Privacy advocates concerned about use of biometric information for airport security screening
While the use of facial recognition software and fingerprint readers helps travelers move through airports quicker, privacy advocates are expressing concerns about the security of this biometric data and its potential uses, according to a report by Skift.
At select airports in the U.S., passengers on some outbound international flights are being asked to have a photo taken before boarding the plane that is compared against a database of images of people who are supposed to be on the flight. If the facial recognition software finds a match, the person proceeds to board. If it doesn’t, the traveler gets additional screening from a security officer.
Michael Hardin, deputy director of CBP’s Entry/Exit Transformation Office, revealed last week at the AFCEA Federal Identity Forum that the agency is working to fully implement its facial recognition-based biometric exit program at 20 airports across the country by February 2018.
CBP’s privacy assessment states that all photos captured of travelers as they board international flights at airports participating in the pilot program will be kept for no longer than 14 days to improve the matching algorithm, then deleted.
“The way the program is described now doesn’t sound too offensive,” said Michelle Richardson, deputy director of the Freedom, Security, and Technology Project at the Center for Democracy & Technology in Washington, D.C. “But it’s very unlikely that it’s going to stay in this form going forward. For example, as it spreads to other airports, and the collection gets bigger, are you going to see other agencies asking for that information?”
Although travelers may have the choice to opt out in some cases, CBP recommends in in the privacy assessment that the “only way for an individual to ensure he or she is not subject to collection of biometric information when traveling internationally is to refrain from traveling.”
As a result, business travelers may have to make the choice between disclosing biometric information (such as fingerprints, facial features, and iris scans) and refraining from going on a trip required for their jobs.
If those travelers declining to submit biometric data are forced to wait in long, understaffed screening lines in the not-so-distant future, it would mean that the CBP isn’t actually giving people a choice, said Adam Schwartz, senior staff attorney with nonprofit digital privacy organization Electronic Frontier Foundation.
“If one line is whizzed through with facial recognition and the other line has to stand there for two hours to get to one employee, that would not be full consent,” Schwartz said. “Travelers thinking about giving up biometrics for faster access to the plane ought to consider the long-term privacy consequences and what companies are going to do with the data.”
The top concerns frequent passengers have is that U.S. airlines could potentially sell passenger biometric information from facial recognition databases or that their databases could be hacked.
Mike McCormick, executive director and chief operating officer of the Global Business Travel Association downplayed these concerns for frequent travelers.
“We generally are in favor of using biometrics,” McCormick said. “Everything we’ve seen and heard so far has been positive. For business travelers, you really aren’t giving up any information that your company doesn’t already know about you and isn’t readily available.”
He added that it is crucial for companies to regularly update their employees on any changes to airport security, as well as listen to concerns and offer opportunities for feedback.
“You hope the government systems are in place to protect that data, because you don’t want that falling into the wrong hands,” said Greeley Koch, executive director of the Association of Corporate Travel Executives. “From the standpoint of the business traveler, we’re looking for anything that makes it easier and faster to get through the horrendous airport experience. As we go toward other methods, the safety and security of this biometric data has to be paramount.”
Last month, U.S. Customs and Border Protection and the Department of Homeland Security officials met with representatives from various privacy groups to discuss CBP’s biometric exit program, in the first of multiple engagements planned with the privacy rights community.