moderately effective -- it will typically return 50 possible matches for an inquiry and operates to the level that there is an 85% chance that the correct identity will be on the list. Still, that seems a vast improvement from the broader sea of identity matching problems.
Still, the new program raises a number of interesting legal and policy questions. Here are just a few:
- Is it Constitutional? Almost certainly under current doctrine, I think. The Court has approached the issue of limits on large scale data collection but has, so far, declined to revise its Fourth Amendment doctrine. The recent cell phone case, Riley v. California, may hold out some hope for challenges, but in general since the photos are collected from public sources the Court is likely to deem the collection of photos as not of Constitutional significance. Indeed, to the extent that the data base is limited to mug shots of arrestees, it seems likely that the collection would be presumptively Constitutional, much as DNA collection was approved in Maryland v. King.
- Are there any Federal statutes that limit facial recognition technology? None that I am aware of [anyone know of any?]. Indeed, "since 1921, a series of Federal statutes have granted the Attorney General broad authority to collect and preserve general identification records, criminal identification records, and other records, and to exchange these records and information with, and for the official use of, authorized officials of the Federal Government, including the United States Sentencing Commission, the States, cities, and penal and other institutions. Current statutory authority is primarily codified at 28 U.S.C. § 534."
- Are there privacy or civil liberties risks? Probably.
-
The FBI says that it will only use the system to match photos to mug shots. But little is known about the predication for the matching. According to the FBI, the new system "will provide an increased ability to locate potentially related photos (and other records associated with the photos) that might not otherwise be discovered as quickly or efficiently, or might never be discovered at all. However, this additional privacy impact is outweighed by the advantages of being able to better locate responsive information--within information already lawfully acquired by the FBI--permitting better personal identifications and more complete and timely investigative analysis, including more effective and efficient identification of perpetrators and generation of leads to potential suspects."
-
The greater danger, it seems, lies in the potential for additional integration of this new database with other data sources (both biometric and non-biometric). Thus, the privacy challenge seems more to lie in the differential increase in capability combined with the threat of misuse, rather than in any direct injury to civil liberties.
Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Advisor to The Chertoff Group. Mr. Rosenzweig formerly served as Deputy Assistant Secretary for Policy in the Department of Homeland Security. He is a Professorial Lecturer in Law at George Washington University, a Senior Fellow in the Tech, Law & Security program at American University, and a Board Member of the Journal of National Security Law and Policy.